Max CVSS | 7.5 | Min CVSS | 3.5 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2018-7183 | 7.5 |
Buffer overflow in the decodearr function in ntpq in ntp 4.2.8p6 through 4.2.8p10 allows remote attackers to execute arbitrary code by leveraging an ntpq query and sending a response with a crafted array.
|
20-07-2021 - 23:15 | 08-03-2018 - 20:29 | |
CVE-2018-7184 | 5.0 |
ntpd in ntp 4.2.8p4 before 4.2.8p11 drops bad packets before updating the "received" timestamp, which allows remote attackers to cause a denial of service (disruption) by sending a packet with a zero-origin timestamp causing the association to reset
|
24-08-2020 - 17:37 | 06-03-2018 - 20:29 | |
CVE-2018-7185 | 5.0 |
The protocol engine in ntp 4.2.6 before 4.2.8p11 allows a remote attackers to cause a denial of service (disruption) by continually sending a packet with a zero-origin timestamp and source IP address of the "other side" of an interleaved association
|
24-08-2020 - 17:37 | 06-03-2018 - 20:29 | |
CVE-2018-7170 | 3.5 |
ntpd in ntp 4.2.x before 4.2.8p7 and 4.3.x before 4.3.92 allows authenticated users that know the private symmetric key to create arbitrarily-many ephemeral associations in order to win the clock selection of ntpd and modify a victim's clock via a Sy
|
18-06-2020 - 14:01 | 06-03-2018 - 20:29 | |
CVE-2018-7182 | 5.0 |
The ctl_getitem method in ntpd in ntp-4.2.8p6 before 4.2.8p11 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted mode 6 packet with a ntpd instance from 4.2.8p6 through 4.2.8p10.
|
31-10-2019 - 19:15 | 06-03-2018 - 20:29 | |
CVE-2016-1549 | 4.0 |
A malicious authenticated peer can create arbitrarily-many ephemeral associations in order to win the clock selection algorithm in ntpd in NTP 4.2.8p4 and earlier and NTPsec 3e160db8dc248a0bcb053b56a80167dc742d2b74 and a5fb34b9cc89b92a8fef2f459004865
|
28-03-2018 - 01:29 | 06-01-2017 - 21:59 |