ntpd in ntp 4.2.8p4 before 4.2.8p11 drops bad packets before updating the “received” timestamp, which allows remote attackers to cause a denial of service (disruption) by sending a packet with a zero-origin timestamp causing the association to reset and setting the contents of the packet as the most recent timestamp. This issue is a result of an incomplete fix for CVE-2015-7704.

CPENameOperatorVersion
ubuntu_linuxeq16.04
ubuntu_linuxeq14.04
ubuntu_linuxeq17.10
ubuntu_linuxeq18.04
ntpeq4.2.8 p5
ntpeq4.2.8 p9
ntpeq4.2.8 p4
ntpeq4.2.8 p7
ntpeq4.2.8 p8
ntpeq4.2.8 p6

Name	Operator	Version
ubuntu_linux	eq	16.04
ubuntu_linux	eq	14.04
ubuntu_linux	eq	17.10
ubuntu_linux	eq	18.04
ntp	eq	4.2.8 p5
ntp	eq	4.2.8 p9
ntp	eq	4.2.8 p4
ntp	eq	4.2.8 p7
ntp	eq	4.2.8 p8
ntp	eq	4.2.8 p6

Rows per page:

1-10 of 181

References

packetstormsecurity.com/files/146631/Slackware-Security-Advisory-ntp-Updates.html

support.ntp.org/bin/view/Main/NtpBug3453

www.securityfocus.com/archive/1/541824/100/0/threaded

www.securityfocus.com/bid/103192

security.FreeBSD.org/advisories/FreeBSD-SA-18:02.ntp.asc

security.gentoo.org/glsa/201805-12

security.netapp.com/advisory/ntap-20180626-0001/

support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03962en_us

usn.ubuntu.com/3707-1/

www.synology.com/support/security/Synology_SA_18_13

debiancve 2

cvelist 2

ubuntucve 4

cve 2

nvd 2

f5 3

redhatcve 1

checkpoint_advisories 1

prion 1

nessus 58

openvas 47

redhat 2

veracode 1

centos 1

oraclelinux 3

ibm 18

amazon 3

ics 1

cloudfoundry 1

ubuntu 2

slackware 3

gentoo 2

symantec 2

mageia 2

fedora 6

archlinux 2

freebsd_advisory 2

freebsd 3

aix 1

arista 2

cisco 2

suse 7

fortinet 1

securityvulns 2

osv 2

debian 2

photon 2

cert 1

debiancve

CVE-2018-7184

2018-03-06 20:29:01

CVE-2015-7704

2017-08-07 20:29:00

cvelist

CVE-2018-7184

2018-03-06 20:00:00

CVE-2015-7704

2017-08-07 20:00:00

ubuntucve

CVE-2018-7184

2018-03-06 00:00:00

CVE-2015-7704

2015-10-22 00:00:00

CVE-2015-8138

2015-12-31 00:00:00

cve

CVE-2018-7184

2018-03-06 20:29:01

CVE-2015-7704

2017-08-07 20:29:00

nvd

CVE-2018-7184

2018-03-06 20:29:01

CVE-2015-7704

2017-08-07 20:29:00

K13540723 : NTP vulnerability CVE-2018-7184

2018-03-26 00:00:00

SOL17566 - NTP vulnerability CVE-2015-7704

2015-11-05 00:00:00

K17566 : NTP vulnerability CVE-2015-7704

2015-11-10 00:00:00

redhatcve

CVE-2018-7184

2018-02-28 19:49:03

checkpoint_advisories

NTP Kiss-o-Death Packet Denial of Service - Ver2 (CVE-2015-7704)

2018-06-25 00:00:00

prion

Code injection

2017-08-07 20:29:00

nessus

EulerOS 2.0 SP2 : ntp (EulerOS-SA-2020-2374)

2020-11-03 00:00:00

EulerOS Virtualization for ARM 64 3.0.2.0 : ntp (EulerOS-SA-2020-1210)

2020-03-13 00:00:00

EulerOS 2.0 SP5 : ntp (EulerOS-SA-2019-2215)

2019-11-08 00:00:00

openvas

Huawei EulerOS: Security Advisory for ntp (EulerOS-SA-2020-2374)

2020-11-04 00:00:00

Huawei EulerOS: Security Advisory for ntp (EulerOS-SA-2019-2215)

2020-01-23 00:00:00

Huawei EulerOS: Security Advisory for ntp (EulerOS-SA-2020-1210)

2020-03-13 00:00:00

redhat

(RHSA-2015:2520) Important: ntp security update

2015-11-26 00:00:00

(RHSA-2015:1930) Important: ntp security update

2015-10-26 00:00:00

veracode

Denial Of Service (DoS)

2019-01-15 09:08:52

centos

ntp, ntpdate, sntp security update

2015-10-26 15:51:06

oraclelinux

ntp security update

2015-10-26 00:00:00

ntp security, bug fix, and enhancement update

2015-11-23 00:00:00

ntp security and bug fix update

2016-05-12 00:00:00

ibm

Security Bulletin: IBM Security Access Manager for Mobile is affected by NTP vulnerabilities (CVE-2015-5300, CVE-2015-7704, CVE-2015-8138)

2018-06-16 21:42:33

Security Bulletin: Vulnerabilities in Network Time Protocol (NTP) affect IBM Security Identity Governance Appliance (CVE-2015-5300 CVE-2015-7704 CVE-2015-8138 )

2018-06-16 21:41:35

Security Bulletin: Vulnerabilities in ntp affect Power Hardware Management Console (CVE-2015-5300, CVE-2015-7704, CVE-2015-8138)

2021-09-23 01:31:39

amazon

Medium: ntp

2018-05-10 17:01:00

Medium: ntp

2018-05-10 17:11:00

Important: ntp

2015-10-27 16:42:00

ics

Siemens RUGGEDCOM ROX-based Devices NTP Vulnerabilities

2018-08-27 12:00:00

cloudfoundry

USN-3707-1: NTP vulnerabilities | Cloud Foundry

2018-07-19 00:00:00

ubuntu

NTP vulnerabilities

2018-07-09 00:00:00

NTP vulnerabilities

2015-10-27 00:00:00

slackware

[slackware-security] ntp

2018-03-01 23:49:07

[slackware-security] ntp

2016-04-29 21:57:25

[slackware-security] ntp

2015-10-29 22:49:05

gentoo

NTP: Multiple vulnerabilities

2018-05-26 00:00:00

NTP: Multiple vulnerabilities

2016-07-20 00:00:00

symantec

SA165: NTP Vulnerabilities February 2018

2018-04-26 08:00:00

SA103 : October 2015 NTP Security Vulnerabilities

2015-11-24 08:00:00

mageia

Updated ntp packages fix security vulnerabilities

2018-04-07 01:54:47

Updated ntp packages fixes security vulnerabilities

2015-10-26 00:50:36

fedora

[SECURITY] Fedora 26 Update: ntp-4.2.8p11-1.fc26

2018-03-27 19:30:28

[SECURITY] Fedora 27 Update: ntp-4.2.8p11-1.fc27

2018-03-27 20:16:30

[SECURITY] Fedora 27 Update: ntp-4.2.8p12-1.fc27

2018-09-26 20:17:54

archlinux

[ASA-201803-11] ntp: multiple issues

2018-03-16 00:00:00

ntp: multiple issues

2015-10-22 00:00:00

freebsd_advisory

FreeBSD-SA-18:02.ntp

2018-03-07 00:00:00

FreeBSD-SA-15:25.ntp

2015-10-26 00:00:00

freebsd

ntp -- multiple vulnerabilities

2018-02-27 00:00:00

ntp -- multiple vulnerabilities

2016-04-26 00:00:00

ntp -- 13 low- and medium-severity vulnerabilities

2015-10-21 00:00:00

aix

Vulnerabilities in NTP affect AIX,Vulnerabilities in NTP affect VIOS

2018-08-14 14:48:57

arista

Security Advisory 0019

2018-04-25 00:00:00

Security Advisory 0016

2015-11-04 00:00:00

cisco

Multiple Vulnerabilities in Network Time Protocol Daemon Affecting Cisco Products: April 2016

2016-04-28 09:00:00

Multiple Vulnerabilities in ntpd Affecting Cisco Products - October 2015

2015-10-21 23:00:00

suse

Security update for ntp (important)

2016-05-11 18:08:42

Security update for ntp (important)

2016-06-01 18:08:21

Security update for ntp (important)

2016-05-12 20:09:15

fortinet

ntp-4.2.8p7 Security Vulnerability Announcement April 2016

2017-04-03 00:00:00

securityvulns

ntp multiple security vulnerabilities

2015-11-01 00:00:00

[USN-2783-1] NTP vulnerabilities

2015-11-01 00:00:00

osv

ntp - security update

2015-11-01 00:00:00

ntp - security update

2015-10-28 00:00:00

debian

[SECURITY] [DLA 335-1] ntp security update

2015-10-28 20:45:05

[SECURITY] [DSA 3388-1] ntp security update

2015-11-01 22:20:55

photon

Critical Photon OS Security Update - PHSA-2018-0167

2018-07-27 00:00:00

Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2018-1.0-0167

2018-07-27 00:00:00

cert

NTP.org ntpd contains multiple vulnerabilities

2016-04-27 00:00:00

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

7 High

AI Score

Confidence

Low

0.86 High

EPSS

Percentile

98.6%

JSON

Related for PRION:CVE-2018-7184