Lucene search

Basic search
Lucene search
Search by product

Vendors

Products

Gentoo FoundationGLSA-201903-15

HistoryMar 19, 2019 - 12:00 a.m.

NTP: Multiple vulnerabilities

2019-03-1900:00:00

Gentoo Foundation

security.gentoo.org

159

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.03 Low

EPSS

Percentile

90.7%

JSON

Background

NTP contains software for the Network Time Protocol.

Description

Multiple vulnerabilities have been discovered in NTP. Please review the CVE identifiers referenced below for details.

Impact

An attacker could cause a Denial of Service condition, escalate privileges, or remotely execute arbitrary code.

Workaround

There is no known workaround at this time.

Resolution

All NTP users should upgrade to the latest version:

 # emerge --sync
 # emerge --ask --oneshot --verbose "&gt;=net-misc/ntp-4.2.8_p13"

OSVersionArchitecturePackageVersionFilename
Gentooanyallnet-misc/ntp< 4.2.8_p13UNKNOWN

OS	Version	Architecture	Package	Version	Filename
Gentoo	any	all	net-misc/ntp	< 4.2.8_p13	UNKNOWN

nessus 68

fedora 5

openvas 41

redhat 4

packetstorm 1

exploitpack 1

prion 2

mageia 2

ubuntu 4

ibm 4

suse 4

freebsd 1

f5 2

slackware 2

freebsd_advisory 1

veracode 2

aix 2

debiancve 2

cve 2

amazon 3

githubexploit 1

redhatcve 2

osv 3

centos 2

zdt 1

archlinux 1

ubuntucve 2

exploitdb 1

photon 6

checkpoint_advisories 1

oraclelinux 2

rosalinux 1

nessus

GLSA-201903-15 : NTP: Multiple vulnerabilities

2019-03-19 00:00:00

Scientific Linux Security Update : ntp on SL6.x i386/x86_64 (20181220)

2018-12-27 00:00:00

EulerOS 2.0 SP2 : ntp (EulerOS-SA-2019-1053)

2019-02-22 00:00:00

fedora

[SECURITY] Fedora 28 Update: ntp-4.2.8p13-1.fc28

2019-04-07 01:47:38

[SECURITY] Fedora 29 Update: ntp-4.2.8p13-1.fc29

2019-04-07 04:19:56

[SECURITY] Fedora 30 Update: ntp-4.2.8p13-1.fc30

2019-04-07 00:01:35

openvas

Fedora Update for ntp FEDORA-2019-694e3aa4e8

2019-04-07 00:00:00

Huawei EulerOS: Security Advisory for ntp (EulerOS-SA-2019-1037)

2020-01-23 00:00:00

NTP < 4.2.8p13 NULL Pointer Dereference Vulnerability

2021-06-21 00:00:00

redhat

(RHSA-2018:3853) Low: ntp security update

2018-12-19 16:24:08

(RHSA-2020:1470) Low: ntp security update

2020-04-14 14:34:34

(RHSA-2019:2077) Low: ntp security, bug fix, and enhancement update

2019-08-06 07:58:19

packetstorm

ntp 4.2.8p11 Local Buffer Overflow

2018-06-21 00:00:00

exploitpack

ntp 4.2.8p11 - Local Buffer Overflow (PoC)

2018-06-20 00:00:00

prion

Stack overflow

2018-06-20 14:29:00

Null pointer dereference

2019-05-15 16:29:00

mageia

Updated ntp packages fix security vulnerability

2018-09-13 23:38:07

Updated ntp packages fix security vulnerability

2019-04-11 00:25:19

ubuntu

NTP vulnerability

2021-03-15 00:00:00

NTP vulnerability

2020-01-09 00:00:00

NTP vulnerability

2020-10-01 00:00:00

ibm

Security Bulletin: Vulnerability in NTP affects AIX (CVE-2019-8936)

2020-07-14 15:34:05

Security Bulletin: IBM Flex System Chassis Management Module (CMM) is affected by vulnerability in NTP (CVE-2018-12327)

2023-12-07 22:45:02

Security Bulletin: Vulnerabilities in NTPv4 affect AIX (CVE-2018-12327, CVE-2018-7170)

2018-12-14 18:25:01

suse

Security update for ntp (moderate)

2019-04-05 00:00:00

Security update for ntp (moderate)

2019-04-05 00:00:00

Security update for ntp (moderate)

2018-10-25 18:10:27

freebsd

ntp -- Crafted null dereference attack from a trusted source with an authenticated mode 6 packet

2019-01-15 00:00:00

K61363039 : NTP vulnerability CVE-2019-8936

2019-05-31 00:00:00

K42332834 : NTP vulnerability CVE-2018-12327

2018-09-28 00:00:00

slackware

[slackware-security] ntp

2019-03-08 19:15:33

[slackware-security] ntp

2018-08-17 17:43:28

freebsd_advisory

FreeBSD-SA-19:04.ntp

2019-05-14 00:00:00

veracode

Denial Of Service (DoS)

2019-01-15 09:27:06

Denial Of Service (DoS)

2020-10-04 04:44:26

aix

There are vulnerabilities in NTPv4 that affect AIX.,Vulnerabilities in NTP affect AIX,Vulnerabilities in NTP affect VIOS

2019-08-19 16:44:22

There are vulnerabilities in NTPv4 that affect AIX.

2018-12-14 12:20:13

debiancve

CVE-2019-8936

2019-05-15 16:29:00

CVE-2018-12327

2018-06-20 14:29:00

cve

CVE-2019-8936

2019-05-15 16:29:00

CVE-2018-12327

2018-06-20 14:29:00

amazon

Medium: ntp

2019-05-16 22:30:00

Low: ntp

2019-11-19 17:52:00

Low: ntp

2018-09-19 17:19:00

githubexploit

Exploit for NULL Pointer Dereference in Netapp Clustered Data Ontap

2020-04-26 11:07:19

redhatcve

CVE-2019-8936

2019-03-07 20:19:47

CVE-2018-12327

2019-10-10 05:39:28

osv

ntp vulnerability

2021-03-15 22:24:29

ntp vulnerability

2021-04-20 13:38:45

ntp vulnerability

2020-10-01 21:04:43

centos

ntp, ntpdate, sntp security update

2019-08-30 03:44:39

ntp, ntpdate security update

2018-12-19 23:46:54

zdt

ntp 4.2.8p11 - Local Buffer Overflow (PoC) Vulnerability

2018-06-20 00:00:00

archlinux

[ASA-201810-2] ntp: arbitrary code execution

2018-10-01 00:00:00

ubuntucve

CVE-2018-12327

2018-06-20 00:00:00

CVE-2019-8936

2019-05-15 00:00:00

exploitdb

ntp 4.2.8p11 - Local Buffer Overflow (PoC)

2018-06-20 00:00:00

photon

Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2018-1.0-0180

2018-08-28 00:00:00

Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2018-2.0-0088

2018-08-28 00:00:00

Critical Photon OS Security Update - PHSA-2018-0088

2018-08-28 00:00:00

checkpoint_advisories

NTPsec ntpd write_variables Denial of Service (CVE-2019-6445; CVE-2019-8936)

2019-02-24 00:00:00

oraclelinux

ntp security, bug fix, and enhancement update

2019-08-13 00:00:00

ntp security update

2018-12-19 00:00:00

rosalinux

Advisory ROSA-SA-2021-1932

2021-07-02 17:35:16

Products

Security Intelligence
Non-intrusive assessment
Developers SDK
Windows scanner
Linux scanner
Perimeter control tool
MSSP

Database

Vulnerabilities
Exploits
IOC
Security News
BugBounty
Popular
Wild Exploited
Top Vulnerabilities

Tools

Linux Security Scanner
API integration
Subscriptions
Plugins
Manual Audit

Learn More

Stats
API
Docs
Api-keys
License
Pricing
Glossary
FAQ

Company

Blog
Contacts
About Us
OpenSource
EULA
Brand Guideline
Privacy Policy

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply. All product names, logos, and brands are property of their respective owners. All company, product and service names used in this website are for identification purposes only. Use of these names, logos, and brands does not imply endorsement.If you are an owner of some content and want it to be removed, please contact us. Using Vulners services you are accepting Vulners services end-user license agreement

@2024 Vulners Inc

9.8 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

HIGH

Integrity Impact

HIGH

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

7.5 High

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.03 Low

EPSS

Percentile

90.7%

JSON

Related for GLSA-201903-15