Lucene search
K

44 matches found

F5 Networks
F5 Networks
added 2023/02/21 6:46 p.m.114 views

K03331206: NTP vulnerability CVE-2016-4955

Security Advisory Description ntpd in NTP 4.x before 4.2.8p8, when autokey is enabled, allows remote attackers to cause a denial of service peer-variable clearing and association outage by sending 1 a spoofed crypto-NAK packet or 2 a packet with an incorrect MAC value at a certain time...

5.9CVSS6.4AI score0.08771EPSS
Exploits0Affected Software23
F5 Networks
F5 Networks
added 2023/02/21 6:29 p.m.35 views

K92800352: NTP vulnerability CVE-2016-4953

Security Advisory Description ntpd in NTP 4.x before 4.2.8p8 allows remote attackers to cause a denial of service ephemeral-association demobilization by sending a spoofed crypto-NAK packet with incorrect authentication data at a certain time. CVE-2016-4953 Impact There is no impact; F5 products...

7.5CVSS7AI score0.17245EPSS
Exploits0
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.38 views

Huawei EulerOS: Security Advisory for ntp (EulerOS-SA-2019-1323)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.8AI score0.12351EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.61 views

Huawei EulerOS: Security Advisory for ntp (EulerOS-SA-2019-2066)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.9AI score0.81762EPSS
Exploits6References2
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.46 views

Huawei EulerOS: Security Advisory for ntp (EulerOS-SA-2019-1222)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.1AI score0.81762EPSS
Exploits2References2
Prion
Prion
added 2017/08/07 8:29 p.m.31 views

Code injection

The ntpd client in NTP 4.x before 4.2.8p4 and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service via a number of crafted "KOD" messages...

5CVSS7.3AI score0.1095EPSS
Exploits0References20Affected Software10
NVD
NVD
added 2017/08/07 8:29 p.m.30 views

CVE-2015-7704

The ntpd client in NTP 4.x before 4.2.8p4 and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service via a number of crafted "KOD" messages...

7.5CVSS8.2AI score0.1095EPSS
Exploits0References20
Cvelist
Cvelist
added 2017/08/07 8:0 p.m.23 views

CVE-2015-7705

The rate limiting feature in NTP 4.x before 4.2.8p4 and 4.3.x before 4.3.77 allows remote attackers to have unspecified impact via a large number of crafted requests...

9.5AI score0.12351EPSS
Exploits0References36
Cvelist
Cvelist
added 2017/08/07 8:0 p.m.30 views

CVE-2015-7704

The ntpd client in NTP 4.x before 4.2.8p4 and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service via a number of crafted "KOD" messages...

8.4AI score0.1095EPSS
Exploits0References20
CVE
CVE
added 2017/08/07 8:0 p.m.208 views

CVE-2015-7704

CVE-2015-7704 describes a denial-of-service in ntpd caused by handling of Kiss-of-Death (KoD) messages. The issue arises from KoD processing that could delay or stop querying time sources. Affected software: ntpd in NTP 4.x prior to 4.2.8p4 and 4.3.x prior to 4.3.77. Impact: unauthenticated remot...

7.5CVSS8.2AI score0.1095EPSS
Exploits0References20Affected Software1
Debian CVE
Debian CVE
added 2017/08/07 8:0 p.m.47 views

CVE-2015-7704

The ntpd client in NTP 4.x before 4.2.8p4 and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service via a number of crafted "KOD" messages...

7.5CVSS7.2AI score0.1095EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2017/07/10 12:0 a.m.38 views

EulerOS 2.0 SP1 : ntp (EulerOS-SA-2017-1124)

According to the versions of the ntp packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - ntpq in NTP before 4.2.8p7 allows remote attackers to obtain origin timestamps and then impersonate peers via unspecified...

7.8CVSS6.5AI score0.16351EPSS
Exploits1References9
NVD
NVD
added 2016/07/05 1:59 a.m.24 views

CVE-2016-4956

ntpd in NTP 4.x before 4.2.8p8 allows remote attackers to cause a denial of service interleaved-mode transition and time change via a spoofed broadcast packet. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-1548...

5.3CVSS6.4AI score0.16351EPSS
Exploits0References33
NVD
NVD
added 2016/07/05 1:59 a.m.17 views

CVE-2016-4955

ntpd in NTP 4.x before 4.2.8p8, when autokey is enabled, allows remote attackers to cause a denial of service peer-variable clearing and association outage by sending 1 a spoofed crypto-NAK packet or 2 a packet with an incorrect MAC value at a certain time...

5.9CVSS6.4AI score0.08771EPSS
Exploits0References31
NVD
NVD
added 2016/07/05 1:59 a.m.32 views

CVE-2016-4954

The processpacket function in ntpproto.c in ntpd in NTP 4.x before 4.2.8p8 allows remote attackers to cause a denial of service peer-variable modification by sending spoofed packets from many source IP addresses in a certain scenario, as demonstrated by triggering an incorrect leap indication...

7.5CVSS7.3AI score0.13208EPSS
Exploits0References35
OSV
OSV
added 2016/07/05 1:59 a.m.9 views

CVE-2016-4954

The processpacket function in ntpproto.c in ntpd in NTP 4.x before 4.2.8p8 allows remote attackers to cause a denial of service peer-variable modification by sending spoofed packets from many source IP addresses in a certain scenario, as demonstrated by triggering an incorrect leap indication...

7.5CVSS7.3AI score
Exploits0References35
NVD
NVD
added 2016/07/05 1:59 a.m.26 views

CVE-2016-4953

ntpd in NTP 4.x before 4.2.8p8 allows remote attackers to cause a denial of service ephemeral-association demobilization by sending a spoofed crypto-NAK packet with incorrect authentication data at a certain time...

7.5CVSS7.4AI score0.17245EPSS
Exploits0References32
Prion
Prion
added 2016/07/05 1:59 a.m.25 views

Design/Logic Flaw

ntpd in NTP 4.x before 4.2.8p8 allows remote attackers to cause a denial of service interleaved-mode transition and time change via a spoofed broadcast packet. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-1548...

5CVSS7AI score0.16351EPSS
Exploits3References33Affected Software9
Prion
Prion
added 2016/07/05 1:59 a.m.15 views

Code injection

ntpd in NTP 4.x before 4.2.8p8, when autokey is enabled, allows remote attackers to cause a denial of service peer-variable clearing and association outage by sending 1 a spoofed crypto-NAK packet or 2 a packet with an incorrect MAC value at a certain time...

4.3CVSS7.3AI score0.08771EPSS
Exploits0References31Affected Software9
Cvelist
Cvelist
added 2016/07/05 1:0 a.m.33 views

CVE-2016-4954

The processpacket function in ntpproto.c in ntpd in NTP 4.x before 4.2.8p8 allows remote attackers to cause a denial of service peer-variable modification by sending spoofed packets from many source IP addresses in a certain scenario, as demonstrated by triggering an incorrect leap indication...

7.3AI score0.13208EPSS
Exploits0References35
Rows per page
Query Builder