Advisory ROSA-SA-2021-1932

Software: ntp 4.2.6p5
OS: Cobalt 7.9

CVE-ID: CVE-2015-5146
CVE-Crit: MEDIUM
CVE-DESC: ntpd in ntp before 4.2.8p3 with remote configuration enabled allows remote authenticated users with knowledge of the configuration password and access to a computer trusted to perform remote configuration to cause a denial of service (service failure) via a null byte in the generated configuration directive packet.
CVE-STATUS: default
CVE-REV: default

CVE-ID: CVE-2015-7975
CVE-Crit: MEDIUM
CVE-DESC: The nextvar function in NTP before 4.2.8p6 and 4.3.x before 4.3.90 incorrectly checks the length of its input, allowing an attacker to cause a denial of service (application failure).
CVE-STATUS: default
CVE-REV: default

CVE-ID: CVE-2015-7976
CVE-Crit: MEDIUM
CVE-DESC: The ntpq saveconfig command in NTP 4.1.2, 4.2.x through 4.2.8p6, 4.3, 4.3.25, 4.3.70, and 4.3.77 improperly filters special characters, allowing attackers to have undefined impact. via a crafted filename.
CVE-STATUS: default
CVE-REV: default

CVE-ID: CVE-2015-8139
CVE-Crit: MEDIUM
CVE-DESC: ntpq in NTP before 4.2.8p7 allows remote attackers to obtain source timestamps and then impersonate peer nodes via undefined vectors.
CVE-STATUS: default
CVE-REV: default

CVE-ID: CVE-2015-8140
CVE-Crit: MEDIUM
CVE-DESC: The ntpq protocol in NTP before version 4.2.8p7 allows remote attackers to conduct replay attacks by sniffing the network.
CVE-STATUS: Default
CVE-REV: Default

CVE-ID: CVE-2015-7973
CVE-Crit: MEDIUM
CVE-DESC: NTP before 4.2.8p6 and 4.3.x before 4.3.90, when configured in broadcast mode, allows “attacker-in-the-middle” attackers to conduct replay attacks by sniffing the network.
CVE-STATUS: default
CVE-REV: default

CVE-ID: CVE-2016-2516
CVE-Crit: MEDIUM
CVE-DESC: NTP before 4.2.8p7 and 4.3.x before 4.3.92, when mode7 is enabled, allows remote attackers to cause a denial of service (ntpd interrupt) by using the same IP address multiple times in an unsfig directive.
CVE-STATUS: default
CVE-REV: default

CVE-ID: CVE-2016-2517
CVE-Crit: MEDIUM
CVE-DESC: NTP before 4.2.8p7 and 4.3.x before 4.3.92 allows remote attackers to cause a denial of service (prevent subsequent authentication) by using control key or request information and sending a crafted packet to ntpd that changes the value of the trusted key, control key, or request key. NOTE: this vulnerability exists due to the CVE-2016-2516 regression.
CVE-STATUS: default
CVE-REV: default

CVE-ID: CVE-2016-2519
CVE-Crit: MEDIUM
CVE-DESC: ntpd in NTP before 4.2.8p7 and 4.3.x before 4.3.92 allows remote attackers to cause a denial of service (ntpd interrupt) on a large request data value, which triggers the ctl_getitem function to return a NULL value.
CVE-STATUS: default
CVE-REV: default

CVE-ID: CVE-2019-8936
CVE-Crit: HIGH
CVE-DESC: NTP via 4.2.8p12 has a NULL pointer dereference.
CVE-STATUS: Default
CVE-REV: Default

CVE-ID: CVE-2020-13817
CVE-Crit: HIGH
CVE-DESC: ntpd in ntp before 4.2.8p14 and 4.3.x before 4.3.100 allows remote attackers to cause a denial of service (daemon exit or system time change) by predicting transmission timestamps for use in spoofed packets. The victim must rely on unauthenticated IPv4 timestamp sources. There must be an attacker who can request time from the victim’s ntpd instance.
CVE-STATUS: default
CVE-REV: default