This CPE summary could be partial or incomplete. Please contact us for a detailed listing.

Summary

Detail
Vendor Ntp First view 2016-01-26
Product Ntp Last view 2020-06-24
Version 4.2.8 Type Application
Update p5  
Edition *  
Language *  
Sofware Edition *  
Target Software *  
Target Hardware *  
Other *  
 
CPE Product cpe:2.3:a:ntp:ntp

Activity : Overall

Related : CVE

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
  Date Alert Description
4.9 2020-06-24 CVE-2020-15025

ntpd in ntp 4.2.8 before 4.2.8p15 and 4.3.x before 4.3.101 allows remote attackers to cause a denial of service (memory consumption) by sending packets, because memory is not freed in situations where a CMAC key is used and associated with a CMAC algorithm in the ntp.keys file.

7.4 2020-06-04 CVE-2020-13817

ntpd in ntp before 4.2.8p14 and 4.3.x before 4.3.100 allows remote attackers to cause a denial of service (daemon exit or system time change) by predicting transmit timestamps for use in spoofed packets. The victim must be relying on unauthenticated IPv4 time sources. There must be an off-path attacker who can query time from the victim's ntpd instance.

7.5 2020-04-17 CVE-2020-11868

ntpd in ntp before 4.2.8p14 and 4.3.x before 4.3.100 allows an off-path attacker to block unauthenticated synchronization via a server mode packet with a spoofed source IP address, because transmissions are rescheduled even when a packet lacks a valid origin timestamp.

6.5 2020-01-28 CVE-2015-7851

Directory traversal vulnerability in the save_config function in ntpd in ntp_control.c in NTP before 4.2.8p4, when used on systems that do not use '\' or '/' characters for directory separation such as OpenVMS, allows remote authenticated users to overwrite arbitrary files.

7.5 2019-05-15 CVE-2019-8936

NTP through 4.2.8p12 has a NULL Pointer Dereference.

7.5 2018-03-06 CVE-2018-7185

The protocol engine in ntp 4.2.6 before 4.2.8p11 allows a remote attackers to cause a denial of service (disruption) by continually sending a packet with a zero-origin timestamp and source IP address of the "other side" of an interleaved association causing the victim ntpd to reset its association.

7.5 2018-03-06 CVE-2018-7184

ntpd in ntp 4.2.8p4 before 4.2.8p11 drops bad packets before updating the "received" timestamp, which allows remote attackers to cause a denial of service (disruption) by sending a packet with a zero-origin timestamp causing the association to reset and setting the contents of the packet as the most recent timestamp. This issue is a result of an incomplete fix for CVE-2015-7704.

5.3 2018-03-06 CVE-2018-7170

ntpd in ntp 4.2.x before 4.2.8p7 and 4.3.x before 4.3.92 allows authenticated users that know the private symmetric key to create arbitrarily-many ephemeral associations in order to win the clock selection of ntpd and modify a victim's clock via a Sybil attack. This issue exists because of an incomplete fix for CVE-2016-1549.

5.3 2017-08-24 CVE-2015-5146

ntpd in ntp before 4.2.8p3 with remote configuration enabled allows remote authenticated users with knowledge of the configuration password and access to a computer entrusted to perform remote configuration to cause a denial of service (service crash) via a NULL byte in a crafted configuration directive packet.

9.8 2017-08-07 CVE-2015-7871

Crypto-NAK packets in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to bypass authentication.

6.5 2017-08-07 CVE-2015-7855

The decodenetnum function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (assertion failure) via a 6 or mode 7 packet containing a long data value.

8.8 2017-08-07 CVE-2015-7854

Buffer overflow in the password management functionality in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote authenticated users to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted key file.

9.8 2017-08-07 CVE-2015-7853

The datalen parameter in the refclock driver in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to execute arbitrary code or cause a denial of service (crash) via a negative input value.

5.9 2017-08-07 CVE-2015-7852

ntpq in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (crash) via crafted mode 6 response packets.

6.5 2017-08-07 CVE-2015-7850

ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote authenticated users to cause a denial of service (infinite loop or crash) by pointing the key file at the log file.

8.8 2017-08-07 CVE-2015-7849

Use-after-free vulnerability in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote authenticated users to possibly execute arbitrary code or cause a denial of service (crash) via crafted packets.

9.8 2017-08-07 CVE-2015-7705

The rate limiting feature in NTP 4.x before 4.2.8p4 and 4.3.x before 4.3.77 allows remote attackers to have unspecified impact via a large number of crafted requests.

7.5 2017-08-07 CVE-2015-7704

The ntpd client in NTP 4.x before 4.2.8p4 and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service via a number of crafted "KOD" messages.

6.5 2017-08-07 CVE-2015-7702

The crypto_xmit function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (crash). NOTE: This vulnerability exists due to an incomplete fix for CVE-2014-9750.

7.5 2017-08-07 CVE-2015-7701

Memory leak in the CRYPTO_ASSOC function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (memory consumption).

7.5 2017-08-07 CVE-2015-7692

The crypto_xmit function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (crash). NOTE: This vulnerability exists due to an incomplete fix for CVE-2014-9750.

7.5 2017-08-07 CVE-2015-7691

The crypto_xmit function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (crash) via crafted packets containing particular autokey operations. NOTE: This vulnerability exists due to an incomplete fix for CVE-2014-9750.

7.5 2017-07-24 CVE-2015-7703

The "pidfile" or "driftfile" directives in NTP ntpd 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77, when ntpd is configured to allow remote configuration, allows remote attackers with an IP address that is allowed to send configuration requests, and with knowledge of the remote configuration password to write to arbitrary files via the :config command.

7.5 2017-07-21 CVE-2015-5300

The panic_gate check in NTP before 4.2.8p5 is only re-enabled after the first change to the system clock that was greater than 128 milliseconds by default, which allows remote attackers to set NTP to an arbitrary time when started with the -g option, or to alter the time by up to 900 seconds otherwise by responding to an unspecified number of requests from trusted sources, and leveraging a resulting denial of service (abort and restart).

5.9 2017-01-30 CVE-2016-2519

ntpd in NTP before 4.2.8p7 and 4.3.x before 4.3.92 allows remote attackers to cause a denial of service (ntpd abort) by a large request data value, which triggers the ctl_getitem function to return a NULL value.

CWE : Common Weakness Enumeration

%idName
33% (15) CWE-20 Improper Input Validation
8% (4) CWE-400 Uncontrolled Resource Consumption ('Resource Exhaustion')
6% (3) CWE-476 NULL Pointer Dereference
6% (3) CWE-287 Improper Authentication
4% (2) CWE-362 Race Condition
4% (2) CWE-284 Access Control (Authorization) Issues
4% (2) CWE-254 Security Features
4% (2) CWE-120 Buffer Copy without Checking Size of Input ('Classic Buffer Overflo...
4% (2) CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer
2% (1) CWE-772 Missing Release of Resource after Effective Lifetime
2% (1) CWE-682 Incorrect Calculation
2% (1) CWE-416 Use After Free
2% (1) CWE-401 Failure to Release Memory Before Removing Last Reference ('Memory L...
2% (1) CWE-399 Resource Management Errors
2% (1) CWE-361 Time and State
2% (1) CWE-125 Out-of-bounds Read
2% (1) CWE-22 Improper Limitation of a Pathname to a Restricted Directory ('Path ...
2% (1) CWE-19 Data Handling
2% (1) CWE-18 Source Code

Snort® IPS/IDS

Date Description
2018-05-22 Multiple Vendors NTP zero-origin timestamp denial of service attempt
RuleID : 46387 - Type : SERVER-OTHER - Revision : 3
2017-01-04 ntpd mrulist control message command null pointer dereference attempt
RuleID : 40897 - Type : SERVER-OTHER - Revision : 3
2016-12-29 ntpd mrulist control message command null pointer dereference attempt
RuleID : 40864 - Type : SERVER-OTHER - Revision : 3
2016-12-29 ntpd mrulist control message command null pointer dereference attempt
RuleID : 40863 - Type : SERVER-OTHER - Revision : 3
2016-12-29 ntpd mrulist control message command null pointer dereference attempt
RuleID : 40862 - Type : SERVER-OTHER - Revision : 3
2016-12-29 ntpd mrulist control message command null pointer dereference attempt
RuleID : 40861 - Type : SERVER-OTHER - Revision : 3
2016-12-29 ntpd mrulist control message command null pointer dereference attempt
RuleID : 40860 - Type : SERVER-OTHER - Revision : 3
2016-12-29 ntpd mrulist control message command null pointer dereference attempt
RuleID : 40859 - Type : SERVER-OTHER - Revision : 3
2016-12-29 ntpd mrulist control message command null pointer dereference attempt
RuleID : 40858 - Type : SERVER-OTHER - Revision : 3
2016-12-29 ntpd mrulist control message command null pointer dereference attempt
RuleID : 40857 - Type : SERVER-OTHER - Revision : 3
2016-12-29 ntpd mrulist control message command null pointer dereference attempt
RuleID : 40856 - Type : SERVER-OTHER - Revision : 3
2016-12-29 ntpd mrulist control message command null pointer dereference attempt
RuleID : 40855 - Type : SERVER-OTHER - Revision : 3
2016-12-20 NTP origin timestamp denial of service attempt
RuleID : 40811 - Type : SERVER-OTHER - Revision : 4
2016-03-14 NTP crypto-NAK possible DoS attempt
RuleID : 37843 - Type : SERVER-OTHER - Revision : 4
2016-03-14 NTP arbitrary pidfile and driftfile overwrite attempt
RuleID : 37526 - Type : SERVER-OTHER - Revision : 3
2016-03-14 NTP arbitrary pidfile and driftfile overwrite attempt
RuleID : 37525 - Type : SERVER-OTHER - Revision : 4
2016-03-14 NTP decodenetnum assertion failure denial of service attempt
RuleID : 36633 - Type : SERVER-OTHER - Revision : 3
2016-03-14 NTP decodenetnum assertion failure denial of service attempt
RuleID : 36632 - Type : SERVER-OTHER - Revision : 3
2016-03-14 NTP crypto-NAK packet flood attempt
RuleID : 36536 - Type : SERVER-OTHER - Revision : 5
2015-10-01 ntpd saveconfig directory traversal attempt
RuleID : 36253 - Type : SERVER-OTHER - Revision : 5
2015-10-01 ntpd remote configuration denial of service attempt
RuleID : 36252 - Type : SERVER-OTHER - Revision : 4
2015-10-01 ntpq atoascii memory corruption attempt
RuleID : 36251 - Type : SERVER-OTHER - Revision : 4
2015-10-01 ntpd keyfile buffer overflow attempt
RuleID : 36250 - Type : SERVER-OTHER - Revision : 4

Nessus® Vulnerability Scanner

This CPE have more than 25 Relations. If you want to see a complete summary for this CPE, please contact us.
id Description
2019-01-03 Name: The remote Fedora host is missing a security update.
File: fedora_2018-e585e25b72.nasl - Type: ACT_GATHER_INFO
2018-09-20 Name: The remote Amazon Linux AMI host is missing a security update.
File: ala_ALAS-2018-1083.nasl - Type: ACT_GATHER_INFO
2018-08-17 Name: The remote PhotonOS host is missing multiple security updates.
File: PhotonOS_PHSA-2017-0003.nasl - Type: ACT_GATHER_INFO
2018-08-17 Name: The remote PhotonOS host is missing multiple security updates.
File: PhotonOS_PHSA-2018-1_0-0167.nasl - Type: ACT_GATHER_INFO
2018-05-29 Name: The remote Gentoo host is missing one or more security-related patches.
File: gentoo_GLSA-201805-12.nasl - Type: ACT_GATHER_INFO
2018-05-11 Name: The remote Amazon Linux 2 host is missing a security update.
File: al2_ALAS-2018-1009.nasl - Type: ACT_GATHER_INFO
2018-05-11 Name: The remote Amazon Linux AMI host is missing a security update.
File: ala_ALAS-2018-1009.nasl - Type: ACT_GATHER_INFO
2018-03-09 Name: The remote NTP server is affected by multiple vulnerabilities.
File: ntp_4_2_8p11.nasl - Type: ACT_GATHER_INFO
2018-03-02 Name: The remote Slackware host is missing a security update.
File: Slackware_SSA_2018-060-02.nasl - Type: ACT_GATHER_INFO
2018-02-28 Name: The version of Arista Networks EOS running on the remote device is affected b...
File: arista_eos_sa0019.nasl - Type: ACT_GATHER_INFO
2018-02-28 Name: The remote FreeBSD host is missing one or more security-related updates.
File: freebsd_pkg_af485ef41c5811e88477d05099c0ae8c.nasl - Type: ACT_GATHER_INFO
2018-01-03 Name: The remote device is missing a vendor-supplied security patch.
File: f5_bigip_SOL17114.nasl - Type: ACT_GATHER_INFO
2017-10-27 Name: The remote OracleVM host is missing one or more security updates.
File: oraclevm_OVMSA-2017-0165.nasl - Type: ACT_GATHER_INFO
2017-10-23 Name: The remote device is affected by multiple vulnerabilities.
File: juniper_space_jsa_10826.nasl - Type: ACT_GATHER_INFO
2017-08-09 Name: The remote AIX host has a version of NTP installed that is affected by multip...
File: aix_ntp_v3_advisory4.nasl - Type: ACT_GATHER_INFO
2017-08-09 Name: The remote AIX host has a version of NTP installed that is affected by multip...
File: aix_ntp_v4_advisory4.nasl - Type: ACT_GATHER_INFO
2017-08-09 Name: The remote AIX host has a version of NTP installed that is affected by a data...
File: aix_ntp_v4_advisory5.nasl - Type: ACT_GATHER_INFO
2017-08-03 Name: The remote AIX host has a version of NTP installed that is affected by multip...
File: aix_ntp_v3_advisory7.nasl - Type: ACT_GATHER_INFO
2017-08-03 Name: The remote AIX host has a version of NTP installed that is affected by multip...
File: aix_ntp_v3_advisory8.nasl - Type: ACT_GATHER_INFO
2017-07-13 Name: The remote Virtuozzo host is missing a security update.
File: Virtuozzo_VZLSA-2017-0252.nasl - Type: ACT_GATHER_INFO
2017-07-10 Name: The remote EulerOS host is missing multiple security updates.
File: EulerOS_SA-2017-1124.nasl - Type: ACT_GATHER_INFO
2017-07-10 Name: The remote EulerOS host is missing multiple security updates.
File: EulerOS_SA-2017-1125.nasl - Type: ACT_GATHER_INFO
2017-07-06 Name: The remote Ubuntu host is missing a security-related patch.
File: ubuntu_USN-3349-1.nasl - Type: ACT_GATHER_INFO
2017-05-12 Name: The remote device is missing a vendor-supplied security patch.
File: f5_bigip_SOL55405388.nasl - Type: ACT_GATHER_INFO
2017-05-01 Name: The remote EulerOS host is missing multiple security updates.
File: EulerOS_SA-2016-1060.nasl - Type: ACT_GATHER_INFO