SUSE CVE-2019-6445

An issue was discovered in NTPsec before 1.1.3. An authenticated attacker can cause a NULL pointer dereference and ntpd crash in ntpcontrol.c, related to ctlgetitem...

SUSE CVE-2019-6443

An issue was discovered in NTPsec before 1.1.3. Because of a bug in ctlgetitem, there is a stack-based buffer over-read in readsysvars in ntpcontrol.c in ntpd...

The vulnerability of the ctl_getitem method in the ntpd daemon, which is part of the NTP time synchronization protocol, arises from reading data within acceptable buffer limits. This allows a malicious actor to cause a service failure.

The vulnerability of the ctlgetitem method in the ntpd daemon, which implements the NTP synchronization protocol, relates to reading beyond the buffer boundaries in memory. Exploiting this vulnerability could allow a malicious actor to cause service failures by using specially crafted mode 6 Troj...

NTP ntpd denial of service vulnerability (CNVD-2018-04874)

NTP Network Time Protocol is a network protocol that synchronizes the clocks of two computers by exchanging packets. ntpd is an operating system daemon. An information disclosure vulnerability exists in the ctlgetitem method of ntpd in NTP versions 4.2.8p6 through 4.2.8p10. A remote attacker coul...