SUSE CVE-2017-6463

NTP before 4.2.8p10 and 4.3.x before 4.3.94 allows remote authenticated users to cause a denial of service daemon crash via an invalid setting in a :config directive, related to the unpeer option...

SUSE: Security Advisory (SUSE-SU-2017:1048-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

ntpd 4.2.8p10 Out-Of-Bounds Read

Exploit Title: ntpd 4.2.8p10 - Out-of-Bounds Read PoC Bug Discovery: Yihan Lian, a security researcher of Qihoo 360 GearTeam Exploit Author: Magnus Klaaborg Stubman @magnusstubman Website: https://dumpco.re/blog/cve-2018-7182 Vendor Homepage: http://www.ntp.org/ Software Link:...

NTP.org 'ntpd' 'protocol engine' Denial of Service Vulnerability

NTP.org SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:ntp:ntp"; ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.812792";...

CVE-2018-7183

Buffer overflow in the decodearr function in ntpq in ntp 4.2.8p6 through 4.2.8p10 allows remote attackers to execute arbitrary code by leveraging an ntpq query and sending a response with a crafted array...

BSA-2017-294

Security Advisory ID : BSA-2017-294 Component : NTP Revision : 1.0: Interim Multiple buffer overflows in thectlput functions in NTP before 4.2.8p10 and 4.3.x before 4.3.94 allow remote authenticated users to have unspecified impact via a long variable. Affected Products Brocade is investigating i...

BSA-2017-292

Security Advisory ID : BSA-2017-292 Component : NTP Revision : 1.0: Interim Stack-based buffer overflow in the Windows installer for NTP before 4.2.8p10 and 4.3.x before 4.3.94 allows local users to have unspecified impact via an application path on the command line. Affected Products Brocade is...

SUSE SLES11 Security Update : ntp (SUSE-SU-2017:1052-1)

This ntp update to version 4.2.8p10 fixes the following issues: Security issues fixed bsc1030050 : - CVE-2017-6464: Denial of Service via Malformed Config - CVE-2017-6462: Buffer Overflow in DPTS Clock - CVE-2017-6463: Authenticated DoS via Malicious Config Option - CVE-2017-6458: Potential...

CVE-2017-6459

The Windows installer for NTP before 4.2.8p10 and 4.3.x before 4.3.94 allows local users to have unspecified impact via vectors related to an argument with multiple null bytes...

Null pointer dereference

The Windows installer for NTP before 4.2.8p10 and 4.3.x before 4.3.94 allows local users to have unspecified impact via vectors related to an argument with multiple null bytes...

CVE-2017-6462

Buffer overflow in the legacy Datum Programmable Time Server DPTS refclock driver in NTP before 4.2.8p10 and 4.3.x before 4.3.94 allows local users to have unspecified impact via a crafted /dev/datum device...

CVE-2017-6463

NTP before 4.2.8p10 and 4.3.x before 4.3.94 allows remote authenticated users to cause a denial of service daemon crash via an invalid setting in a :config directive, related to the unpeer option...

Network Time Protocol Daemon (ntpd) 4.x < 4.2.8p10 Multiple Vulnerabilities

The version of the remote NTP server is 4.x prior to 4.2.8p10. It is, therefore, affected by the following vulnerabilities : - A denial of service vulnerability exists in the receive function within file ntpd/ntpproto.c due to the expected origin timestamp being cleared when a packet with a zero...