Search Results (Refine Search)

Search Parameters:
  • Results Type: Overview
  • Keyword (text search): cpe:2.3:a:ntp:ntp:4.2.7:p6:*:*:*:*:*:*
There are 6 matching records.
Displaying matches 1 through 6.
Vuln ID Summary CVSS Severity
CVE-2016-2519

ntpd in NTP before 4.2.8p7 and 4.3.x before 4.3.92 allows remote attackers to cause a denial of service (ntpd abort) by a large request data value, which triggers the ctl_getitem function to return a NULL value.

Published: January 30, 2017; 4:59:01 PM -0500
V3.0: 5.9 MEDIUM
V2.0: 4.9 MEDIUM
CVE-2016-2517

NTP before 4.2.8p7 and 4.3.x before 4.3.92 allows remote attackers to cause a denial of service (prevent subsequent authentication) by leveraging knowledge of the controlkey or requestkey and sending a crafted packet to ntpd, which changes the value of trustedkey, controlkey, or requestkey. NOTE: this vulnerability exists because of a CVE-2016-2516 regression.

Published: January 30, 2017; 4:59:01 PM -0500
V3.0: 5.3 MEDIUM
V2.0: 4.9 MEDIUM
CVE-2016-2516

NTP before 4.2.8p7 and 4.3.x before 4.3.92, when mode7 is enabled, allows remote attackers to cause a denial of service (ntpd abort) by using the same IP address multiple times in an unconfig directive.

Published: January 30, 2017; 4:59:01 PM -0500
V3.0: 5.3 MEDIUM
V2.0: 7.1 HIGH
CVE-2015-8140

The ntpq protocol in NTP before 4.2.8p7 allows remote attackers to conduct replay attacks by sniffing the network.

Published: January 30, 2017; 4:59:00 PM -0500
V3.0: 4.8 MEDIUM
V2.0: 5.8 MEDIUM
CVE-2015-8139

ntpq in NTP before 4.2.8p7 allows remote attackers to obtain origin timestamps and then impersonate peers via unspecified vectors.

Published: January 30, 2017; 4:59:00 PM -0500
V3.0: 5.3 MEDIUM
V2.0: 5.0 MEDIUM
CVE-2016-7434

The read_mru_list function in NTP before 4.2.8p9 allows remote attackers to cause a denial of service (crash) via a crafted mrulist query.

Published: January 13, 2017; 11:59:00 AM -0500
V3.1: 7.5 HIGH
V2.0: 4.3 MEDIUM