Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Linux Enterprise Desktop 11 SP4 package ntp, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (16)
CVE-2015-7705 — CVSS 9.8 (critical): The rate limiting feature in NTP 4.x before 4.2.8p4 and 4.3.x before 4.3.77 allows remote attackers to have unspecified impact via a large…
CVE-2015-7871 — CVSS 9.8 (critical): Crypto-NAK packets in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to bypass authentication.
CVE-2015-7853 — CVSS 9.8 (critical): The datalen parameter in the refclock driver in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to execute…
CVE-2015-7849 — CVSS 8.8 (high): Use-after-free vulnerability in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote authenticated users to possibly…
CVE-2015-7854 — CVSS 8.8 (high): Buffer overflow in the password management functionality in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote authenticated…
CVE-2015-7704 — CVSS 7.5 (high): The ntpd client in NTP 4.x before 4.2.8p4 and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service via a number of…
CVE-2015-7848 — CVSS 7.5 (high): An integer overflow can occur in NTP-dev.4.3.70 leading to an out-of-bounds memory copy operation when processing a specially crafted…
CVE-2015-7691 — CVSS 7.5 (high): The crypto_xmit function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service…
CVE-2015-7701 — CVSS 7.5 (high): Memory leak in the CRYPTO_ASSOC function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a…
CVE-2015-7692 — CVSS 7.5 (high): The crypto_xmit function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service…
CVE-2015-7703 — CVSS 7.5 (high): The "pidfile" or "driftfile" directives in NTP ntpd 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77, when ntpd is configured to allow remote…
CVE-2015-7702 — CVSS 6.5 (medium): The crypto_xmit function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service…
CVE-2015-7855 — CVSS 6.5 (medium): The decodenetnum function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service…
CVE-2015-7850 — CVSS 6.5 (medium): ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote authenticated users to cause a denial of service (infinite loop or…
CVE-2015-7851 — CVSS 6.5 (medium): Directory traversal vulnerability in the save_config function in ntpd in ntp_control.c in NTP before 4.2.8p4, when used on systems that do…
CVE-2015-7852 — CVSS 5.9 (medium): ntpq in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (crash) via crafted mode 6…