yast2-ntp-client (SUSE:Linux Enterprise Software Development Kit 12 SP1) — known CVEs & security advisories
Known CVE vulnerabilities and GitHub Security Advisories affecting the SUSE:Linux Enterprise Software Development Kit 12 SP1 package yast2-ntp-client, with affected version ranges, CVSS severity, EPSS exploit prediction, and CISA KEV status.
CVEs (12)
CVE-2015-7974 — CVSS 7.7 (high): NTP 4.x before 4.2.8p6 and 4.3.x before 4.3.90 do not verify peer associations of symmetric keys when authenticating packets, which might…
CVE-2015-5300 — CVSS 7.5 (high): The panic_gate check in NTP before 4.2.8p5 is only re-enabled after the first change to the system clock that was greater than 128…
CVE-2015-7978 — CVSS 7.5 (high): NTP before 4.2.8p6 and 4.3.0 before 4.3.90 allows a remote attackers to cause a denial of service (stack exhaustion) via an ntpdc relist…
CVE-2015-7979 — CVSS 7.5 (high): NTP before 4.2.8p6 and 4.3.x before 4.3.90 allows remote attackers to cause a denial of service (client-server association tear down) by…
CVE-2015-7973 — CVSS 6.5 (medium): NTP before 4.2.8p6 and 4.3.x before 4.3.90, when configured in broadcast mode, allows man-in-the-middle attackers to conduct replay attacks…
CVE-2015-7975 — CVSS 6.2 (medium): The nextvar function in NTP before 4.2.8p6 and 4.3.x before 4.3.90 does not properly validate the length of its input, which allows an…
CVE-2015-7977 — CVSS 5.9 (medium): ntpd in NTP before 4.2.8p6 and 4.3.x before 4.3.90 allows remote attackers to cause a denial of service (NULL pointer dereference) via a…
CVE-2015-8158 — CVSS 5.9 (medium): The getresponse function in ntpq in NTP versions before 4.2.8p9 and 4.3.x before 4.3.90 allows remote attackers to cause a denial of…
CVE-2015-8138 — CVSS 5.3 (medium): NTP before 4.2.8p6 and 4.3.x before 4.3.90 allows remote attackers to bypass the origin timestamp validation via a packet with an origin…
CVE-2015-8139 — CVSS 5.3 (medium): ntpq in NTP before 4.2.8p7 allows remote attackers to obtain origin timestamps and then impersonate peers via unspecified vectors.
CVE-2015-8140 — CVSS 4.8 (medium): The ntpq protocol in NTP before 4.2.8p7 allows remote attackers to conduct replay attacks by sniffing the network.
CVE-2015-7976 — CVSS 4.3 (medium): The ntpq saveconfig command in NTP 4.1.2, 4.2.x before 4.2.8p6, 4.3, 4.3.25, 4.3.70, and 4.3.77 does not properly filter special…