|Max CVSS||7.1||Min CVSS||5.0||Total Count||2|
|ID||CVSS||Summary||Last (major) update||Published|
ntpd in NTP before 4.2.8p9, when the trap service is enabled, allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted packet.
|24-01-2019 - 11:29||13-01-2017 - 16:59|
The MATCH_ASSOC function in NTP before version 4.2.8p9 and 4.3.x before 4.3.92 allows remote attackers to cause an out-of-bounds reference via an addpeer request with a large hmode value.
|18-05-2018 - 01:29||30-01-2017 - 21:59|
The ntpd client in NTP 4.x before 4.2.8p4 and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service via a number of crafted "KOD" messages.
|18-05-2018 - 01:29||07-08-2017 - 20:29|
NTP before 4.2.8p6 and 4.3.x before 4.3.90 allows remote attackers to bypass the origin timestamp validation via a packet with an origin timestamp set to zero.
|21-11-2017 - 02:29||30-01-2017 - 21:59|
The receive function in ntp_proto.c in ntpd in NTP before 4.2.8 continues to execute after detecting a certain authentication error, which might allow remote attackers to trigger an unintended association change via crafted packets.
|10-11-2017 - 02:29||20-12-2014 - 02:59|