Vulnerabilities (CVE)

Filtered by vendor Ntp Subscribe
Filtered by product Ntp
Total 99 CVE
CVE Vendors Products Updated CVSS v2 CVSS v3
CVE-2016-7429 1 Ntp 1 Ntp 2025-04-20 4.3 MEDIUM 3.7 LOW
NTP before 4.2.8p9 changes the peer structure to the interface it receives the response from a source, which allows remote attackers to cause a denial of service (prevent communication with a source) by sending a response for a source to an interface the source does not use.
CVE-2016-1548 1 Ntp 1 Ntp 2025-04-20 6.4 MEDIUM 7.2 HIGH
An attacker can spoof a packet from a legitimate ntpd server with an origin timestamp that matches the peer->dst timestamp recorded for that server. After making this switch, the client in NTP 4.2.8p4 and earlier and NTPSec aa48d001683e5b791a743ec9c575aaf7d867a2b0c will reject all future legitimate server responses. It is possible to force the victim client to move time after the mode has been changed. ntpq gives no indication that the mode has been switched.
CVE-2016-7431 1 Ntp 1 Ntp 2025-04-20 5.0 MEDIUM 5.3 MEDIUM
NTP before 4.2.8p9 allows remote attackers to bypass the origin timestamp protection mechanism via an origin timestamp of zero. NOTE: this vulnerability exists because of a CVE-2015-8138 regression.
CVE-2016-1550 1 Ntp 1 Ntp 2025-04-20 5.0 MEDIUM 5.3 MEDIUM
An exploitable vulnerability exists in the message authentication functionality of libntp in ntp 4.2.8p4 and NTPSec a5fb34b9cc89b92a8fef2f459004865c93bb7f92. An attacker can send a series of crafted messages to attempt to recover the message digest key.
CVE-2016-1547 1 Ntp 1 Ntp 2025-04-20 5.0 MEDIUM 5.3 MEDIUM
An off-path attacker can cause a preemptible client association to be demobilized in NTP 4.2.8p4 and earlier and NTPSec a5fb34b9cc89b92a8fef2f459004865c93bb7f92 by sending a crypto NAK packet to a victim client with a spoofed source address of an existing associated peer. This is true even if authentication is enabled.
CVE-2016-9310 1 Ntp 1 Ntp 2025-04-20 6.4 MEDIUM 6.5 MEDIUM
The control mode (mode 6) functionality in ntpd in NTP before 4.2.8p9 allows remote attackers to set or unset traps via a crafted control mode packet.
CVE-2015-7977 8 Canonical, Debian, Fedoraproject and 5 more 12 Ubuntu Linux, Debian Linux, Fedora and 9 more 2025-04-20 4.3 MEDIUM 5.9 MEDIUM
ntpd in NTP before 4.2.8p6 and 4.3.x before 4.3.90 allows remote attackers to cause a denial of service (NULL pointer dereference) via a ntpdc reslist command.
CVE-2015-7855 4 Debian, Netapp, Ntp and 1 more 11 Debian Linux, Clustered Data Ontap, Data Ontap and 8 more 2025-04-20 4.0 MEDIUM 6.5 MEDIUM
The decodenetnum function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (assertion failure) via a 6 or mode 7 packet containing a long data value.
CVE-2017-6452 1 Ntp 1 Ntp 2025-04-20 4.6 MEDIUM 7.8 HIGH
Stack-based buffer overflow in the Windows installer for NTP before 4.2.8p10 and 4.3.x before 4.3.94 allows local users to have unspecified impact via an application path on the command line.
CVE-2017-6458 4 Apple, Hpe, Ntp and 1 more 5 Mac Os X, Hpux-ntp, Ntp and 2 more 2025-04-20 6.5 MEDIUM 8.8 HIGH
Multiple buffer overflows in the ctl_put* functions in NTP before 4.2.8p10 and 4.3.x before 4.3.94 allow remote authenticated users to have unspecified impact via a long variable.
CVE-2015-7973 5 Canonical, Freebsd, Netapp and 2 more 9 Ubuntu Linux, Freebsd, Clustered Data Ontap and 6 more 2025-04-20 5.8 MEDIUM 6.5 MEDIUM
NTP before 4.2.8p6 and 4.3.x before 4.3.90, when configured in broadcast mode, allows man-in-the-middle attackers to conduct replay attacks by sniffing the network.
CVE-2016-1549 1 Ntp 1 Ntp 2025-04-20 4.0 MEDIUM 6.5 MEDIUM
A malicious authenticated peer can create arbitrarily-many ephemeral associations in order to win the clock selection algorithm in ntpd in NTP 4.2.8p4 and earlier and NTPsec 3e160db8dc248a0bcb053b56a80167dc742d2b74 and a5fb34b9cc89b92a8fef2f459004865c93bb7f92 and modify a victim's clock.
CVE-2015-5146 3 Debian, Fedoraproject, Ntp 3 Debian Linux, Fedora, Ntp 2025-04-20 3.5 LOW 5.3 MEDIUM
ntpd in ntp before 4.2.8p3 with remote configuration enabled allows remote authenticated users with knowledge of the configuration password and access to a computer entrusted to perform remote configuration to cause a denial of service (service crash) via a NULL byte in a crafted configuration directive packet.
CVE-2017-6464 1 Ntp 1 Ntp 2025-04-20 4.0 MEDIUM 6.5 MEDIUM
NTP before 4.2.8p10 and 4.3.x before 4.3.94 allows remote attackers to cause a denial of service (ntpd crash) via a malformed mode configuration directive.
CVE-2015-8158 1 Ntp 1 Ntp 2025-04-20 4.3 MEDIUM 5.9 MEDIUM
The getresponse function in ntpq in NTP versions before 4.2.8p9 and 4.3.x before 4.3.90 allows remote attackers to cause a denial of service (infinite loop) via crafted packets with incorrect values.
CVE-2015-5300 7 Canonical, Debian, Fedoraproject and 4 more 20 Ubuntu Linux, Debian Linux, Fedora and 17 more 2025-04-20 5.0 MEDIUM 7.5 HIGH
The panic_gate check in NTP before 4.2.8p5 is only re-enabled after the first change to the system clock that was greater than 128 milliseconds by default, which allows remote attackers to set NTP to an arbitrary time when started with the -g option, or to alter the time by up to 900 seconds otherwise by responding to an unspecified number of requests from trusted sources, and leveraging a resulting denial of service (abort and restart).
CVE-2015-7871 3 Debian, Netapp, Ntp 7 Debian Linux, Clustered Data Ontap, Data Ontap and 4 more 2025-04-20 7.5 HIGH 9.8 CRITICAL
Crypto-NAK packets in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to bypass authentication.
CVE-2015-7692 5 Debian, Netapp, Ntp and 2 more 13 Debian Linux, Clustered Data Ontap, Data Ontap and 10 more 2025-04-20 5.0 MEDIUM 7.5 HIGH
The crypto_xmit function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (crash). NOTE: This vulnerability exists due to an incomplete fix for CVE-2014-9750.
CVE-2016-9311 1 Ntp 1 Ntp 2025-04-20 7.1 HIGH 5.9 MEDIUM
ntpd in NTP before 4.2.8p9, when the trap service is enabled, allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted packet.
CVE-2015-7703 5 Debian, Netapp, Ntp and 2 more 13 Debian Linux, Clustered Data Ontap, Data Ontap and 10 more 2025-04-20 4.3 MEDIUM 7.5 HIGH
The "pidfile" or "driftfile" directives in NTP ntpd 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77, when ntpd is configured to allow remote configuration, allows remote attackers with an IP address that is allowed to send configuration requests, and with knowledge of the remote configuration password to write to arbitrary files via the :config command.