The following vulnerabilities have been found by Cisco in ntpd, the most widely deployed NTP server implementation.
These versione have been found vulnerable:
4.2.5p186 though 4.2.8p3 and 4.3.70 ( development version)
CVE-2015-7871 – Authentication Bypass Vulnerability
An error handling logic error exists within ntpd that manifests due to improper error condition handling associated with certain crypto-NAK packets
It is then possible to bypass the authentication typically required to establish a peer association and allows an attacker to make arbitrary changes to system time.
Several Memory Corruptions
CVE-2015-7849 – Network Time Protocol Trusted Keys Memory Corruption Vulnerability
CVE-2015-7852 – Network Time Protocol ntpq atoascii Memory Corruption Vulnerability
CVE-2015-7853 – Network Time Protocol Reference Clock Memory Corruption Vulnerability
CVE-2015-7854 – Network Time Protocol Password Length Memory Corruption Vulnerability
Denial of Service vulnerabilities
CVE-2015-7848 – Network Time Protocol Multiple Integer Overflow Read Access Violations
CVE-2015-7850 – Network Time Protocol Remote Configuration Denial of Service Vulnerability
Directory Traversal / File Overwrite
CVE-2015-7851 – Network Time Protocol saveconfig Directory Traversal Vulnerability