Lucene search

K
TuxfamilyChrony1.21

5 matches found

CVE
CVE
added 2010/02/08 8:30 p.m.76 views

CVE-2010-0292

The read_from_cmd_socket function in cmdmon.c in chronyd in Chrony before 1.23.1, and 1.24-pre1, allows remote attackers to cause a denial of service (CPU and bandwidth consumption) by sending a spoofed cmdmon packet that triggers a continuous exchange of NOHOSTACCESS messages between two daemons, ...

5CVSS6.7AI score0.85119EPSS
CVE
CVE
added 2010/02/08 8:30 p.m.65 views

CVE-2010-0293

The client logging functionality in chronyd in Chrony before 1.23.1 does not restrict the amount of memory used for storage of client information, which allows remote attackers to cause a denial of service (memory consumption) via spoofed (1) NTP or (2) cmdmon packets.

5CVSS6.5AI score0.01382EPSS
CVE
CVE
added 2010/02/08 8:30 p.m.62 views

CVE-2010-0294

chronyd in Chrony before 1.23.1, and possibly 1.24-pre1, generates a syslog message for each unauthorized cmdmon packet, which allows remote attackers to cause a denial of service (disk consumption) via a large number of invalid packets.

5CVSS6.5AI score0.01382EPSS
CVE
CVE
added 2013/11/05 9:55 p.m.59 views

CVE-2012-4503

cmdmon.c in Chrony before 1.29 allows remote attackers to obtain potentially sensitive information from stack memory via vectors related to (1) an invalid subnet in a RPY_SUBNETS_ACCESSED command to the handle_subnets_accessed function or (2) a RPY_CLIENT_ACCESSES command to the handle_client_acces...

5CVSS7.1AI score0.00403EPSS
CVE
CVE
added 2013/11/05 9:55 p.m.58 views

CVE-2012-4502

Multiple integer overflows in pktlength.c in Chrony before 1.29 allow remote attackers to cause a denial of service (crash) via a crafted (1) REQ_SUBNETS_ACCESSED or (2) REQ_CLIENT_ACCESSES command request to the PKL_CommandLength function or crafted (3) RPY_SUBNETS_ACCESSED, (4) RPY_CLIENT_ACCESSE...

5CVSS7.5AI score0.00946EPSS