UbuntuUpdates.org

Bugs fixes in "ntp"

Origin Bug number Title Date fixed
CVE CVE-2016-2519 ntpd in NTP before 4.2.8p7 and 4.3.x before 4.3.92 allows remote attackers to cause a denial of service (ntpd abort) by a large request data value, w 2017-07-05
CVE CVE-2017-6464 NTP before 4.2.8p10 and 4.3.x before 4.3.94 allows remote attackers to cause a denial of service (ntpd crash) via a malformed mode configuration dire 2017-07-05
CVE CVE-2017-6463 NTP before 4.2.8p10 and 4.3.x before 4.3.94 allows remote authenticated users to cause a denial of service (daemon crash) via an invalid setting in a 2017-07-05
CVE CVE-2017-6462 Buffer overflow in the legacy Datum Programmable Time Server (DPTS) refclock driver in NTP before 4.2.8p10 and 4.3.x before 4.3.94 allows local users 2017-07-05
CVE CVE-2017-6458 Multiple buffer overflows in the ctl_put* functions in NTP before 4.2.8p10 and 4.3.x before 4.3.94 allow remote authenticated users to have unspecifi 2017-07-05
CVE CVE-2016-9311 ntpd in NTP before 4.2.8p9, when the trap service is enabled, allows remote attackers to cause a denial of service (NULL pointer dereference and cras 2017-07-05
CVE CVE-2016-9310 The control mode (mode 6) functionality in ntpd in NTP before 4.2.8p9 allows remote attackers to set or unset traps via a crafted control mode packet 2017-07-05
CVE CVE-2016-7429 NTP before 4.2.8p9 changes the peer structure to the interface it receives the response from a source, which allows remote attackers to cause a denia 2017-07-05
CVE CVE-2016-7428 ntpd in NTP before 4.2.8p9 allows remote attackers to cause a denial of service (reject broadcast mode packets) via the poll interval in a broadcast 2017-07-05
CVE CVE-2016-7427 The broadcast mode replay prevention functionality in ntpd in NTP before 4.2.8p9 allows remote attackers to cause a denial of service (reject broadca 2017-07-05
CVE CVE-2016-7426 NTP before 4.2.8p9 rate limits responses received from the configured sources when rate limiting for all associations is enabled, which allows remote 2017-07-05
CVE CVE-2017-6464 NTP before 4.2.8p10 and 4.3.x before 4.3.94 allows remote attackers to cause a denial of service (ntpd crash) via a malformed mode configuration dire 2017-07-05
CVE CVE-2017-6463 NTP before 4.2.8p10 and 4.3.x before 4.3.94 allows remote authenticated users to cause a denial of service (daemon crash) via an invalid setting in a 2017-07-05
CVE CVE-2017-6462 Buffer overflow in the legacy Datum Programmable Time Server (DPTS) refclock driver in NTP before 4.2.8p10 and 4.3.x before 4.3.94 allows local users 2017-07-05
CVE CVE-2017-6460 Stack-based buffer overflow in the reslist function in ntpq in NTP before 4.2.8p10 and 4.3.x before 4.3.94 allows remote servers have unspecified imp 2017-07-05
CVE CVE-2017-6458 Multiple buffer overflows in the ctl_put* functions in NTP before 4.2.8p10 and 4.3.x before 4.3.94 allow remote authenticated users to have unspecifi 2017-07-05
CVE CVE-2016-9311 ntpd in NTP before 4.2.8p9, when the trap service is enabled, allows remote attackers to cause a denial of service (NULL pointer dereference and cras 2017-07-05
CVE CVE-2016-9310 The control mode (mode 6) functionality in ntpd in NTP before 4.2.8p9 allows remote attackers to set or unset traps via a crafted control mode packet 2017-07-05
CVE CVE-2016-7434 The read_mru_list function in NTP before 4.2.8p9 allows remote attackers to cause a denial of service (crash) via a crafted mrulist query. 2017-07-05
CVE CVE-2016-7433 NTP before 4.2.8p9 does not properly perform the initial sync calculations, which allows remote attackers to unspecified impact via unknown vectors, 2017-07-05



About   -   Send Feedback to @ubuntu_updates