13 matches found
NTP Mode 7 GET_RESTRICT DRDoS Scanner
This module requires Metasploit: https://metasploit.com/download Current source: https://github.com/rapid7/metasploit-framework class MetasploitModule 'NTP Mode 7 GETRESTRICT DRDoS Scanner', 'Description' = %q This module identifies NTP servers which permit "reslist" queries and obtains the list ...
SUSE CVE-2017-6460
Stack-based buffer overflow in the reslist function in ntpq in NTP before 4.2.8p10 and 4.3.x before 4.3.94 allows remote servers have unspecified impact via a long flagstr variable in a restriction list response...
Denial Of Service (DoS)
ntp is vulnerable to denial of service. A NULL pointer dereference flaw was found in the way ntpd processed ntpdc reslist commands that queried restriction lists with a large amount of entries. A remote attacker could potentially use this flaw to crash ntpd...
SUSE SLES12 Security Update : ntp (SUSE-SU-2017:1047-1)
This ntp update to version 4.2.8p10 fixes serveral issues. This updated enables leap smearing. See /usr/share/doc/packages/ntp/README.leapsmear for details. Security issues fixed bsc1030050 : - CVE-2017-6464: Denial of Service via Malformed Config - CVE-2017-6462: Buffer Overflow in DPTS Clock -...
Stack overflow
Stack-based buffer overflow in the reslist function in ntpq in NTP before 4.2.8p10 and 4.3.x before 4.3.94 allows remote servers have unspecified impact via a long flagstr variable in a restriction list response...
DEBIAN-CVE-2017-6460
Stack-based buffer overflow in the reslist function in ntpq in NTP before 4.2.8p10 and 4.3.x before 4.3.94 allows remote servers have unspecified impact via a long flagstr variable in a restriction list response...
CVE-2017-6460
Stack-based buffer overflow in the reslist function in ntpq in NTP before 4.2.8p10 and 4.3.x before 4.3.94 allows remote servers have unspecified impact via a long flagstr variable in a restriction list response...
CVE-2017-6460
Stack-based buffer overflow in the reslist function in ntpq in NTP before 4.2.8p10 and 4.3.x before 4.3.94 allows remote servers have unspecified impact via a long flagstr variable in a restriction list response...
Null pointer dereference
ntpd in NTP before 4.2.8p6 and 4.3.x before 4.3.90 allows remote attackers to cause a denial of service NULL pointer dereference via a ntpdc reslist command...
DEBIAN-CVE-2015-7977
ntpd in NTP before 4.2.8p6 and 4.3.x before 4.3.90 allows remote attackers to cause a denial of service NULL pointer dereference via a ntpdc reslist command...
ntp security and bug fix update
4.2.6p5-10 - don't accept server/peer packets with zero origin timestamp CVE-2015-8138 - fix crash with reslist command CVE-2015-7977, CVE-2015-7978 4.2.6p5-9 - fix crash with invalid logconfig command CVE-2015-5194 - fix crash when referencing disabled statistic type CVE-2015-5195 - don't hang i...
UBUNTU-CVE-2015-7977
ntpd in NTP before 4.2.8p6 and 4.3.x before 4.3.90 allows remote attackers to cause a denial of service NULL pointer dereference via a ntpdc reslist command...
NTP Mode 7 GET_RESTRICT DRDoS Scanner
This module identifies NTP servers which permit "reslist" queries and obtains the list of restrictions placed on various network interfaces, networks or hosts. The reslist feature allows remote attackers to cause a distributed, reflected denial of service aka, "DRDoS" or traffic amplification via...