Vulnerabilities (CVE)

Filtered by vendor Hpe Subscribe

Filtered by product Hpux-ntp

CVSS v3 Filter

ALL

NONE (0.0) LOW (0.1 - 3.9) MEDIUM (4.0 - 6.9) HIGH (7.0 - 8.9) CRITICAL (9.0 - 10.0)

Search

Total 2 CVE

CVE	Vendors	Products	Updated	CVSS v2	CVSS v3
CVE-2016-9042	4 Freebsd, Hpe, Ntp and 1 more	5 Freebsd, Hpux-ntp, Ntp and 2 more	2021-06-08	4.3 MEDIUM	5.9 MEDIUM
An exploitable denial of service vulnerability exists in the origin timestamp check functionality of ntpd 4.2.8p9. A specially crafted unauthenticated network packet can be used to reset the expected origin timestamp for target peers. Legitimate replies from targeted peers will fail the origin timestamp check (TEST2) causing the reply to be dropped and creating a denial of service condition.
CVE-2018-7170	4 Hpe, Netapp, Ntp and 1 more	10 Hpux-ntp, Hci, Solidfire and 7 more	2020-06-18	3.5 LOW	5.3 MEDIUM
ntpd in ntp 4.2.x before 4.2.8p7 and 4.3.x before 4.3.92 allows authenticated users that know the private symmetric key to create arbitrarily-many ephemeral associations in order to win the clock selection of ntpd and modify a victim's clock via a Sybil attack. This issue exists because of an incomplete fix for CVE-2016-1549.