Search CVE reports
11 – 20 of 107 results
CVE-2018-8956
Low priorityntpd in ntp 4.2.8p10, 4.2.8p11, 4.2.8p12 and 4.2.8p13 allow remote attackers to prevent a broadcast client from synchronizing its clock with a broadcast NTP server via soofed mode 3 and mode 5 packets. The attacker must either be...
1 affected package
ntp
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
ntp | Not in release | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
CVE-2020-11868
Low priorityntpd in ntp before 4.2.8p14 and 4.3.x before 4.3.100 allows an off-path attacker to block unauthenticated synchronization via a server mode packet with a spoofed source IP address, because transmissions are rescheduled even when a...
2 affected packages
ntp, ntpsec
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
ntp | Not in release | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation |
ntpsec | Needs evaluation | Needs evaluation | Needs evaluation | Needs evaluation | Not in release |
CVE-2015-7851
Medium priorityDirectory traversal vulnerability in the save_config function in ntpd in ntp_control.c in NTP before 4.2.8p4, when used on systems that do not use '\' or '/' characters for directory separation such as OpenVMS, allows remote...
1 affected package
ntp
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
ntp | — | — | — | — | — |
CVE-2014-5209
Low priorityAn Information Disclosure vulnerability exists in NTP 4.2.7p25 private (mode 6/7) messages via a GET_RESTRICT control message, which could let a malicious user obtain sensitive information.
1 affected package
ntp
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
ntp | Not in release | Not affected | Not affected | Not affected | Not affected |
CVE-2019-8936
Medium prioritySome fixes available 6 of 9
NTP through 4.2.8p12 has a NULL Pointer Dereference.
1 affected package
ntp
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
ntp | — | Fixed | Fixed | Fixed | Not affected |
CVE-2019-6445
Medium priorityAn issue was discovered in NTPsec before 1.1.3. An authenticated attacker can cause a NULL pointer dereference and ntpd crash in ntp_control.c, related to ctl_getitem.
1 affected package
ntpsec
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
ntpsec | — | — | — | Fixed | Not in release |
CVE-2019-6444
Medium priorityAn issue was discovered in NTPsec before 1.1.3. process_control() in ntp_control.c has a stack-based buffer over-read because attacker-controlled data is dereferenced by ntohl() in ntpd.
1 affected package
ntpsec
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
ntpsec | — | — | — | Fixed | Not in release |
CVE-2019-6443
Medium priorityAn issue was discovered in NTPsec before 1.1.3. Because of a bug in ctl_getitem, there is a stack-based buffer over-read in read_sysvars in ntp_control.c in ntpd.
1 affected package
ntpsec
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
ntpsec | — | — | — | Fixed | Not in release |
CVE-2019-6442
Medium priorityAn issue was discovered in NTPsec before 1.1.3. An authenticated attacker can write one byte out of bounds in ntpd via a malformed config request, related to config_remotely in ntp_config.c, yyparse in ntp_parser.tab.c, and...
1 affected package
ntpsec
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
ntpsec | — | — | — | Fixed | Not in release |
CVE-2018-12327
Negligible prioritySome fixes available 3 of 5
Stack-based buffer overflow in ntpq and ntpdc of NTP version 4.2.8p11 allows an attacker to achieve code execution or escalate to higher privileges via a long string as the argument for an IPv4 or IPv6 command-line parameter....
1 affected package
ntp
Package | 24.04 LTS | 22.04 LTS | 20.04 LTS | 18.04 LTS | 16.04 LTS |
---|---|---|---|---|---|
ntp | — | Not affected | Not affected | Fixed | Fixed |