EUVD-2015-7750

Malware in sbrugna...

Network Time Protocol (NTP) Mode 6 Query Response Check (UDP)

Services which are supporting the Network Time Protocol NTP and respond to Mode 6 queries are prone to an information disclosure and might be misused for Distributed Denial of Service DDoS attacks. SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenc...

NTP < 4.2.8p13 NULL Pointer Dereference Vulnerability

A crafted malicious authenticated mode 6 ntpq packet from a permitted network address can trigger a NULL pointer dereference, crashing ntpd. Note that for this attack to work, the sending system must be on an address that the target SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions...

CVE-2014-5209

An Information Disclosure vulnerability exists in NTP 4.2.7p25 private mode 6/7 messages via a GETRESTRICT control message, which could let a malicious user obtain sensitive information...

CVE-2014-5209

An Information Disclosure vulnerability exists in NTP 4.2.7p25 private mode 6/7 messages via a GETRESTRICT control message, which could let a malicious user obtain sensitive information...

Medium: ntp

Issue Overview: NTP has a NULL pointer dereference attack in an authenticated mode 6 packet. CVE-2019-8936 Affected Packages: ntp Issue Correction: Run yum update ntp or yum update --advisory ALAS-2019-1206 to update your system. New Packages: i686: ntp-debuginfo-4.2.8p12-1.41.amzn1.i686 ...

FreeBSD : ntp -- Crafted null dereference attack from a trusted source with an authenticated mode 6 packet (c2576e14-36e2-11e9-9eda-206a8a720317)

Network Time Foundation reports : A crafted malicious authenticated mode 6 ntpq packet from a permitted network address can trigger a NULL pointer dereference, crashing ntpd. Note that for this attack to work, the sending system must be on an address that the target's ntpd accepts mode 6 packets...

ntp -- Crafted null dereference attack from a trusted source with an authenticated mode 6 packet

Network Time Foundation reports: A crafted malicious authenticated mode 6 ntpq packet from a permitted network address can trigger a NULL pointer dereference, crashing ntpd. Note that for this attack to work, the sending system must be on an address that the target's ntpd accepts mode 6 packets...

CVE-2018-7182

The ctlgetitem method in ntpd in ntp-4.2.8p6 before 4.2.8p11 allows remote attackers to cause a denial of service out-of-bounds read via a crafted mode 6 packet with a ntpd instance from 4.2.8p6 through 4.2.8p10...

CVE-2018-7182

The CVE-2018-7182 vulnerability affects ntp ntpd versions 4.2.8p6–4.2.8p10, where the ctl_getitem() function can read past the end of its buffer. A remote attacker can send a crafted mode 6 packet to trigger an out-of-bounds read, causing denial of service. Public references include Exploit-DB’s ...

CVE-2018-7182

The ctlgetitem method in ntpd in ntp-4.2.8p6 before 4.2.8p11 allows remote attackers to cause a denial of service out-of-bounds read via a crafted mode 6 packet with a ntpd instance from 4.2.8p6 through 4.2.8p10...

CVE-2018-7182

The ctlgetitem method in ntpd in ntp-4.2.8p6 before 4.2.8p11 allows remote attackers to cause a denial of service out-of-bounds read via a crafted mode 6 packet with a ntpd instance from 4.2.8p6 through 4.2.8p10...

CVE-2015-7852

ntpq in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service crash via crafted mode 6 response packets...

CVE-2015-7852

ntpq in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service crash via crafted mode 6 response packets...

CVE-2015-7852

ntpq in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service crash via crafted mode 6 response packets...

CVE-2015-7852

CVE-2015-7852 is an off-by-one vulnerability in ntpq’s cookedprint() which can allow a crafted mode 6 packet to cause a buffer overflow and crash ntpd. Public references (Debian DSA-3388-1, CentOS advisories) confirm ntpq/cookedprint as the vulnerable component and describe a DoS via remote craft...

BSA-2017-219

Security Advisory ID : BSA-2017-219 Component : ntp Revision : 1.0: Interim An exploitable configuration modification vulnerability exists in the control mode mode 6 functionality ofntpd. If, against long-standing BCP recommendations, "restrict defaultnoquery..." is not specified, a specially...

Network Time Protocol (NTP) Mode 6 Scanner

The remote NTP server responds to mode 6 queries. Devices that respond to these queries have the potential to be used in NTP amplification attacks. An unauthenticated, remote attacker could potentially exploit this, via a specially crafted mode 6 query, to cause a reflected denial of service...

[ASA-201611-28] ntp: multiple issues

Arch Linux Security Advisory ASA-201611-28 ========================================== Severity: High Date : 2016-11-26 CVE-ID : CVE-2016-7426 CVE-2016-7427 CVE-2016-7428 CVE-2016-7429 CVE-2016-7431 CVE-2016-7433 CVE-2016-7434 CVE-2016-9310 CVE-2016-9311 Package : ntp Type : multiple issues Remote...

Network Time Protocol (NTP) / NTPd / NTPsec Detection (UDP)

UDP based detection of services supporting the Network Time Protocol NTP. In addition to the protocol itself the existence of the ntpd NTPd / NTPsec daemon is detected as well. SPDX-FileCopyrightText: 2005 David Lodge SPDX-FileCopyrightText: New / improved code and detection since 2009 Greenbone ...