Lucene search

K

NTP Security Vulnerabilities

cve
cve

CVE-2014-5417

Cross-site scripting (XSS) vulnerability in Meinberg NTP Server firmware on LANTIME M-Series devices 6.15.019 and earlier allows remote attackers to inject arbitrary web script or HTML via unspecified...

6AI Score

0.003EPSS

2014-11-05 11:55 AM
23
cve
cve

CVE-2013-5211

The monlist feature in ntp_request.c in ntpd in NTP before 4.2.7p26 allows remote attackers to cause a denial of service (traffic amplification) via forged (1) REQ_MON_GETLIST or (2) REQ_MON_GETLIST_1 requests, as exploited in the wild in December...

5.7AI Score

0.967EPSS

2014-01-02 02:59 PM
300
cve
cve

CVE-2009-3563

ntp_request.c in ntpd in NTP before 4.2.4p8, and 4.2.5, allows remote attackers to cause a denial of service (CPU and bandwidth consumption) by using MODE_PRIVATE to send a spoofed (1) request or (2) response packet that triggers a continuous exchange of MODE_PRIVATE error responses between two...

6.8AI Score

0.965EPSS

2009-12-09 06:30 PM
106
cve
cve

CVE-2009-1252

Stack-based buffer overflow in the crypto_recv function in ntp_crypto.c in ntpd in NTP before 4.2.4p7 and 4.2.5 before 4.2.5p74, when OpenSSL and autokey are enabled, allows remote attackers to execute arbitrary code via a crafted packet containing an extension...

7.9AI Score

0.963EPSS

2009-05-19 07:30 PM
48
cve
cve

CVE-2009-0159

Stack-based buffer overflow in the cookedprint function in ntpq/ntpq.c in ntpq in NTP before 4.2.4p7-RC2 allows remote NTP servers to execute arbitrary code via a crafted...

7.8AI Score

0.043EPSS

2009-04-14 03:30 PM
67
cve
cve

CVE-2009-0021

NTP 4.2.4 before 4.2.4p5 and 4.2.5 before 4.2.5p150 does not properly check the return value from the OpenSSL EVP_VerifyFinal function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature for DSA and ECDSA keys, a similar vulnerability to...

7.6AI Score

0.007EPSS

2009-01-07 05:30 PM
53
cve
cve

CVE-2004-0657

Integer overflow in the NTP daemon (NTPd) before 4.0 causes the NTP server to return the wrong date/time offset when a client requests a date/time that is more than 34 years away from the server's...

6.8AI Score

0.002EPSS

2004-08-06 04:00 AM
33
Total number of security vulnerabilities107