ntp

Link package | bugs open | bugs closed | Wiki | GitHub | web search
Description Network Time Protocol reference implementation
Version 4.2.8.p11-2 [extra]

Resolved

Group Affected Fixed Severity Status Ticket
AVG-647 4.2.8.p10-1 4.2.8.p11-1 High Fixed
AVG-81 4.2.8.p8-1 4.2.8.p9-1 High Not affected
AVG-80 4.2.8.p8-1 4.2.8.p9-1 High Fixed
AVG-79 4.2.8.p8-1 4.2.8.p9-1 High Fixed
Issue Group Severity Remote Type Description
CVE-2018-7185 AVG-647 Medium Yes Denial of service
The NTP Protocol allows for both non-authenticated and authenticated associations, in client/server, symmetric (peer), and several broadcast modes. In...
CVE-2018-7184 AVG-647 Medium Yes Denial of service
The fix for NtpBug2952 was incomplete, and while it fixed one problem it created another. Specifically, it drops bad packets before updating the "received"...
CVE-2018-7183 AVG-647 High Yes Arbitrary code execution
ntpq is a monitoring and control program for ntpd. decodearr() is an internal function of ntpq that is used to -- wait for it -- decode an array in a...
CVE-2018-7182 AVG-647 Medium Yes Denial of service
ctl_getitem() is used by ntpd to process incoming mode 6 packets. A malicious mode 6 packet can be sent to an ntpd instance, and if the ntpd instance is...
CVE-2018-7170 AVG-647 High Yes Content spoofing
ntpd can be vulnerable to Sybil attacks. If a system is set up to use a trustedkey and if one is not using the feature introduced in ntp-4.2.8p6 allowing an...
CVE-2016-9312 AVG-81 High Yes Denial of service
If a vulnerable instance of ntpd on Windows receives a crafted malicious packet that is "too big", ntpd will stop working.
CVE-2016-9311 AVG-80 Medium Yes Denial of service
ntpd does not enable trap service by default. If trap service has been explicitly enabled, an attacker can send a specially crafted packet to cause a null...
CVE-2016-9311 AVG-79 Medium Yes Denial of service
ntpd does not enable trap service by default. If trap service has been explicitly enabled, an attacker can send a specially crafted packet to cause a null...
CVE-2016-9310 AVG-79 High Yes Denial of service
An exploitable configuration modification vulnerability exists in the control mode (mode 6) functionality of ntpd. If, against long-standing BCP...
CVE-2016-9310 AVG-80 High Yes Denial of service
An exploitable configuration modification vulnerability exists in the control mode (mode 6) functionality of ntpd. If, against long-standing BCP...
CVE-2016-7434 AVG-79 Medium Yes Denial of service
If ntpd is configured to allow mrulist query requests from a server that sends a crafted malicious packet, ntpd will crash on receipt of that crafted...
CVE-2016-7434 AVG-80 Medium Yes Denial of service
If ntpd is configured to allow mrulist query requests from a server that sends a crafted malicious packet, ntpd will crash on receipt of that crafted...
CVE-2016-7433 AVG-80 Low Yes Incorrect calculation
ntpd Bug 2085 described a condition where the root delay was included twice, causing the jitter value to be higher than expected. Due to a misinterpretation...
CVE-2016-7433 AVG-79 Low Yes Incorrect calculation
ntpd Bug 2085 described a condition where the root delay was included twice, causing the jitter value to be higher than expected. Due to a misinterpretation...
CVE-2016-7431 AVG-79 Medium Yes Insufficient validation
Zero Origin timestamp problems were fixed by Bug 2945 in ntp-4.2.8p6. However, subsequent timestamp validation checks introduced a regression in the...
CVE-2016-7431 AVG-80 Medium Yes Insufficient validation
Zero Origin timestamp problems were fixed by Bug 2945 in ntp-4.2.8p6. However, subsequent timestamp validation checks introduced a regression in the...
CVE-2016-7429 AVG-80 Low Yes Denial of service
When ntpd receives a server response on a socket that corresponds to a different interface than was used for the request, the peer structure is updated to...
CVE-2016-7429 AVG-79 Low Yes Denial of service
When ntpd receives a server response on a socket that corresponds to a different interface than was used for the request, the peer structure is updated to...
CVE-2016-7428 AVG-79 Medium Yes Denial of service
The broadcast mode of NTP is expected to only be used in a trusted network. If the broadcast network is accessible to an attacker, a potentially exploitable...
CVE-2016-7428 AVG-80 Medium Yes Denial of service
The broadcast mode of NTP is expected to only be used in a trusted network. If the broadcast network is accessible to an attacker, a potentially exploitable...
CVE-2016-7427 AVG-79 Medium Yes Denial of service
The broadcast mode of NTP is expected to only be used in a trusted network. If the broadcast network is accessible to an attacker, a potentially exploitable...
CVE-2016-7427 AVG-80 Medium Yes Denial of service
The broadcast mode of NTP is expected to only be used in a trusted network. If the broadcast network is accessible to an attacker, a potentially exploitable...
CVE-2016-7426 AVG-80 Low Yes Denial of service
When ntpd is configured with rate limiting for all associations (restrict default limited in ntp.conf), the limits are applied also to responses received...
CVE-2016-7426 AVG-79 Low Yes Denial of service
When ntpd is configured with rate limiting for all associations (restrict default limited in ntp.conf), the limits are applied also to responses received...
CVE-2016-1549 AVG-647 Medium Yes Content spoofing
A malicious authenticated peer can create arbitrarily-many ephemeral associations in order to win the clock selection algorithm in ntpd in NTP 4.2.8p4 and...

Advisories

Date Advisory Group Severity Description
16 Mar 2018 ASA-201803-11 AVG-647 High multiple issues
26 Nov 2016 ASA-201611-28 AVG-79 High multiple issues