Lucene search
K

19 matches found

EUVD
EUVD
added 2025/10/07 12:30 a.m.6 views

EUVD-2016-2645

Malware in sbrugna...

5.3CVSS6.5AI score0.03634EPSS
Exploits1References42
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.47 views

Huawei EulerOS: Security Advisory for ntp (EulerOS-SA-2019-1222)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.1AI score0.81762EPSS
Exploits2References2
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.61 views

Huawei EulerOS: Security Advisory for ntp (EulerOS-SA-2019-2066)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.9AI score0.81762EPSS
Exploits6References2
CVE
CVE
added 2018/03/06 8:0 p.m.205 views

CVE-2018-7184

CVE-2018-7184 affects ntpd 4.2.8p4 through 4.2.8p10, where a zero-origin timestamp in certain packets can disrupt the association and cause DoS. This is described as a result of an incomplete fix for CVE-2015-7704. Remediation available: upgrade to ntpd 4.2.8p11 or later; several advisories (e.g....

7.5CVSS7.5AI score0.08862EPSS
Exploits0References10Affected Software1
Cvelist
Cvelist
added 2018/03/06 8:0 p.m.31 views

CVE-2018-7184

ntpd in ntp 4.2.8p4 before 4.2.8p11 drops bad packets before updating the "received" timestamp, which allows remote attackers to cause a denial of service disruption by sending a packet with a zero-origin timestamp causing the association to reset and setting the contents of the packet as the mos...

7.6AI score0.08862EPSS
Exploits0References10
UbuntuCve
UbuntuCve
added 2018/03/06 12:0 a.m.32 views

CVE-2018-7184

ntpd in ntp 4.2.8p4 before 4.2.8p11 drops bad packets before updating the "received" timestamp, which allows remote attackers to cause a denial of service disruption by sending a packet with a zero-origin timestamp causing the association to reset and setting the contents of the packet as the mos...

7.5CVSS6.8AI score0.08862EPSS
Exploits0References4
RedhatCVE
RedhatCVE
added 2018/02/28 7:49 p.m.95 views

CVE-2018-7184

ntpd in ntp 4.2.8p4 before 4.2.8p11 drops bad packets before updating the "received" timestamp, which allows remote attackers to cause a denial of service disruption by sending a packet with a zero-origin timestamp causing the association to reset and setting the contents of the packet as the mos...

7.5CVSS5AI score0.1095EPSS
Exploits0References1
UbuntuCve
UbuntuCve
added 2017/01/06 9:59 p.m.46 views

CVE-2016-1549

A malicious authenticated peer can create arbitrarily-many ephemeral associations in order to win the clock selection algorithm in ntpd in NTP 4.2.8p4 and earlier and NTPsec 3e160db8dc248a0bcb053b56a80167dc742d2b74 and a5fb34b9cc89b92a8fef2f459004865c93bb7f92 and modify a victim's clock...

6.5CVSS6.8AI score0.03147EPSS
Exploits1References3
NVD
NVD
added 2017/01/06 9:59 p.m.29 views

CVE-2016-1547

An off-path attacker can cause a preemptible client association to be demobilized in NTP 4.2.8p4 and earlier and NTPSec a5fb34b9cc89b92a8fef2f459004865c93bb7f92 by sending a crypto NAK packet to a victim client with a spoofed source address of an existing associated peer. This is true even if...

5.3CVSS6.3AI score0.0511EPSS
Exploits2References15
Prion
Prion
added 2017/01/06 9:59 p.m.21 views

Design/Logic Flaw

An exploitable vulnerability exists in the message authentication functionality of libntp in ntp 4.2.8p4 and NTPSec a5fb34b9cc89b92a8fef2f459004865c93bb7f92. An attacker can send a series of crafted messages to attempt to recover the message digest key...

5CVSS6.9AI score0.03634EPSS
Exploits1References34Affected Software1
Cvelist
Cvelist
added 2017/01/06 9:0 p.m.31 views

CVE-2016-1549

A malicious authenticated peer can create arbitrarily-many ephemeral associations in order to win the clock selection algorithm in ntpd in NTP 4.2.8p4 and earlier and NTPsec 3e160db8dc248a0bcb053b56a80167dc742d2b74 and a5fb34b9cc89b92a8fef2f459004865c93bb7f92 and modify a victim's clock...

6.1AI score0.03147EPSS
Exploits1References9
Cvelist
Cvelist
added 2017/01/06 9:0 p.m.29 views

CVE-2016-1550

An exploitable vulnerability exists in the message authentication functionality of libntp in ntp 4.2.8p4 and NTPSec a5fb34b9cc89b92a8fef2f459004865c93bb7f92. An attacker can send a series of crafted messages to attempt to recover the message digest key...

6.4AI score0.03634EPSS
Exploits1References34
CVE
CVE
added 2017/01/06 9:0 p.m.186 views

CVE-2016-1548

CVE-2016-1548 describes an NT P vulnerability where an attacker spoofing a legitimate ntpd server can force a client from basic client/server mode to interleaved symmetric mode, causing the client to reject future legitimate responses and potentially desynchronize time. Affected: ntpd/NTP 4.x pri...

7.2CVSS6.3AI score0.03844EPSS
Exploits3References34Affected Software1
Debian CVE
Debian CVE
added 2017/01/06 9:0 p.m.46 views

CVE-2016-1547

An off-path attacker can cause a preemptible client association to be demobilized in NTP 4.2.8p4 and earlier and NTPSec a5fb34b9cc89b92a8fef2f459004865c93bb7f92 by sending a crypto NAK packet to a victim client with a spoofed source address of an existing associated peer. This is true even if...

5.3CVSS6.8AI score0.0511EPSS
Exploits2
Debian CVE
Debian CVE
added 2017/01/06 9:0 p.m.38 views

CVE-2016-1549

A malicious authenticated peer can create arbitrarily-many ephemeral associations in order to win the clock selection algorithm in ntpd in NTP 4.2.8p4 and earlier and NTPsec 3e160db8dc248a0bcb053b56a80167dc742d2b74 and a5fb34b9cc89b92a8fef2f459004865c93bb7f92 and modify a victim's clock...

6.5CVSS6.7AI score0.03147EPSS
Exploits1
Debian CVE
Debian CVE
added 2017/01/06 9:0 p.m.31 views

CVE-2016-1550

An exploitable vulnerability exists in the message authentication functionality of libntp in ntp 4.2.8p4 and NTPSec a5fb34b9cc89b92a8fef2f459004865c93bb7f92. An attacker can send a series of crafted messages to attempt to recover the message digest key...

5.3CVSS6.7AI score0.03634EPSS
Exploits1
UbuntuCve
UbuntuCve
added 2016/04/29 12:0 a.m.34 views

CVE-2016-1547

An off-path attacker can cause a preemptible client association to be demobilized in NTP 4.2.8p4 and earlier and NTPSec a5fb34b9cc89b92a8fef2f459004865c93bb7f92 by sending a crypto NAK packet to a victim client with a spoofed source address of an existing associated peer. This is true even if...

5.3CVSS6.8AI score0.0511EPSS
Exploits2References3
UbuntuCve
UbuntuCve
added 2016/04/29 12:0 a.m.36 views

CVE-2016-1548

An attacker can spoof a packet from a legitimate ntpd server with an origin timestamp that matches the peer-dst timestamp recorded for that server. After making this switch, the client in NTP 4.2.8p4 and earlier and NTPSec aa48d001683e5b791a743ec9c575aaf7d867a2b0c will reject all future legitimat...

7.2CVSS6.7AI score0.03844EPSS
Exploits3References4
Tenable Nessus
Tenable Nessus
added 2015/10/22 12:0 a.m.49 views

FreeBSD : ntp -- 13 low- and medium-severity vulnerabilities (c4a18a12-77fc-11e5-a687-206a8a720317)

ntp.org reports : NTF's NTP Project has been notified of the following 13 low- and medium-severity vulnerabilities that are fixed in ntp-4.2.8p4, released on Wednesday, 21 October 2015 : - Bug 2941 CVE-2015-7871 NAK to the Future: Symmetric association authentication bypass via crypto-NAK Cisco...

9.8CVSS7AI score0.81762EPSS
Exploits8References19
Rows per page
Query Builder