7 matches found
Null pointer dereference
ntpd in NTP before 4.2.8p9, when the trap service is enabled, allows remote attackers to cause a denial of service NULL pointer dereference and crash via a crafted packet...
Code injection
ntpd in NTP before 4.2.8p9 allows remote attackers to cause a denial of service reject broadcast mode packets via the poll interval in a broadcast packet...
Code injection
ntpd in NTP before 4.2.8p9, when running on Windows, allows remote attackers to cause a denial of service via a large UDP packet...
CVE-2016-9311
ntpd in NTP before 4.2.8p9, when the trap service is enabled, allows remote attackers to cause a denial of service NULL pointer dereference and crash via a crafted packet...
CVE-2016-9312
ntpd in NTP before 4.2.8p9, when running on Windows, allows remote attackers to cause a denial of service via a large UDP packet...
NTP.org ntpd contains multiple denial of service vulnerabilities
Overview NTP.org ntpd versions ntp-4.2.7p385 up to but not including ntp-4.2.8p9 and ntp-4.3.0 up to but not including ntp-4.3.94 contain multiple denial of service vulnerabilities. Description NTP.org's ntpd, versions ntp-4.2.7p385 up to but not including ntp-4.2.8p9 and ntp-4.3.0 up to but not...
Internet Bug Bounty: ntpd: read_mru_list() does inadequate incoming packet checks
Summary: If ntpd is configured to allow mrulist query requests from a server that sends a crafted malicious packet, ntpd will crash on receipt of that crafted malicious mrulist query packet. Mitigation: - Only allow mrulist query packets from trusted hosts. - Implement BCP-38. - Upgrade to 4.2.8p...