| CVE-2018-12327 |
AVG-723 |
Medium |
No |
Arbitrary code execution |
Stack-based buffer overflow in ntpq and ntpdc of NTP version 4.2.8p11 allows an attacker to achieve code execution or escalate to higher privileges via a... |
| CVE-2018-8956 |
AVG-1151 |
Low |
Yes |
Denial of service |
ntpd in ntp 4.2.8p10, 4.2.8p11, 4.2.8p12 and 4.2.8p13 allow remote attackers to prevent a broadcast client from synchronizing its clock with a broadcast NTP... |
| CVE-2018-7185 |
AVG-647 |
Medium |
Yes |
Denial of service |
The NTP Protocol allows for both non-authenticated and authenticated associations, in client/server, symmetric (peer), and several broadcast modes. In... |
| CVE-2018-7184 |
AVG-647 |
Medium |
Yes |
Denial of service |
The fix for NtpBug2952 was incomplete, and while it fixed one problem it created another. Specifically, it drops bad packets before updating the "received"... |
| CVE-2018-7183 |
AVG-647 |
High |
Yes |
Arbitrary code execution |
ntpq is a monitoring and control program for ntpd. decodearr() is an internal function of ntpq that is used to -- wait for it -- decode an array in a... |
| CVE-2018-7182 |
AVG-647 |
Medium |
Yes |
Denial of service |
ctl_getitem() is used by ntpd to process incoming mode 6 packets. A malicious mode 6 packet can be sent to an ntpd instance, and if the ntpd instance is... |
| CVE-2018-7170 |
AVG-647 |
High |
Yes |
Content spoofing |
ntpd can be vulnerable to Sybil attacks. If a system is set up to use a trustedkey and if one is not using the feature introduced in ntp-4.2.8p6 allowing an... |
| CVE-2016-9312 |
AVG-81 |
High |
Yes |
Denial of service |
If a vulnerable instance of ntpd on Windows receives a crafted malicious packet that is "too big", ntpd will stop working. |
| CVE-2016-9311 |
AVG-79 |
Medium |
Yes |
Denial of service |
ntpd does not enable trap service by default. If trap service has been explicitly enabled, an attacker can send a specially crafted packet to cause a null... |
| CVE-2016-9311 |
AVG-80 |
Medium |
Yes |
Denial of service |
ntpd does not enable trap service by default. If trap service has been explicitly enabled, an attacker can send a specially crafted packet to cause a null... |
| CVE-2016-9310 |
AVG-79 |
High |
Yes |
Denial of service |
An exploitable configuration modification vulnerability exists in the control mode (mode 6) functionality of ntpd. If, against long-standing BCP... |
| CVE-2016-9310 |
AVG-80 |
High |
Yes |
Denial of service |
An exploitable configuration modification vulnerability exists in the control mode (mode 6) functionality of ntpd. If, against long-standing BCP... |
| CVE-2016-7434 |
AVG-79 |
Medium |
Yes |
Denial of service |
If ntpd is configured to allow mrulist query requests from a server that sends a crafted malicious packet, ntpd will crash on receipt of that crafted... |
| CVE-2016-7434 |
AVG-80 |
Medium |
Yes |
Denial of service |
If ntpd is configured to allow mrulist query requests from a server that sends a crafted malicious packet, ntpd will crash on receipt of that crafted... |
| CVE-2016-7433 |
AVG-79 |
Low |
Yes |
Incorrect calculation |
ntpd Bug 2085 described a condition where the root delay was included twice, causing the jitter value to be higher than expected. Due to a misinterpretation... |
| CVE-2016-7433 |
AVG-80 |
Low |
Yes |
Incorrect calculation |
ntpd Bug 2085 described a condition where the root delay was included twice, causing the jitter value to be higher than expected. Due to a misinterpretation... |
| CVE-2016-7431 |
AVG-79 |
Medium |
Yes |
Insufficient validation |
Zero Origin timestamp problems were fixed by Bug 2945 in ntp-4.2.8p6. However, subsequent timestamp validation checks introduced a regression in the... |
| CVE-2016-7431 |
AVG-80 |
Medium |
Yes |
Insufficient validation |
Zero Origin timestamp problems were fixed by Bug 2945 in ntp-4.2.8p6. However, subsequent timestamp validation checks introduced a regression in the... |
| CVE-2016-7429 |
AVG-79 |
Low |
Yes |
Denial of service |
When ntpd receives a server response on a socket that corresponds to a different interface than was used for the request, the peer structure is updated to... |
| CVE-2016-7429 |
AVG-80 |
Low |
Yes |
Denial of service |
When ntpd receives a server response on a socket that corresponds to a different interface than was used for the request, the peer structure is updated to... |
| CVE-2016-7428 |
AVG-80 |
Medium |
Yes |
Denial of service |
The broadcast mode of NTP is expected to only be used in a trusted network. If the broadcast network is accessible to an attacker, a potentially exploitable... |
| CVE-2016-7428 |
AVG-79 |
Medium |
Yes |
Denial of service |
The broadcast mode of NTP is expected to only be used in a trusted network. If the broadcast network is accessible to an attacker, a potentially exploitable... |
| CVE-2016-7427 |
AVG-80 |
Medium |
Yes |
Denial of service |
The broadcast mode of NTP is expected to only be used in a trusted network. If the broadcast network is accessible to an attacker, a potentially exploitable... |
| CVE-2016-7427 |
AVG-79 |
Medium |
Yes |
Denial of service |
The broadcast mode of NTP is expected to only be used in a trusted network. If the broadcast network is accessible to an attacker, a potentially exploitable... |
| CVE-2016-7426 |
AVG-79 |
Low |
Yes |
Denial of service |
When ntpd is configured with rate limiting for all associations (restrict default limited in ntp.conf), the limits are applied also to responses received... |
| CVE-2016-7426 |
AVG-80 |
Low |
Yes |
Denial of service |
When ntpd is configured with rate limiting for all associations (restrict default limited in ntp.conf), the limits are applied also to responses received... |
| CVE-2016-1549 |
AVG-647 |
Medium |
Yes |
Content spoofing |
A malicious authenticated peer can create arbitrarily-many ephemeral associations in order to win the clock selection algorithm in ntpd in NTP 4.2.8p4 and... |