VYPR

crates.io package

ntpd

pkg:cargo/ntpd

Vulnerabilities (2)

  • CVE-2024-38528HigJun 28, 2024
    affected >= 0.3.1, < 1.1.3fixed 1.1.3

    nptd-rs is a tool for synchronizing your computer's clock, implementing the NTP and NTS protocols. There is a missing limit for accepted NTS-KE connections. This allows an unauthenticated remote attacker to crash ntpd-rs when an NTS-KE server is configured. Non NTS-KE server conf

  • CVE-2023-33192May 27, 2023
    affected >= 0.3.0, < 0.3.3fixed 0.3.3

    ntpd-rs is an NTP implementation written in Rust. ntpd-rs does not validate the length of NTS cookies in received NTP packets to the server. An attacker can crash the server by sending a specially crafted NTP packet containing a cookie shorter than what the server expects. The se