Vulnerabilities > NTP > NTP > 4.3.80
DATE | CVE | VULNERABILITY TITLE | RISK |
---|---|---|---|
2020-06-04 | CVE-2020-13817 | Use of Insufficiently Random Values vulnerability in multiple products ntpd in ntp before 4.2.8p14 and 4.3.x before 4.3.100 allows remote attackers to cause a denial of service (daemon exit or system time change) by predicting transmit timestamps for use in spoofed packets. | 5.8 |
2018-03-06 | CVE-2018-7170 | Unspecified vulnerability in NTP ntpd in ntp 4.2.x before 4.2.8p7 and 4.3.x before 4.3.92 allows authenticated users that know the private symmetric key to create arbitrarily-many ephemeral associations in order to win the clock selection of ntpd and modify a victim's clock via a Sybil attack. | 3.5 |
2017-03-27 | CVE-2017-6464 | Improper Input Validation vulnerability in NTP NTP before 4.2.8p10 and 4.3.x before 4.3.94 allows remote attackers to cause a denial of service (ntpd crash) via a malformed mode configuration directive. | 4.0 |
2017-03-27 | CVE-2017-6463 | Improper Input Validation vulnerability in NTP NTP before 4.2.8p10 and 4.3.x before 4.3.94 allows remote authenticated users to cause a denial of service (daemon crash) via an invalid setting in a :config directive, related to the unpeer option. | 4.0 |
2017-03-27 | CVE-2017-6462 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in NTP Buffer overflow in the legacy Datum Programmable Time Server (DPTS) refclock driver in NTP before 4.2.8p10 and 4.3.x before 4.3.94 allows local users to have unspecified impact via a crafted /dev/datum device. | 4.6 |
2017-03-27 | CVE-2017-6460 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in NTP Stack-based buffer overflow in the reslist function in ntpq in NTP before 4.2.8p10 and 4.3.x before 4.3.94 allows remote servers have unspecified impact via a long flagstr variable in a restriction list response. | 6.5 |
2017-03-27 | CVE-2017-6459 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in NTP The Windows installer for NTP before 4.2.8p10 and 4.3.x before 4.3.94 allows local users to have unspecified impact via vectors related to an argument with multiple null bytes. | 2.1 |
2017-03-27 | CVE-2017-6458 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in multiple products Multiple buffer overflows in the ctl_put* functions in NTP before 4.2.8p10 and 4.3.x before 4.3.94 allow remote authenticated users to have unspecified impact via a long variable. | 8.8 |
2017-03-27 | CVE-2017-6455 | Code Injection vulnerability in NTP NTP before 4.2.8p10 and 4.3.x before 4.3.94, when using PPSAPI, allows local users to gain privileges via a DLL in the PPSAPI_DLLS environment variable. | 4.4 |
2017-03-27 | CVE-2017-6452 | Improper Restriction of Operations within the Bounds of a Memory Buffer vulnerability in NTP Stack-based buffer overflow in the Windows installer for NTP before 4.2.8p10 and 4.3.x before 4.3.94 allows local users to have unspecified impact via an application path on the command line. | 4.6 |