rpm package
suse/ntp&distro=SUSE Linux Enterprise Module for Legacy 15
pkg:rpm/suse/ntp&distro=SUSE%20Linux%20Enterprise%20Module%20for%20Legacy%2015
Vulnerabilities (3)
| CVE | Sev | CVSS | KEV | Affected versions | Fixed in | Published | Description |
|---|---|---|---|---|---|---|---|
| CVE-2019-8936 | — | < 4.2.8p13-4.6.1 | 4.2.8p13-4.6.1 | May 15, 2019 | NTP through 4.2.8p12 has a NULL Pointer Dereference. | ||
| CVE-2018-12327 | — | < 4.2.8p12-4.3.2 | 4.2.8p12-4.3.2 | Jun 20, 2018 | Stack-based buffer overflow in ntpq and ntpdc of NTP version 4.2.8p11 allows an attacker to achieve code execution or escalate to higher privileges via a long string as the argument for an IPv4 or IPv6 command-line parameter. NOTE: It is unclear whether there are any common situa | ||
| CVE-2018-7170 | — | < 4.2.8p12-4.3.2 | 4.2.8p12-4.3.2 | Mar 6, 2018 | ntpd in ntp 4.2.x before 4.2.8p7 and 4.3.x before 4.3.92 allows authenticated users that know the private symmetric key to create arbitrarily-many ephemeral associations in order to win the clock selection of ntpd and modify a victim's clock via a Sybil attack. This issue exists |
- CVE-2019-8936May 15, 2019affected < 4.2.8p13-4.6.1fixed 4.2.8p13-4.6.1
NTP through 4.2.8p12 has a NULL Pointer Dereference.
- CVE-2018-12327Jun 20, 2018affected < 4.2.8p12-4.3.2fixed 4.2.8p12-4.3.2
Stack-based buffer overflow in ntpq and ntpdc of NTP version 4.2.8p11 allows an attacker to achieve code execution or escalate to higher privileges via a long string as the argument for an IPv4 or IPv6 command-line parameter. NOTE: It is unclear whether there are any common situa
- CVE-2018-7170Mar 6, 2018affected < 4.2.8p12-4.3.2fixed 4.2.8p12-4.3.2
ntpd in ntp 4.2.x before 4.2.8p7 and 4.3.x before 4.3.92 allows authenticated users that know the private symmetric key to create arbitrarily-many ephemeral associations in order to win the clock selection of ntpd and modify a victim's clock via a Sybil attack. This issue exists