ntp: Fix of 2 CVEs

CVE-2018-7185: unauthenticated packet with a zero-origin timestamp can reset an authenticated interleave association leading to denial of service. - CVE-2019-8936: NULL pointer dereference triggered by an authenticated mode 6 control packet with no value field...

CLSA-2026-1777453146 ntp: Fix of 2 CVEs

CVE-2018-7185: unauthenticated packet with a zero-origin timestamp can reset an authenticated interleave association leading to denial of service. - CVE-2019-8936: NULL pointer dereference triggered by an authenticated mode 6 control packet with no value field...

CLSA-2026-1777453307 ntp: Fix of 2 CVEs

CVE-2018-7185: unauthenticated packet with a zero-origin timestamp can reset an authenticated interleave association leading to denial of service. - CVE-2019-8936: NULL pointer dereference triggered by an authenticated mode 6 control packet with no value field...

NTPsec < 1.1.0 DoS Vulnerability

NTPsec is prone to a denial of service DoS vulnerability. SPDX-FileCopyrightText: 2025 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:ntpsec:ntpsec";...

SUSE CVE-2015-7852

ntpq in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service crash via crafted mode 6 response packets...

SUSE CVE-2015-7855

The decodenetnum function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service assertion failure via a 6 or mode 7 packet containing a long data value...

SUSE CVE-2016-9310

The control mode mode 6 functionality in ntpd in NTP before 4.2.8p9 allows remote attackers to set or unset traps via a crafted control mode packet...

SUSE CVE-2018-7182

The ctlgetitem method in ntpd in ntp-4.2.8p6 before 4.2.8p11 allows remote attackers to cause a denial of service out-of-bounds read via a crafted mode 6 packet with a ntpd instance from 4.2.8p6 through 4.2.8p10...

USN-3707-1 ntp vulnerabilities

Yihan Lian discovered that NTP incorrectly handled certain malformed mode 6 packets. A remote attacker could possibly use this issue to cause ntpd to crash, resulting in a denial of service. This issue only affected Ubuntu 17.10 and Ubuntu 18.04 LTS. CVE-2018-7182 Michael Macnair discovered that...

DEBIAN-CVE-2018-7182

The ctlgetitem method in ntpd in ntp-4.2.8p6 before 4.2.8p11 allows remote attackers to cause a denial of service out-of-bounds read via a crafted mode 6 packet with a ntpd instance from 4.2.8p6 through 4.2.8p10...

UBUNTU-CVE-2018-7182

The ctlgetitem method in ntpd in ntp-4.2.8p6 before 4.2.8p11 allows remote attackers to cause a denial of service out-of-bounds read via a crafted mode 6 packet with a ntpd instance from 4.2.8p6 through 4.2.8p10...

DEBIAN-CVE-2015-7855

The decodenetnum function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service assertion failure via a 6 or mode 7 packet containing a long data value...

DEBIAN-CVE-2015-7852

ntpq in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service crash via crafted mode 6 response packets...

Exploitable Configuration Modification Vulnerability in ntpd Control Mode (Mode 6) Functionality

Network Time Protocol NTP is a protocol used to synchronize a computer's time to its server or clock source e.g., quartz clock, GPS, etc.. Synchronizing a computer's clock to UTC ensures that data interactions in a network can proceed smoothly.NTPD Network Time Protocol daemon is an operating...

NTP Denial of Service Vulnerability (CNVD-2015-07183)

NTP is a network protocol that synchronizes the clocks of two computers by exchanging packets. NTP has a security vulnerability that allows a remote attacker to send Mode 6 MODECONTROL or Mode 7 MODEPRIVATE packets with large values to crash a background program...

NTP 'ntpq.c' Memory Corruption Vulnerability

NTP is a network protocol that synchronizes the clocks of two computers by exchanging packets. NTP has a security vulnerability that allows a remote attacker to send a set of Mode 6 response packets to perform a denial-of-service attack...

UBUNTU-CVE-2015-7852

ntpq in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service crash via crafted mode 6 response packets...