Bugs fixes in "ntp"
| Origin | Bug number | Title | Date fixed |
|---|---|---|---|
| CVE | CVE-2018-7183 | Buffer overflow in the decodearr function in ntpq in ntp 4.2.8p6 through 4.2.8p10 allows remote attackers to execute arbitrary code by leveraging an | 2018-07-09 |
| CVE | CVE-2018-7185 | The protocol engine in ntp 4.2.6 before 4.2.8p11 allows a remote attackers to cause a denial of service (disruption) by continually sending a packet | 2018-07-09 |
| CVE | CVE-2018-7184 | ntpd in ntp 4.2.8p4 before 4.2.8p11 drops bad packets before updating the "received" timestamp, which allows remote attackers to cause a denial of se | 2018-07-09 |
| CVE | CVE-2018-7183 | Buffer overflow in the decodearr function in ntpq in ntp 4.2.8p6 through 4.2.8p10 allows remote attackers to execute arbitrary code by leveraging an | 2018-07-09 |
| CVE | CVE-2018-7182 | The ctl_getitem method in ntpd in ntp-4.2.8p6 before 4.2.8p11 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted | 2018-07-09 |
| Launchpad | 1749389 | ntpdate lock apparmor deny | 2018-02-22 |
| Launchpad | 1749389 | ntpdate lock apparmor deny | 2018-02-14 |
| Launchpad | 1593907 | ntpdate startup routine prevents ntp service from launching up on Ubuntu 16.04 server on system boot; manually starting ntp service works: [FIX in DE | 2017-07-28 |
| Launchpad | 1593907 | ntpdate startup routine prevents ntp service from launching up on Ubuntu 16.04 server on system boot; manually starting ntp service works: [FIX in DE | 2017-07-12 |
| CVE | CVE-2017-6464 | NTP before 4.2.8p10 and 4.3.x before 4.3.94 allows remote attackers to cause a denial of service (ntpd crash) via a malformed mode configuration dire | 2017-07-05 |
| CVE | CVE-2017-6463 | NTP before 4.2.8p10 and 4.3.x before 4.3.94 allows remote authenticated users to cause a denial of service (daemon crash) via an invalid setting in a | 2017-07-05 |
| CVE | CVE-2017-6462 | Buffer overflow in the legacy Datum Programmable Time Server (DPTS) refclock driver in NTP before 4.2.8p10 and 4.3.x before 4.3.94 allows local users | 2017-07-05 |
| CVE | CVE-2017-6460 | Stack-based buffer overflow in the reslist function in ntpq in NTP before 4.2.8p10 and 4.3.x before 4.3.94 allows remote servers have unspecified imp | 2017-07-05 |
| CVE | CVE-2017-6458 | Multiple buffer overflows in the ctl_put* functions in NTP before 4.2.8p10 and 4.3.x before 4.3.94 allow remote authenticated users to have unspecifi | 2017-07-05 |
| CVE | CVE-2016-9311 | ntpd in NTP before 4.2.8p9, when the trap service is enabled, allows remote attackers to cause a denial of service (NULL pointer dereference and cras | 2017-07-05 |
| CVE | CVE-2016-9310 | The control mode (mode 6) functionality in ntpd in NTP before 4.2.8p9 allows remote attackers to set or unset traps via a crafted control mode packet | 2017-07-05 |
| CVE | CVE-2016-7434 | The read_mru_list function in NTP before 4.2.8p9 allows remote attackers to cause a denial of service (crash) via a crafted mrulist query. | 2017-07-05 |
| CVE | CVE-2016-7433 | NTP before 4.2.8p9 does not properly perform the initial sync calculations, which allows remote attackers to unspecified impact via unknown vectors, | 2017-07-05 |
| CVE | CVE-2016-7429 | NTP before 4.2.8p9 changes the peer structure to the interface it receives the response from a source, which allows remote attackers to cause a denia | 2017-07-05 |
| CVE | CVE-2016-7428 | ntpd in NTP before 4.2.8p9 allows remote attackers to cause a denial of service (reject broadcast mode packets) via the poll interval in a broadcast | 2017-07-05 |
About
-
Send Feedback to @ubuntu_updates
