CVEInsight.

Free vulnerability intelligence for developers, security teams, and researchers. Data sourced from public databases for informational purposes only.

Explore

Legal

CVE data sourced from NVD / NIST & public disclosures.

hpe

hpux-ntp

4 known vulnerabilities · sorted by CVSS score

CVE-2019-8936

HIGH7.5

NTP through 4.2.8p12 has a NULL Pointer Dereference.

netapp / clustered_data_ontap+34

Network

Published May 15, 2019

CVE-2018-7185

HIGH7.5

The protocol engine in ntp 4.2.6 before 4.2.8p11 allows a remote attackers to cause a denial of service (disruption) by continually sending a packet with a zero-origin timestamp and source IP address of the "other side" of an interleaved association causing the victim ntpd to reset its association.

ntp / ntp+49

Network

Published Mar 6, 2018

CVE-2016-9042

MEDIUM5.9

An exploitable denial of service vulnerability exists in the origin timestamp check functionality of ntpd 4.2.8p9. A specially crafted unauthenticated network packet can be used to reset the expected origin timestamp for target peers. Legitimate replies from targeted peers will fail the origin timestamp check (TEST2) causing the reply to be dropped and creating a denial of service condition.

ntp / ntp+4

Network

Published Jun 4, 2018

CVE-2018-7170

MEDIUM5.3

ntpd in ntp 4.2.x before 4.2.8p7 and 4.3.x before 4.3.92 allows authenticated users that know the private symmetric key to create arbitrarily-many ephemeral associations in order to win the clock selection of ntpd and modify a victim's clock via a Sybil attack. This issue exists because of an incomplete fix for CVE-2016-1549.

ntp / ntp+29

Network

Published Mar 6, 2018