VYPR

Ntpd Rs

by Pendulum Project

Source repositories

CVEs (4)

  • CVE-2024-38528HigJun 28, 2024
    risk 0.42cvss 7.5epss 0.01

    nptd-rs is a tool for synchronizing your computer's clock, implementing the NTP and NTS protocols. There is a missing limit for accepted NTS-KE connections. This allows an unauthenticated remote attacker to crash ntpd-rs when an NTS-KE server is configured. Non NTS-KE server…

  • CVE-2025-58066MedAug 29, 2025
    risk 0.27cvss 5.3epss 0.00

    nptd-rs is a tool for synchronizing your computer's clock, implementing the NTP and NTS protocols. In versions between 1.2.0 and 1.6.1 inclusive servers which allow non-NTS traffic are affected by a denial of service vulnerability, where an attacker can induce a message storm…

  • CVE-2026-26076Feb 12, 2026
    risk 0.00cvss epss 0.00

    ntpd-rs is a full-featured implementation of the Network Time Protocol. Prior to 1.7.1, an attacker can remotely induce moderate increases (2-4 times above normal) in cpu usage. When having NTS enabled on an ntpd-rs server, an attacker can create malformed NTS packets that take…

  • CVE-2023-33192May 27, 2023
    risk 0.00cvss epss 0.01

    ntpd-rs is an NTP implementation written in Rust. ntpd-rs does not validate the length of NTS cookies in received NTP packets to the server. An attacker can crash the server by sending a specially crafted NTP packet containing a cookie shorter than what the server expects. The…