Logo
-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security
Vulnerability Details
Registries
Custom Views
Weaknesses
Attack Patterns
Filters & Tools
Vulnerability Details :

CVE-2015-7979

Summary
Assigner-mitre
Assigner Org ID-8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At-30 Jan, 2017 | 21:00
Updated At-06 Aug, 2024 | 08:06
Rejected At-
Credits

NTP before 4.2.8p6 and 4.3.x before 4.3.90 allows remote attackers to cause a denial of service (client-server association tear down) by sending broadcast packets with invalid authentication to a broadcast client.

Vendors
-
Not available
Products
-
Metrics (CVSS)
VersionBase scoreBase severityVector
Weaknesses
Attack Patterns
Solution/Workaround
References
HyperlinkResource Type
EPSS History
Score
Latest Score
-
N/A
No data available for selected date range
Percentile
Latest Percentile
-
N/A
No data available for selected date range
Stakeholder-Specific Vulnerability Categorization (SSVC)
▼Common Vulnerabilities and Exposures (CVE)
cve.org
Assigner:mitre
Assigner Org ID:8254265b-2729-46b6-b9e3-3dfca2d5bfca
Published At:30 Jan, 2017 | 21:00
Updated At:06 Aug, 2024 | 08:06
Rejected At:
▼CVE Numbering Authority (CNA)

NTP before 4.2.8p6 and 4.3.x before 4.3.90 allows remote attackers to cause a denial of service (client-server association tear down) by sending broadcast packets with invalid authentication to a broadcast client.

Affected Products
Vendor
n/a
Product
n/a
Versions
Affected
  • n/a
Problem Types
TypeCWE IDDescription
textN/An/a
Type: text
CWE ID: N/A
Description: n/a
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160127-ntpd
vendor-advisory
x_refsource_CISCO
http://www.ubuntu.com/usn/USN-3096-1
vendor-advisory
x_refsource_UBUNTU
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00060.html
vendor-advisory
x_refsource_SUSE
http://www.debian.org/security/2016/dsa-3629
vendor-advisory
x_refsource_DEBIAN
https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03766en_us
x_refsource_CONFIRM
http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html
x_refsource_CONFIRM
https://access.redhat.com/errata/RHSA-2016:1141
vendor-advisory
x_refsource_REDHAT
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00026.html
vendor-advisory
x_refsource_SUSE
http://www.securitytracker.com/id/1034782
vdb-entry
x_refsource_SECTRACK
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00038.html
vendor-advisory
x_refsource_SUSE
https://www.kb.cert.org/vuls/id/718152
third-party-advisory
x_refsource_CERT-VN
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00020.html
vendor-advisory
x_refsource_SUSE
http://rhn.redhat.com/errata/RHSA-2016-1552.html
vendor-advisory
x_refsource_REDHAT
https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03750en_us
x_refsource_CONFIRM
http://lists.fedoraproject.org/pipermail/package-announce/2016-January/176434.html
vendor-advisory
x_refsource_FEDORA
http://rhn.redhat.com/errata/RHSA-2016-2583.html
vendor-advisory
x_refsource_REDHAT
https://security.netapp.com/advisory/ntap-20171031-0001/
x_refsource_CONFIRM
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00048.html
vendor-advisory
x_refsource_SUSE
http://www.securityfocus.com/bid/81816
vdb-entry
x_refsource_BID
http://support.ntp.org/bin/view/Main/SecurityNotice#April_2016_NTP_4_2_8p7_Security
x_refsource_CONFIRM
http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177507.html
vendor-advisory
x_refsource_FEDORA
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00042.html
vendor-advisory
x_refsource_SUSE
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00059.html
vendor-advisory
x_refsource_SUSE
https://security.FreeBSD.org/advisories/FreeBSD-SA-16:09.ntp.asc
vendor-advisory
x_refsource_FREEBSD
https://bto.bluecoat.com/security-advisory/sa113
x_refsource_CONFIRM
http://lists.opensuse.org/opensuse-updates/2016-05/msg00114.html
vendor-advisory
x_refsource_SUSE
https://security.gentoo.org/glsa/201607-15
vendor-advisory
x_refsource_GENTOO
https://cert-portal.siemens.com/productcert/pdf/ssa-497656.pdf
x_refsource_CONFIRM
https://us-cert.cisa.gov/ics/advisories/icsa-21-103-11
x_refsource_MISC
Hyperlink: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160127-ntpd
Resource:
vendor-advisory
x_refsource_CISCO
Hyperlink: http://www.ubuntu.com/usn/USN-3096-1
Resource:
vendor-advisory
x_refsource_UBUNTU
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00060.html
Resource:
vendor-advisory
x_refsource_SUSE
Hyperlink: http://www.debian.org/security/2016/dsa-3629
Resource:
vendor-advisory
x_refsource_DEBIAN
Hyperlink: https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03766en_us
Resource:
x_refsource_CONFIRM
Hyperlink: http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html
Resource:
x_refsource_CONFIRM
Hyperlink: https://access.redhat.com/errata/RHSA-2016:1141
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00026.html
Resource:
vendor-advisory
x_refsource_SUSE
Hyperlink: http://www.securitytracker.com/id/1034782
Resource:
vdb-entry
x_refsource_SECTRACK
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00038.html
Resource:
vendor-advisory
x_refsource_SUSE
Hyperlink: https://www.kb.cert.org/vuls/id/718152
Resource:
third-party-advisory
x_refsource_CERT-VN
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00020.html
Resource:
vendor-advisory
x_refsource_SUSE
Hyperlink: http://rhn.redhat.com/errata/RHSA-2016-1552.html
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03750en_us
Resource:
x_refsource_CONFIRM
Hyperlink: http://lists.fedoraproject.org/pipermail/package-announce/2016-January/176434.html
Resource:
vendor-advisory
x_refsource_FEDORA
Hyperlink: http://rhn.redhat.com/errata/RHSA-2016-2583.html
Resource:
vendor-advisory
x_refsource_REDHAT
Hyperlink: https://security.netapp.com/advisory/ntap-20171031-0001/
Resource:
x_refsource_CONFIRM
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00048.html
Resource:
vendor-advisory
x_refsource_SUSE
Hyperlink: http://www.securityfocus.com/bid/81816
Resource:
vdb-entry
x_refsource_BID
Hyperlink: http://support.ntp.org/bin/view/Main/SecurityNotice#April_2016_NTP_4_2_8p7_Security
Resource:
x_refsource_CONFIRM
Hyperlink: http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177507.html
Resource:
vendor-advisory
x_refsource_FEDORA
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00042.html
Resource:
vendor-advisory
x_refsource_SUSE
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00059.html
Resource:
vendor-advisory
x_refsource_SUSE
Hyperlink: https://security.FreeBSD.org/advisories/FreeBSD-SA-16:09.ntp.asc
Resource:
vendor-advisory
x_refsource_FREEBSD
Hyperlink: https://bto.bluecoat.com/security-advisory/sa113
Resource:
x_refsource_CONFIRM
Hyperlink: http://lists.opensuse.org/opensuse-updates/2016-05/msg00114.html
Resource:
vendor-advisory
x_refsource_SUSE
Hyperlink: https://security.gentoo.org/glsa/201607-15
Resource:
vendor-advisory
x_refsource_GENTOO
Hyperlink: https://cert-portal.siemens.com/productcert/pdf/ssa-497656.pdf
Resource:
x_refsource_CONFIRM
Hyperlink: https://us-cert.cisa.gov/ics/advisories/icsa-21-103-11
Resource:
x_refsource_MISC
▼Authorized Data Publishers (ADP)
CVE Program Container
Affected Products
Metrics
VersionBase scoreBase severityVector
Metrics Other Info
Impacts
CAPEC IDDescription
Solutions
Configurations
Workarounds
Exploits
Credits
Timeline
EventDate
Replaced By
Rejected Reason
References
HyperlinkResource
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160127-ntpd
vendor-advisory
x_refsource_CISCO
x_transferred
http://www.ubuntu.com/usn/USN-3096-1
vendor-advisory
x_refsource_UBUNTU
x_transferred
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00060.html
vendor-advisory
x_refsource_SUSE
x_transferred
http://www.debian.org/security/2016/dsa-3629
vendor-advisory
x_refsource_DEBIAN
x_transferred
https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03766en_us
x_refsource_CONFIRM
x_transferred
http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html
x_refsource_CONFIRM
x_transferred
https://access.redhat.com/errata/RHSA-2016:1141
vendor-advisory
x_refsource_REDHAT
x_transferred
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00026.html
vendor-advisory
x_refsource_SUSE
x_transferred
http://www.securitytracker.com/id/1034782
vdb-entry
x_refsource_SECTRACK
x_transferred
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00038.html
vendor-advisory
x_refsource_SUSE
x_transferred
https://www.kb.cert.org/vuls/id/718152
third-party-advisory
x_refsource_CERT-VN
x_transferred
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00020.html
vendor-advisory
x_refsource_SUSE
x_transferred
http://rhn.redhat.com/errata/RHSA-2016-1552.html
vendor-advisory
x_refsource_REDHAT
x_transferred
https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03750en_us
x_refsource_CONFIRM
x_transferred
http://lists.fedoraproject.org/pipermail/package-announce/2016-January/176434.html
vendor-advisory
x_refsource_FEDORA
x_transferred
http://rhn.redhat.com/errata/RHSA-2016-2583.html
vendor-advisory
x_refsource_REDHAT
x_transferred
https://security.netapp.com/advisory/ntap-20171031-0001/
x_refsource_CONFIRM
x_transferred
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00048.html
vendor-advisory
x_refsource_SUSE
x_transferred
http://www.securityfocus.com/bid/81816
vdb-entry
x_refsource_BID
x_transferred
http://support.ntp.org/bin/view/Main/SecurityNotice#April_2016_NTP_4_2_8p7_Security
x_refsource_CONFIRM
x_transferred
http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177507.html
vendor-advisory
x_refsource_FEDORA
x_transferred
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00042.html
vendor-advisory
x_refsource_SUSE
x_transferred
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00059.html
vendor-advisory
x_refsource_SUSE
x_transferred
https://security.FreeBSD.org/advisories/FreeBSD-SA-16:09.ntp.asc
vendor-advisory
x_refsource_FREEBSD
x_transferred
https://bto.bluecoat.com/security-advisory/sa113
x_refsource_CONFIRM
x_transferred
http://lists.opensuse.org/opensuse-updates/2016-05/msg00114.html
vendor-advisory
x_refsource_SUSE
x_transferred
https://security.gentoo.org/glsa/201607-15
vendor-advisory
x_refsource_GENTOO
x_transferred
https://cert-portal.siemens.com/productcert/pdf/ssa-497656.pdf
x_refsource_CONFIRM
x_transferred
https://us-cert.cisa.gov/ics/advisories/icsa-21-103-11
x_refsource_MISC
x_transferred
Hyperlink: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160127-ntpd
Resource:
vendor-advisory
x_refsource_CISCO
x_transferred
Hyperlink: http://www.ubuntu.com/usn/USN-3096-1
Resource:
vendor-advisory
x_refsource_UBUNTU
x_transferred
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00060.html
Resource:
vendor-advisory
x_refsource_SUSE
x_transferred
Hyperlink: http://www.debian.org/security/2016/dsa-3629
Resource:
vendor-advisory
x_refsource_DEBIAN
x_transferred
Hyperlink: https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03766en_us
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: https://access.redhat.com/errata/RHSA-2016:1141
Resource:
vendor-advisory
x_refsource_REDHAT
x_transferred
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00026.html
Resource:
vendor-advisory
x_refsource_SUSE
x_transferred
Hyperlink: http://www.securitytracker.com/id/1034782
Resource:
vdb-entry
x_refsource_SECTRACK
x_transferred
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00038.html
Resource:
vendor-advisory
x_refsource_SUSE
x_transferred
Hyperlink: https://www.kb.cert.org/vuls/id/718152
Resource:
third-party-advisory
x_refsource_CERT-VN
x_transferred
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00020.html
Resource:
vendor-advisory
x_refsource_SUSE
x_transferred
Hyperlink: http://rhn.redhat.com/errata/RHSA-2016-1552.html
Resource:
vendor-advisory
x_refsource_REDHAT
x_transferred
Hyperlink: https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03750en_us
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://lists.fedoraproject.org/pipermail/package-announce/2016-January/176434.html
Resource:
vendor-advisory
x_refsource_FEDORA
x_transferred
Hyperlink: http://rhn.redhat.com/errata/RHSA-2016-2583.html
Resource:
vendor-advisory
x_refsource_REDHAT
x_transferred
Hyperlink: https://security.netapp.com/advisory/ntap-20171031-0001/
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00048.html
Resource:
vendor-advisory
x_refsource_SUSE
x_transferred
Hyperlink: http://www.securityfocus.com/bid/81816
Resource:
vdb-entry
x_refsource_BID
x_transferred
Hyperlink: http://support.ntp.org/bin/view/Main/SecurityNotice#April_2016_NTP_4_2_8p7_Security
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177507.html
Resource:
vendor-advisory
x_refsource_FEDORA
x_transferred
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00042.html
Resource:
vendor-advisory
x_refsource_SUSE
x_transferred
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00059.html
Resource:
vendor-advisory
x_refsource_SUSE
x_transferred
Hyperlink: https://security.FreeBSD.org/advisories/FreeBSD-SA-16:09.ntp.asc
Resource:
vendor-advisory
x_refsource_FREEBSD
x_transferred
Hyperlink: https://bto.bluecoat.com/security-advisory/sa113
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: http://lists.opensuse.org/opensuse-updates/2016-05/msg00114.html
Resource:
vendor-advisory
x_refsource_SUSE
x_transferred
Hyperlink: https://security.gentoo.org/glsa/201607-15
Resource:
vendor-advisory
x_refsource_GENTOO
x_transferred
Hyperlink: https://cert-portal.siemens.com/productcert/pdf/ssa-497656.pdf
Resource:
x_refsource_CONFIRM
x_transferred
Hyperlink: https://us-cert.cisa.gov/ics/advisories/icsa-21-103-11
Resource:
x_refsource_MISC
x_transferred
Information is not available yet
▼National Vulnerability Database (NVD)
nvd.nist.gov
Source:cve@mitre.org
Published At:30 Jan, 2017 | 21:59
Updated At:20 Apr, 2025 | 01:37

NTP before 4.2.8p6 and 4.3.x before 4.3.90 allows remote attackers to cause a denial of service (client-server association tear down) by sending broadcast packets with invalid authentication to a broadcast client.

CISA Catalog
Date AddedDue DateVulnerability NameRequired Action
N/A
Date Added: N/A
Due Date: N/A
Vulnerability Name: N/A
Required Action: N/A
Metrics
TypeVersionBase scoreBase severityVector
Primary3.07.5HIGH
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Primary2.05.0MEDIUM
AV:N/AC:L/Au:N/C:N/I:N/A:P
Type: Primary
Version: 3.0
Base score: 7.5
Base severity: HIGH
Vector:
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
Type: Primary
Version: 2.0
Base score: 5.0
Base severity: MEDIUM
Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:P
CPE Matches
ntp
ntp
>>ntp>>Versions up to 4.2.8(inclusive)
cpe:2.3:a:ntp:ntp:*:p5:*:*:*:*:*:*
ntp
ntp
>>ntp>>4.3.0
cpe:2.3:a:ntp:ntp:4.3.0:*:*:*:*:*:*:*
ntp
ntp
>>ntp>>4.3.1
cpe:2.3:a:ntp:ntp:4.3.1:*:*:*:*:*:*:*
ntp
ntp
>>ntp>>4.3.2
cpe:2.3:a:ntp:ntp:4.3.2:*:*:*:*:*:*:*
ntp
ntp
>>ntp>>4.3.3
cpe:2.3:a:ntp:ntp:4.3.3:*:*:*:*:*:*:*
ntp
ntp
>>ntp>>4.3.4
cpe:2.3:a:ntp:ntp:4.3.4:*:*:*:*:*:*:*
ntp
ntp
>>ntp>>4.3.5
cpe:2.3:a:ntp:ntp:4.3.5:*:*:*:*:*:*:*
ntp
ntp
>>ntp>>4.3.6
cpe:2.3:a:ntp:ntp:4.3.6:*:*:*:*:*:*:*
ntp
ntp
>>ntp>>4.3.7
cpe:2.3:a:ntp:ntp:4.3.7:*:*:*:*:*:*:*
ntp
ntp
>>ntp>>4.3.8
cpe:2.3:a:ntp:ntp:4.3.8:*:*:*:*:*:*:*
ntp
ntp
>>ntp>>4.3.10
cpe:2.3:a:ntp:ntp:4.3.10:*:*:*:*:*:*:*
ntp
ntp
>>ntp>>4.3.11
cpe:2.3:a:ntp:ntp:4.3.11:*:*:*:*:*:*:*
ntp
ntp
>>ntp>>4.3.12
cpe:2.3:a:ntp:ntp:4.3.12:*:*:*:*:*:*:*
ntp
ntp
>>ntp>>4.3.13
cpe:2.3:a:ntp:ntp:4.3.13:*:*:*:*:*:*:*
ntp
ntp
>>ntp>>4.3.14
cpe:2.3:a:ntp:ntp:4.3.14:*:*:*:*:*:*:*
ntp
ntp
>>ntp>>4.3.15
cpe:2.3:a:ntp:ntp:4.3.15:*:*:*:*:*:*:*
ntp
ntp
>>ntp>>4.3.16
cpe:2.3:a:ntp:ntp:4.3.16:*:*:*:*:*:*:*
ntp
ntp
>>ntp>>4.3.17
cpe:2.3:a:ntp:ntp:4.3.17:*:*:*:*:*:*:*
ntp
ntp
>>ntp>>4.3.18
cpe:2.3:a:ntp:ntp:4.3.18:*:*:*:*:*:*:*
ntp
ntp
>>ntp>>4.3.19
cpe:2.3:a:ntp:ntp:4.3.19:*:*:*:*:*:*:*
ntp
ntp
>>ntp>>4.3.20
cpe:2.3:a:ntp:ntp:4.3.20:*:*:*:*:*:*:*
ntp
ntp
>>ntp>>4.3.21
cpe:2.3:a:ntp:ntp:4.3.21:*:*:*:*:*:*:*
ntp
ntp
>>ntp>>4.3.22
cpe:2.3:a:ntp:ntp:4.3.22:*:*:*:*:*:*:*
ntp
ntp
>>ntp>>4.3.23
cpe:2.3:a:ntp:ntp:4.3.23:*:*:*:*:*:*:*
ntp
ntp
>>ntp>>4.3.24
cpe:2.3:a:ntp:ntp:4.3.24:*:*:*:*:*:*:*
ntp
ntp
>>ntp>>4.3.25
cpe:2.3:a:ntp:ntp:4.3.25:*:*:*:*:*:*:*
ntp
ntp
>>ntp>>4.3.26
cpe:2.3:a:ntp:ntp:4.3.26:*:*:*:*:*:*:*
ntp
ntp
>>ntp>>4.3.27
cpe:2.3:a:ntp:ntp:4.3.27:*:*:*:*:*:*:*
ntp
ntp
>>ntp>>4.3.28
cpe:2.3:a:ntp:ntp:4.3.28:*:*:*:*:*:*:*
ntp
ntp
>>ntp>>4.3.29
cpe:2.3:a:ntp:ntp:4.3.29:*:*:*:*:*:*:*
ntp
ntp
>>ntp>>4.3.30
cpe:2.3:a:ntp:ntp:4.3.30:*:*:*:*:*:*:*
ntp
ntp
>>ntp>>4.3.31
cpe:2.3:a:ntp:ntp:4.3.31:*:*:*:*:*:*:*
ntp
ntp
>>ntp>>4.3.32
cpe:2.3:a:ntp:ntp:4.3.32:*:*:*:*:*:*:*
ntp
ntp
>>ntp>>4.3.33
cpe:2.3:a:ntp:ntp:4.3.33:*:*:*:*:*:*:*
ntp
ntp
>>ntp>>4.3.34
cpe:2.3:a:ntp:ntp:4.3.34:*:*:*:*:*:*:*
ntp
ntp
>>ntp>>4.3.35
cpe:2.3:a:ntp:ntp:4.3.35:*:*:*:*:*:*:*
ntp
ntp
>>ntp>>4.3.36
cpe:2.3:a:ntp:ntp:4.3.36:*:*:*:*:*:*:*
ntp
ntp
>>ntp>>4.3.37
cpe:2.3:a:ntp:ntp:4.3.37:*:*:*:*:*:*:*
ntp
ntp
>>ntp>>4.3.38
cpe:2.3:a:ntp:ntp:4.3.38:*:*:*:*:*:*:*
ntp
ntp
>>ntp>>4.3.39
cpe:2.3:a:ntp:ntp:4.3.39:*:*:*:*:*:*:*
ntp
ntp
>>ntp>>4.3.40
cpe:2.3:a:ntp:ntp:4.3.40:*:*:*:*:*:*:*
ntp
ntp
>>ntp>>4.3.41
cpe:2.3:a:ntp:ntp:4.3.41:*:*:*:*:*:*:*
ntp
ntp
>>ntp>>4.3.42
cpe:2.3:a:ntp:ntp:4.3.42:*:*:*:*:*:*:*
ntp
ntp
>>ntp>>4.3.43
cpe:2.3:a:ntp:ntp:4.3.43:*:*:*:*:*:*:*
ntp
ntp
>>ntp>>4.3.44
cpe:2.3:a:ntp:ntp:4.3.44:*:*:*:*:*:*:*
ntp
ntp
>>ntp>>4.3.45
cpe:2.3:a:ntp:ntp:4.3.45:*:*:*:*:*:*:*
ntp
ntp
>>ntp>>4.3.46
cpe:2.3:a:ntp:ntp:4.3.46:*:*:*:*:*:*:*
ntp
ntp
>>ntp>>4.3.47
cpe:2.3:a:ntp:ntp:4.3.47:*:*:*:*:*:*:*
ntp
ntp
>>ntp>>4.3.48
cpe:2.3:a:ntp:ntp:4.3.48:*:*:*:*:*:*:*
ntp
ntp
>>ntp>>4.3.49
cpe:2.3:a:ntp:ntp:4.3.49:*:*:*:*:*:*:*
Weaknesses
CWE IDTypeSource
CWE-19Primarynvd@nist.gov
CWE ID: CWE-19
Type: Primary
Source: nvd@nist.gov
Evaluator Description
Evaluator Impact

Evaluator Solution

Vendor Statements
References
HyperlinkSourceResource
http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177507.htmlcve@mitre.org
Third Party Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2016-January/176434.htmlcve@mitre.org
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00059.htmlcve@mitre.org
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00060.htmlcve@mitre.org
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00020.htmlcve@mitre.org
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00038.htmlcve@mitre.org
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00048.htmlcve@mitre.org
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00026.htmlcve@mitre.org
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00042.htmlcve@mitre.org
Third Party Advisory
http://lists.opensuse.org/opensuse-updates/2016-05/msg00114.htmlcve@mitre.org
Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2016-1552.htmlcve@mitre.org
Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2016-2583.htmlcve@mitre.org
N/A
http://support.ntp.org/bin/view/Main/SecurityNotice#April_2016_NTP_4_2_8p7_Securitycve@mitre.org
Vendor Advisory
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160127-ntpdcve@mitre.org
Third Party Advisory
http://www.debian.org/security/2016/dsa-3629cve@mitre.org
Third Party Advisory
http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.htmlcve@mitre.org
N/A
http://www.securityfocus.com/bid/81816cve@mitre.org
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1034782cve@mitre.org
Third Party Advisory
VDB Entry
http://www.ubuntu.com/usn/USN-3096-1cve@mitre.org
Third Party Advisory
https://access.redhat.com/errata/RHSA-2016:1141cve@mitre.org
Third Party Advisory
https://bto.bluecoat.com/security-advisory/sa113cve@mitre.org
Third Party Advisory
https://cert-portal.siemens.com/productcert/pdf/ssa-497656.pdfcve@mitre.org
N/A
https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03750en_uscve@mitre.org
N/A
https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03766en_uscve@mitre.org
N/A
https://security.FreeBSD.org/advisories/FreeBSD-SA-16:09.ntp.asccve@mitre.org
N/A
https://security.gentoo.org/glsa/201607-15cve@mitre.org
Third Party Advisory
https://security.netapp.com/advisory/ntap-20171031-0001/cve@mitre.org
N/A
https://us-cert.cisa.gov/ics/advisories/icsa-21-103-11cve@mitre.org
N/A
https://www.kb.cert.org/vuls/id/718152cve@mitre.org
Third Party Advisory
US Government Resource
http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177507.htmlaf854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2016-January/176434.htmlaf854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00059.htmlaf854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00060.htmlaf854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00020.htmlaf854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00038.htmlaf854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00048.htmlaf854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00026.htmlaf854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00042.htmlaf854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://lists.opensuse.org/opensuse-updates/2016-05/msg00114.htmlaf854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2016-1552.htmlaf854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2016-2583.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://support.ntp.org/bin/view/Main/SecurityNotice#April_2016_NTP_4_2_8p7_Securityaf854a3a-2127-422b-91ae-364da2661108
Vendor Advisory
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160127-ntpdaf854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.debian.org/security/2016/dsa-3629af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.htmlaf854a3a-2127-422b-91ae-364da2661108
N/A
http://www.securityfocus.com/bid/81816af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
VDB Entry
http://www.securitytracker.com/id/1034782af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
VDB Entry
http://www.ubuntu.com/usn/USN-3096-1af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
https://access.redhat.com/errata/RHSA-2016:1141af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
https://bto.bluecoat.com/security-advisory/sa113af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
https://cert-portal.siemens.com/productcert/pdf/ssa-497656.pdfaf854a3a-2127-422b-91ae-364da2661108
N/A
https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03750en_usaf854a3a-2127-422b-91ae-364da2661108
N/A
https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03766en_usaf854a3a-2127-422b-91ae-364da2661108
N/A
https://security.FreeBSD.org/advisories/FreeBSD-SA-16:09.ntp.ascaf854a3a-2127-422b-91ae-364da2661108
N/A
https://security.gentoo.org/glsa/201607-15af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
https://security.netapp.com/advisory/ntap-20171031-0001/af854a3a-2127-422b-91ae-364da2661108
N/A
https://us-cert.cisa.gov/ics/advisories/icsa-21-103-11af854a3a-2127-422b-91ae-364da2661108
N/A
https://www.kb.cert.org/vuls/id/718152af854a3a-2127-422b-91ae-364da2661108
Third Party Advisory
US Government Resource
Hyperlink: http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177507.html
Source: cve@mitre.org
Resource:
Third Party Advisory
Hyperlink: http://lists.fedoraproject.org/pipermail/package-announce/2016-January/176434.html
Source: cve@mitre.org
Resource:
Third Party Advisory
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00059.html
Source: cve@mitre.org
Resource:
Third Party Advisory
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00060.html
Source: cve@mitre.org
Resource:
Third Party Advisory
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00020.html
Source: cve@mitre.org
Resource:
Third Party Advisory
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00038.html
Source: cve@mitre.org
Resource:
Third Party Advisory
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00048.html
Source: cve@mitre.org
Resource:
Third Party Advisory
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00026.html
Source: cve@mitre.org
Resource:
Third Party Advisory
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00042.html
Source: cve@mitre.org
Resource:
Third Party Advisory
Hyperlink: http://lists.opensuse.org/opensuse-updates/2016-05/msg00114.html
Source: cve@mitre.org
Resource:
Third Party Advisory
Hyperlink: http://rhn.redhat.com/errata/RHSA-2016-1552.html
Source: cve@mitre.org
Resource:
Third Party Advisory
Hyperlink: http://rhn.redhat.com/errata/RHSA-2016-2583.html
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://support.ntp.org/bin/view/Main/SecurityNotice#April_2016_NTP_4_2_8p7_Security
Source: cve@mitre.org
Resource:
Vendor Advisory
Hyperlink: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160127-ntpd
Source: cve@mitre.org
Resource:
Third Party Advisory
Hyperlink: http://www.debian.org/security/2016/dsa-3629
Source: cve@mitre.org
Resource:
Third Party Advisory
Hyperlink: http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html
Source: cve@mitre.org
Resource: N/A
Hyperlink: http://www.securityfocus.com/bid/81816
Source: cve@mitre.org
Resource:
Third Party Advisory
VDB Entry
Hyperlink: http://www.securitytracker.com/id/1034782
Source: cve@mitre.org
Resource:
Third Party Advisory
VDB Entry
Hyperlink: http://www.ubuntu.com/usn/USN-3096-1
Source: cve@mitre.org
Resource:
Third Party Advisory
Hyperlink: https://access.redhat.com/errata/RHSA-2016:1141
Source: cve@mitre.org
Resource:
Third Party Advisory
Hyperlink: https://bto.bluecoat.com/security-advisory/sa113
Source: cve@mitre.org
Resource:
Third Party Advisory
Hyperlink: https://cert-portal.siemens.com/productcert/pdf/ssa-497656.pdf
Source: cve@mitre.org
Resource: N/A
Hyperlink: https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03750en_us
Source: cve@mitre.org
Resource: N/A
Hyperlink: https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03766en_us
Source: cve@mitre.org
Resource: N/A
Hyperlink: https://security.FreeBSD.org/advisories/FreeBSD-SA-16:09.ntp.asc
Source: cve@mitre.org
Resource: N/A
Hyperlink: https://security.gentoo.org/glsa/201607-15
Source: cve@mitre.org
Resource:
Third Party Advisory
Hyperlink: https://security.netapp.com/advisory/ntap-20171031-0001/
Source: cve@mitre.org
Resource: N/A
Hyperlink: https://us-cert.cisa.gov/ics/advisories/icsa-21-103-11
Source: cve@mitre.org
Resource: N/A
Hyperlink: https://www.kb.cert.org/vuls/id/718152
Source: cve@mitre.org
Resource:
Third Party Advisory
US Government Resource
Hyperlink: http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177507.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: http://lists.fedoraproject.org/pipermail/package-announce/2016-January/176434.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00059.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00060.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00020.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00038.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00048.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00026.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00042.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: http://lists.opensuse.org/opensuse-updates/2016-05/msg00114.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: http://rhn.redhat.com/errata/RHSA-2016-1552.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: http://rhn.redhat.com/errata/RHSA-2016-2583.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://support.ntp.org/bin/view/Main/SecurityNotice#April_2016_NTP_4_2_8p7_Security
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Vendor Advisory
Hyperlink: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160127-ntpd
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: http://www.debian.org/security/2016/dsa-3629
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: http://www.securityfocus.com/bid/81816
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
VDB Entry
Hyperlink: http://www.securitytracker.com/id/1034782
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
VDB Entry
Hyperlink: http://www.ubuntu.com/usn/USN-3096-1
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: https://access.redhat.com/errata/RHSA-2016:1141
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: https://bto.bluecoat.com/security-advisory/sa113
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: https://cert-portal.siemens.com/productcert/pdf/ssa-497656.pdf
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03750en_us
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03766en_us
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://security.FreeBSD.org/advisories/FreeBSD-SA-16:09.ntp.asc
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://security.gentoo.org/glsa/201607-15
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
Hyperlink: https://security.netapp.com/advisory/ntap-20171031-0001/
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://us-cert.cisa.gov/ics/advisories/icsa-21-103-11
Source: af854a3a-2127-422b-91ae-364da2661108
Resource: N/A
Hyperlink: https://www.kb.cert.org/vuls/id/718152
Source: af854a3a-2127-422b-91ae-364da2661108
Resource:
Third Party Advisory
US Government Resource

Change History

0
Information is not available yet

Similar CVEs

26Records found
CVE-2016-9312
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-5.70% / 90.05%
||
7 Day CHG~0.00%
Published-13 Jan, 2017 | 16:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

ntpd in NTP before 4.2.8p9, when running on Windows, allows remote attackers to cause a denial of service via a large UDP packet.

Action-Not Available
Vendor-ntpn/aMicrosoft Corporation
Product-ntpwindowsn/a
CVE-2015-7691
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-6.22% / 90.50%
||
7 Day CHG~0.00%
Published-07 Aug, 2017 | 20:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The crypto_xmit function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (crash) via crafted packets containing particular autokey operations. NOTE: This vulnerability exists due to an incomplete fix for CVE-2014-9750.

Action-Not Available
Vendor-ntpn/aDebian GNU/LinuxRed Hat, Inc.Oracle CorporationNetApp, Inc.
Product-oncommand_unified_managerlinuxoncommand_performance_managerenterprise_linux_desktopenterprise_linux_server_ausenterprise_linux_server_tusenterprise_linux_workstationclustered_data_ontapenterprise_linux_server_eusdebian_linuxenterprise_linux_serverntpdata_ontapn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2016-4957
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-57.88% / 98.09%
||
7 Day CHG~0.00%
Published-05 Jul, 2016 | 01:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

ntpd in NTP before 4.2.8p8 allows remote attackers to cause a denial of service (daemon crash) via a crypto-NAK packet. NOTE: this vulnerability exists because of an incorrect fix for CVE-2016-1547.

Action-Not Available
Vendor-ntpn/aopenSUSESUSENovellOracle Corporation
Product-solarisleapntpopensusemanager_proxyopenstack_cloudsuse_managerlinux_enterprise_desktoplinux_enterprise_servern/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2016-4953
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-12.64% / 93.71%
||
7 Day CHG-3.96%
Published-05 Jul, 2016 | 01:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

ntpd in NTP 4.x before 4.2.8p8 allows remote attackers to cause a denial of service (ephemeral-association demobilization) by sending a spoofed crypto-NAK packet with incorrect authentication data at a certain time.

Action-Not Available
Vendor-ntpn/aSiemens AGopenSUSESUSEOracle Corporation
Product-tim_4r-iesolarissimatic_net_cp_443-1_opc_ualeapntpopensusemanager_proxyopenstack_cloudtim_4r-ie_dnp3_firmwarelinux_enterprise_desktopsimatic_net_cp_443-1_opc_ua_firmwaremanagertim_4r-ie_dnp3tim_4r-ie_firmwarelinux_enterprise_servern/a
CWE ID-CWE-287
Improper Authentication
CVE-2016-4954
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-6.94% / 91.04%
||
7 Day CHG-1.06%
Published-05 Jul, 2016 | 01:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The process_packet function in ntp_proto.c in ntpd in NTP 4.x before 4.2.8p8 allows remote attackers to cause a denial of service (peer-variable modification) by sending spoofed packets from many source IP addresses in a certain scenario, as demonstrated by triggering an incorrect leap indication.

Action-Not Available
Vendor-ntpn/aSiemens AGopenSUSESUSEOracle Corporation
Product-tim_4r-iesolarissimatic_net_cp_443-1_opc_ualeapntpopensusemanager_proxyopenstack_cloudtim_4r-ie_dnp3_firmwarelinux_enterprise_desktopsimatic_net_cp_443-1_opc_ua_firmwaremanagertim_4r-ie_dnp3tim_4r-ie_firmwarelinux_enterprise_servern/a
CWE ID-CWE-362
Concurrent Execution using Shared Resource with Improper Synchronization ('Race Condition')
CVE-2016-4956
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.3||MEDIUM
EPSS-2.27% / 84.00%
||
7 Day CHG~0.00%
Published-05 Jul, 2016 | 01:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

ntpd in NTP 4.x before 4.2.8p8 allows remote attackers to cause a denial of service (interleaved-mode transition and time change) via a spoofed broadcast packet. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-1548.

Action-Not Available
Vendor-ntpn/aSiemens AGopenSUSESUSENovellOracle Corporation
Product-solarissimatic_net_cp_443-1_opc_ualeapntpopensusemanager_proxyopenstack_cloudsuse_managerlinux_enterprise_desktopsimatic_net_cp_443-1_opc_ua_firmwarelinux_enterprise_servern/a
CVE-2016-2518
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.3||MEDIUM
EPSS-1.47% / 80.10%
||
7 Day CHG~0.00%
Published-30 Jan, 2017 | 21:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The MATCH_ASSOC function in NTP before version 4.2.8p9 and 4.3.x before 4.3.92 allows remote attackers to cause an out-of-bounds reference via an addpeer request with a large hmode value.

Action-Not Available
Vendor-ntpn/aDebian GNU/LinuxRed Hat, Inc.Oracle CorporationNetApp, Inc.FreeBSD FoundationSiemens AG
Product-enterprise_linux_desktoplinuxoncommand_balanceenterprise_linux_server_tusenterprise_linux_workstationclustered_data_ontapenterprise_linux_server_eusdebian_linuxenterprise_linux_servercommunications_user_data_repositoryntpenterprise_linux_server_ausdata_ontaponcommand_unified_manager_for_clustered_data_ontaponcommand_performance_managerfreebsdsimatic_net_cp_443-1_opc_uasimatic_net_cp_443-1_opc_ua_firmwaren/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2016-1547
Matching Score-8
Assigner-CERT/CC
ShareView Details
Matching Score-8
Assigner-CERT/CC
CVSS Score-5.3||MEDIUM
EPSS-1.88% / 82.42%
||
7 Day CHG~0.00%
Published-06 Jan, 2017 | 21:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An off-path attacker can cause a preemptible client association to be demobilized in NTP 4.2.8p4 and earlier and NTPSec a5fb34b9cc89b92a8fef2f459004865c93bb7f92 by sending a crypto NAK packet to a victim client with a spoofed source address of an existing associated peer. This is true even if authentication is enabled.

Action-Not Available
Vendor-ntpNTPsec ProjectNTP Project
Product-ntpNTPNTPSec
CWE ID-CWE-20
Improper Input Validation
CVE-2015-7978
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-28.33% / 96.33%
||
7 Day CHG~0.00%
Published-30 Jan, 2017 | 21:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

NTP before 4.2.8p6 and 4.3.0 before 4.3.90 allows a remote attackers to cause a denial of service (stack exhaustion) via an ntpdc relist command, which triggers recursive traversal of the restriction list.

Action-Not Available
Vendor-ntpn/a
Product-ntpn/a
CWE ID-CWE-400
Uncontrolled Resource Consumption
CVE-2015-7692
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-6.32% / 90.58%
||
7 Day CHG~0.00%
Published-07 Aug, 2017 | 20:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The crypto_xmit function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (crash). NOTE: This vulnerability exists due to an incomplete fix for CVE-2014-9750.

Action-Not Available
Vendor-ntpn/aDebian GNU/LinuxRed Hat, Inc.Oracle CorporationNetApp, Inc.
Product-oncommand_unified_managerlinuxoncommand_performance_managerenterprise_linux_desktopenterprise_linux_server_ausenterprise_linux_server_tusenterprise_linux_workstationclustered_data_ontapenterprise_linux_server_eusdebian_linuxenterprise_linux_serverntpdata_ontapn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2015-7704
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-53.09% / 97.87%
||
7 Day CHG~0.00%
Published-07 Aug, 2017 | 20:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The ntpd client in NTP 4.x before 4.2.8p4 and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service via a number of crafted "KOD" messages.

Action-Not Available
Vendor-ntpn/aDebian GNU/LinuxRed Hat, Inc.Citrix (Cloud Software Group, Inc.)McAfee, LLCNetApp, Inc.
Product-oncommand_unified_manageroncommand_performance_managerenterprise_linux_desktopenterprise_linux_server_ausenterprise_linux_server_tusenterprise_linux_workstationclustered_data_ontapxenserverenterprise_linux_server_eusdebian_linuxenterprise_linux_serverenterprise_security_managerntpdata_ontapn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2015-7701
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-7.80% / 91.59%
||
7 Day CHG~0.00%
Published-07 Aug, 2017 | 20:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

Memory leak in the CRYPTO_ASSOC function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (memory consumption).

Action-Not Available
Vendor-ntpn/aDebian GNU/LinuxRed Hat, Inc.Oracle CorporationNetApp, Inc.
Product-oncommand_unified_managerlinuxoncommand_performance_managerenterprise_linux_desktopenterprise_linux_server_ausenterprise_linux_server_tusenterprise_linux_workstationclustered_data_ontapenterprise_linux_server_eusdebian_linuxenterprise_linux_serverntpdata_ontapn/a
CWE ID-CWE-772
Missing Release of Resource after Effective Lifetime
CVE-2015-7848
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.85% / 73.96%
||
7 Day CHG~0.00%
Published-06 Jan, 2017 | 21:00
Updated-23 May, 2025 | 02:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

An integer overflow can occur in NTP-dev.4.3.70 leading to an out-of-bounds memory copy operation when processing a specially crafted private mode packet. The crafted packet needs to have the correct message authentication code and a valid timestamp. When processed by the NTP daemon, it leads to an immediate crash.

Action-Not Available
Vendor-ntpn/aNetApp, Inc.
Product-ntpdata_ontap_operating_in_7-modeclustered_data_ontaponcommand_performance_manageroncommand_balanceoncommand_unified_managern/a
CWE ID-CWE-190
Integer Overflow or Wraparound
CVE-2015-5219
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.5||HIGH
EPSS-3.64% / 87.38%
||
7 Day CHG~0.00%
Published-21 Jul, 2017 | 14:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The ULOGTOD function in ntp.d in SNTP before 4.2.7p366 does not properly perform type conversions from a precision value to a double, which allows remote attackers to cause a denial of service (infinite loop) via a crafted NTP packet.

Action-Not Available
Vendor-ntpn/aDebian GNU/LinuxCanonical Ltd.SUSERed Hat, Inc.Oracle CorporationFedora ProjectopenSUSENovellSiemens AG
Product-enterprise_linux_desktoplinuxenterprise_linux_workstationfedoralinux_enterprise_serverleapenterprise_linux_serverdebian_linuxlinux_enterprise_debuginfotim_4r-ientptim_4r-id_dnp3tim_4r-id_dnp3_firmwareopenstack_cloudmanager_proxyenterprise_linux_hpc_nodetim_4r-ie_firmwareubuntu_linuxmanagern/a
CWE ID-CWE-704
Incorrect Type Conversion or Cast
CVE-2015-5195
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.5||HIGH
EPSS-10.40% / 92.91%
||
7 Day CHG~0.00%
Published-21 Jul, 2017 | 14:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

ntp_openssl.m4 in ntpd in NTP before 4.2.7p112 allows remote attackers to cause a denial of service (segmentation fault) via a crafted statistics or filegen configuration command that is not enabled during compilation.

Action-Not Available
Vendor-ntpn/aDebian GNU/LinuxCanonical Ltd.Red Hat, Inc.Fedora Project
Product-enterprise_linux_desktopenterprise_linux_workstationfedoraenterprise_linux_serverdebian_linuxenterprise_linux_hpc_nodeubuntu_linuxntpn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2015-5194
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.5||HIGH
EPSS-11.83% / 93.46%
||
7 Day CHG~0.00%
Published-21 Jul, 2017 | 14:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The log_config_command function in ntp_parser.y in ntpd in NTP before 4.2.7p42 allows remote attackers to cause a denial of service (ntpd crash) via crafted logconfig commands.

Action-Not Available
Vendor-ntpn/aDebian GNU/LinuxCanonical Ltd.SUSERed Hat, Inc.Fedora Project
Product-enterprise_linux_desktopenterprise_linux_workstationfedoralinux_enterprise_serveropenstack_cloudenterprise_linux_serverdebian_linuxmanager_proxylinux_enterprise_debuginfoenterprise_linux_hpc_nodeubuntu_linuxntpmanagern/a
CWE ID-CWE-20
Improper Input Validation
CVE-2015-5300
Matching Score-8
Assigner-Red Hat, Inc.
ShareView Details
Matching Score-8
Assigner-Red Hat, Inc.
CVSS Score-7.5||HIGH
EPSS-31.17% / 96.60%
||
7 Day CHG~0.00%
Published-21 Jul, 2017 | 14:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The panic_gate check in NTP before 4.2.8p5 is only re-enabled after the first change to the system clock that was greater than 128 milliseconds by default, which allows remote attackers to set NTP to an arbitrary time when started with the -g option, or to alter the time by up to 900 seconds otherwise by responding to an unspecified number of requests from trusted sources, and leveraging a resulting denial of service (abort and restart).

Action-Not Available
Vendor-ntpn/aDebian GNU/LinuxCanonical Ltd.SUSERed Hat, Inc.Fedora ProjectopenSUSE
Product-enterprise_linux_desktopmanagerlinux_enterprise_desktopenterprise_linux_workstationfedorasuse_linux_enterprise_serverlinux_enterprise_serverleapenterprise_linux_server_eusenterprise_linux_serverdebian_linuxlinux_enterprise_debuginfolinux_enterprise_software_development_kitntpenterprise_linux_hpc_node_eusopenstack_cloudmanager_proxyenterprise_linux_hpc_nodeubuntu_linuxopensusen/a
CVE-2014-9296
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-20.11% / 95.28%
||
7 Day CHG~0.00%
Published-20 Dec, 2014 | 02:00
Updated-12 Apr, 2025 | 10:46
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The receive function in ntp_proto.c in ntpd in NTP before 4.2.8 continues to execute after detecting a certain authentication error, which might allow remote attackers to trigger an unintended association change via crafted packets.

Action-Not Available
Vendor-ntpn/a
Product-ntpn/a
CVE-2020-11868
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-0.60% / 68.41%
||
7 Day CHG~0.00%
Published-17 Apr, 2020 | 03:31
Updated-05 May, 2025 | 17:15
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

ntpd in ntp before 4.2.8p14 and 4.3.x before 4.3.100 allows an off-path attacker to block unauthenticated synchronization via a server mode packet with a spoofed source IP address, because transmissions are rescheduled even when a packet lacks a valid origin timestamp.

Action-Not Available
Vendor-ntpn/aRed Hat, Inc.openSUSENetApp, Inc.Debian GNU/Linux
Product-all_flash_fabric-attached_storage_8700_firmwarefabric-attached_storage_8700_firmwaredebian_linuxleapfabric-attached_storage_a400virtual_storage_consoledata_ontapall_flash_fabric-attached_storage_a400_firmwarefabric-attached_storage_8300hci_storage_nodeall_flash_fabric-attached_storage_a400hci_storage_node_firmwarefabric-attached_storage_8300_firmwaresolidfirefabric-attached_storage_a400_firmwareall_flash_fabric-attached_storage_8300_firmwarefabric-attached_storage_8700ntpall_flash_fabric-attached_storage_8700clustered_data_ontapall_flash_fabric-attached_storage_8300vasa_provider_for_clustered_data_ontapenterprise_linuxhci_management_noden/a
CWE ID-CWE-346
Origin Validation Error
CVE-2018-7185
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-12.47% / 93.66%
||
7 Day CHG~0.00%
Published-06 Mar, 2018 | 20:00
Updated-14 Jan, 2025 | 19:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The protocol engine in ntp 4.2.6 before 4.2.8p11 allows a remote attackers to cause a denial of service (disruption) by continually sending a packet with a zero-origin timestamp and source IP address of the "other side" of an interleaved association causing the victim ntpd to reset its association.

Action-Not Available
Vendor-ntpn/aCanonical Ltd.Synology, Inc.Hewlett Packard Enterprise (HPE)NetApp, Inc.Oracle Corporation
Product-fujitsu_m12-2vs960hd_firmwarefujitsu_m12-2_firmwarefujitsu_m10-4fujitsu_m10-1_firmwarediskstation_managerfujitsu_m12-2subuntu_linuxntpfujitsu_m10-1fujitsu_m10-4_firmwarefujitsu_m10-4svs960hdhpux-ntpfujitsu_m12-1virtual_diskstation_managerfujitsu_m12-2s_firmwarefujitsu_m12-1_firmwarefujitsu_m10-4s_firmwaresolidfirerouter_managerskynashcin/a
CVE-2013-5211
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5||MEDIUM
EPSS-90.75% / 99.61%
||
7 Day CHG-1.01%
Published-02 Jan, 2014 | 11:00
Updated-11 Apr, 2025 | 00:51
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The monlist feature in ntp_request.c in ntpd in NTP before 4.2.7p26 allows remote attackers to cause a denial of service (traffic amplification) via forged (1) REQ_MON_GETLIST or (2) REQ_MON_GETLIST_1 requests, as exploited in the wild in December 2013.

Action-Not Available
Vendor-ntpn/aOracle CorporationopenSUSE
Product-linuxopensusentpn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2016-7433
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.3||MEDIUM
EPSS-36.23% / 96.98%
||
7 Day CHG~0.00%
Published-13 Jan, 2017 | 16:00
Updated-20 Apr, 2025 | 01:37
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

NTP before 4.2.8p9 does not properly perform the initial sync calculations, which allows remote attackers to unspecified impact via unknown vectors, related to a "root distance that did not include the peer dispersion."

Action-Not Available
Vendor-ntpn/a
Product-ntpn/a
CWE ID-CWE-682
Incorrect Calculation
CVE-2019-8936
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-8.16% / 91.83%
||
7 Day CHG~0.00%
Published-15 May, 2019 | 15:37
Updated-04 Aug, 2024 | 21:31
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

NTP through 4.2.8p12 has a NULL Pointer Dereference.

Action-Not Available
Vendor-ntpn/aopenSUSENetApp, Inc.Fedora ProjectHewlett Packard Enterprise (HPE)
Product-clustered_data_ontapntpdata_ontapfedorahpux-ntpleapn/a
CWE ID-CWE-476
NULL Pointer Dereference
CVE-2018-8956
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-5.3||MEDIUM
EPSS-1.31% / 78.94%
||
7 Day CHG~0.00%
Published-06 May, 2020 | 18:03
Updated-05 Aug, 2024 | 07:10
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

ntpd in ntp 4.2.8p10, 4.2.8p11, 4.2.8p12 and 4.2.8p13 allow remote attackers to prevent a broadcast client from synchronizing its clock with a broadcast NTP server via soofed mode 3 and mode 5 packets. The attacker must either be a part of the same broadcast network or control a slave in that broadcast network that can capture certain required packets on the attacker's behalf and send them to the attacker.

Action-Not Available
Vendor-ntpn/a
Product-ntpn/a
CWE ID-CWE-20
Improper Input Validation
CVE-2018-7182
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-8.14% / 91.82%
||
7 Day CHG~0.00%
Published-06 Mar, 2018 | 20:00
Updated-05 Aug, 2024 | 06:24
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

The ctl_getitem method in ntpd in ntp-4.2.8p6 before 4.2.8p11 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted mode 6 packet with a ntpd instance from 4.2.8p6 through 4.2.8p10.

Action-Not Available
Vendor-ntpn/aNetApp, Inc.Canonical Ltd.
Product-ubuntu_linuxntpelement_softwaren/a
CWE ID-CWE-125
Out-of-bounds Read
CVE-2018-7184
Matching Score-8
Assigner-MITRE Corporation
ShareView Details
Matching Score-8
Assigner-MITRE Corporation
CVSS Score-7.5||HIGH
EPSS-6.02% / 90.35%
||
7 Day CHG~0.00%
Published-06 Mar, 2018 | 20:00
Updated-14 Jan, 2025 | 19:29
Rejected-Not Available
Known To Be Used In Ransomware Campaigns?-Not Available
KEV Added-Not Available
KEV Action Due Date-Not Available

ntpd in ntp 4.2.8p4 before 4.2.8p11 drops bad packets before updating the "received" timestamp, which allows remote attackers to cause a denial of service (disruption) by sending a packet with a zero-origin timestamp causing the association to reset and setting the contents of the packet as the most recent timestamp. This issue is a result of an incomplete fix for CVE-2015-7704.

Action-Not Available
Vendor-ntpn/aCanonical Ltd.NetApp, Inc.Synology, Inc.Slackware
Product-vs960hd_firmwarevirtual_diskstation_managerslackware_linuxcloud_backupsteelstore_cloud_integrated_storagediskstation_managerubuntu_linuxrouter_managerskynasntpn/a
Details not found