Total vulnerabilities in the database
ntp_request.c in ntpd in NTP before 4.2.4p8, and 4.2.5, allows remote attackers to cause a denial of service (CPU and bandwidth consumption) by using MODE_PRIVATE to send a spoofed (1) request or (2) response packet that triggers a continuous exchange of MODE_PRIVATE error responses between two NTP daemons.
| Software | From | Fixed in |
|---|---|---|
| ntp / ntp | - | 4.2.2p4.x |
| ntp / ntp | 4.2.2 | 4.2.2.x |
| ntp / ntp | 4.2.0 | 4.2.0.x |
| ntp / ntp | 4.0.98 | 4.0.98.x |
| ntp / ntp | 4.0.72 | 4.0.72.x |
| ntp / ntp | 4.0.90 | 4.0.90.x |
| ntp / ntp | 4.0.96 | 4.0.96.x |
| ntp / ntp | 4.0.93 | 4.0.93.x |
| ntp / ntp | 4.1.0 | 4.1.0.x |
| ntp / ntp | 4.1.2 | 4.1.2.x |
| ntp / ntp | 4.2.5 | 4.2.5.x |
| ntp / ntp | 4.0.99 | 4.0.99.x |
| ntp / ntp | 4.0.95 | 4.0.95.x |
| ntp / ntp | 4.2.2p3 | 4.2.2p3.x |
| ntp / ntp | 4.2.2p2 | 4.2.2p2.x |
| ntp / ntp | 4.0.92 | 4.0.92.x |
| ntp / ntp | 4.0.73 | 4.0.73.x |
| ntp / ntp | 4.0.97 | 4.0.97.x |
| ntp / ntp | 4.0.91 | 4.0.91.x |
| ntp / ntp | 4.2.2p1 | 4.2.2p1.x |
| ntp / ntp | 4.0.94 | 4.0.94.x |