Dave Mills Ntpd vulnerabilities

CVE-2024-38528 [HIGH] CWE-770 Unlimited number of NTS-KE connections can crash ntpd-rs server Unlimited number of NTS-KE connections can crash ntpd-rs server ### Summary Missing limit for accepted NTS-KE connections allows an unauthenticated remote attacker to crash ntpd-rs when an NTS-KE server is configured. Non NTS-KE server configurations, such as the default ntpd-rs configuration, are unaffected. ### Details Operating systems have a limit for the number of open file descriptors (which inc

CVE-2023-33192 [HIGH] CWE-130 Improper handling of NTS cookie length that could crash the ntpd-rs server Improper handling of NTS cookie length that could crash the ntpd-rs server ### Impact ntpd-rs does not validate the length of NTS cookies in received NTP packets to the server. An attacker can crash the server by sending a specially crafted NTP packet containing a cookie shorter than what the server expects. The server also crashes when it is not configured to handle NTS packets. ntpd-rs ru

CVE-2005-2496 [MEDIUM] CVE-2005-2496: The xntpd ntp (ntpd) daemon before 4.2.0b, when run with the -u option and using a string to specify The xntpd ntp (ntpd) daemon before 4.2.0b, when run with the -u option and using a string to specify the group, uses the group ID of the user instead of the group, which causes xntpd to run with different privileges than intended.

CVE-2001-0414 [CRITICAL] CVE-2001-0414: Buffer overflow in ntpd ntp daemon 4.0.99k and earlier (aka xntpd and xntp3) allows remote attackers Buffer overflow in ntpd ntp daemon 4.0.99k and earlier (aka xntpd and xntp3) allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long readvar argument.