Ntp

Ntp

99 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
5.3

CVE-2015-5146

  • EPSS 1.45%
  • Published 24.08.2017 20:29:00
  • Last modified 20.04.2025 01:37:25

ntpd in ntp before 4.2.8p3 with remote configuration enabled allows remote authenticated users with knowledge of the configuration password and access to a computer entrusted to perform remote configuration to cause a denial of service (service crash...

7.5

CVE-2015-3405

  • EPSS 6.21%
  • Published 09.08.2017 16:29:00
  • Last modified 20.04.2025 01:37:25

ntp-keygen in ntp 4.2.8px before 4.2.8p2-RC2 and 4.3.x before 4.3.12 does not generate MD5 keys with sufficient entropy on big endian machines when the lowest order byte of the temp variable is between 0x20 and 0x7f and not #, which might allow remot...

8.8

CVE-2015-7854

  • EPSS 4.19%
  • Published 07.08.2017 20:29:00
  • Last modified 20.04.2025 01:37:25

Buffer overflow in the password management functionality in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote authenticated users to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted key file.

7.5

CVE-2015-7691

  • EPSS 6.22%
  • Published 07.08.2017 20:29:00
  • Last modified 20.04.2025 01:37:25

The crypto_xmit function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (crash) via crafted packets containing particular autokey operations. NOTE: This vulnerability exists due to a...

7.5

CVE-2015-7692

  • EPSS 6.32%
  • Published 07.08.2017 20:29:00
  • Last modified 20.04.2025 01:37:25

The crypto_xmit function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (crash). NOTE: This vulnerability exists due to an incomplete fix for CVE-2014-9750.

7.5

CVE-2015-7701

  • EPSS 7.8%
  • Published 07.08.2017 20:29:00
  • Last modified 20.04.2025 01:37:25

Memory leak in the CRYPTO_ASSOC function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (memory consumption).

6.5

CVE-2015-7702

  • EPSS 1.42%
  • Published 07.08.2017 20:29:00
  • Last modified 20.04.2025 01:37:25

The crypto_xmit function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (crash). NOTE: This vulnerability exists due to an incomplete fix for CVE-2014-9750.

7.5

CVE-2015-7704

  • EPSS 22.61%
  • Published 07.08.2017 20:29:00
  • Last modified 20.04.2025 01:37:25

The ntpd client in NTP 4.x before 4.2.8p4 and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service via a number of crafted "KOD" messages.

9.8

CVE-2015-7705

  • EPSS 25%
  • Published 07.08.2017 20:29:00
  • Last modified 20.04.2025 01:37:25

The rate limiting feature in NTP 4.x before 4.2.8p4 and 4.3.x before 4.3.77 allows remote attackers to have unspecified impact via a large number of crafted requests.

6.5

CVE-2015-7850

  • EPSS 2.8%
  • Published 07.08.2017 20:29:00
  • Last modified 20.04.2025 01:37:25

ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote authenticated users to cause a denial of service (infinite loop or crash) by pointing the key file at the log file.