Max CVSS | 5.8 | Min CVSS | 2.1 | Total Count | 2 |
ID | CVSS | Summary | Last (major) update | Published | |
CVE-2015-7977 | 4.3 |
ntpd in NTP before 4.2.8p6 and 4.3.x before 4.3.90 allows remote attackers to cause a denial of service (NULL pointer dereference) via a ntpdc reslist command.
|
01-02-2022 - 18:13 | 30-01-2017 - 21:59 | |
CVE-2015-8138 | 5.0 |
NTP before 4.2.8p6 and 4.3.x before 4.3.90 allows remote attackers to bypass the origin timestamp validation via a packet with an origin timestamp set to zero.
|
17-11-2021 - 22:15 | 30-01-2017 - 21:59 | |
CVE-2015-7973 | 5.8 |
NTP before 4.2.8p6 and 4.3.x before 4.3.90, when configured in broadcast mode, allows man-in-the-middle attackers to conduct replay attacks by sniffing the network.
|
26-04-2021 - 17:42 | 30-01-2017 - 21:59 | |
CVE-2015-7979 | 5.0 |
NTP before 4.2.8p6 and 4.3.x before 4.3.90 allows remote attackers to cause a denial of service (client-server association tear down) by sending broadcast packets with invalid authentication to a broadcast client.
|
15-04-2021 - 21:15 | 30-01-2017 - 21:59 | |
CVE-2015-7976 | 4.0 |
The ntpq saveconfig command in NTP 4.1.2, 4.2.x before 4.2.8p6, 4.3, 4.3.25, 4.3.70, and 4.3.77 does not properly filter special characters, which allows attackers to cause unspecified impact via a crafted filename.
|
30-10-2018 - 16:27 | 30-01-2017 - 21:59 | |
CVE-2015-7978 | 5.0 |
NTP before 4.2.8p6 and 4.3.0 before 4.3.90 allows a remote attackers to cause a denial of service (stack exhaustion) via an ntpdc relist command, which triggers recursive traversal of the restriction list.
|
18-05-2018 - 01:29 | 30-01-2017 - 21:59 | |
CVE-2015-8139 | 5.0 |
ntpq in NTP before 4.2.8p7 allows remote attackers to obtain origin timestamps and then impersonate peers via unspecified vectors.
|
21-11-2017 - 02:29 | 30-01-2017 - 21:59 | |
CVE-2015-8140 | 5.8 |
The ntpq protocol in NTP before 4.2.8p7 allows remote attackers to conduct replay attacks by sniffing the network.
|
21-11-2017 - 02:29 | 30-01-2017 - 21:59 | |
CVE-2015-7975 | 2.1 |
The nextvar function in NTP before 4.2.8p6 and 4.3.x before 4.3.90 does not properly validate the length of its input, which allows an attacker to cause a denial of service (application crash).
|
21-11-2017 - 02:29 | 30-01-2017 - 21:59 |