Lucene search

[email protected]CVE-2018-7184

HistoryMar 06, 2018 - 8:29 p.m.

CVE-2018-7184

2018-03-0620:29:00

NVD-CWE-noinfo

[email protected]

web.nvd.nist.gov

125

cve-2018-7184

ntpd

ntp 4.2.8p4

denial of service

nvd

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

7.3 High

AI Score

Confidence

Low

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.036 Low

EPSS

Percentile

91.5%

JSON

ntpd in ntp 4.2.8p4 before 4.2.8p11 drops bad packets before updating the “received” timestamp, which allows remote attackers to cause a denial of service (disruption) by sending a packet with a zero-origin timestamp causing the association to reset and setting the contents of the packet as the most recent timestamp. This issue is a result of an incomplete fix for CVE-2015-7704.

CPENameOperatorVersion
ntp:ntpntpeq4.2.8
synology:skynassynology skynaseq-
synology:virtual_diskstation_managersynology virtual diskstation managereq-
synology:router_managersynology router managereq1.1
synology:diskstation_managersynology diskstation managereq6.0
synology:diskstation_managersynology diskstation managereq5.2
synology:diskstation_managersynology diskstation managereq6.1
synology:vs960hd_firmwaresynology vs960hd firmwareeq-
slackware:slackware_linuxslackware slackware linuxeq14.1
slackware:slackware_linuxslackware slackware linuxeq14.0

CPE	Name	Operator	Version
ntp:ntp	ntp	eq	4.2.8
synology:skynas	synology skynas	eq	-
synology:virtual_diskstation_manager	synology virtual diskstation manager	eq	-
synology:router_manager	synology router manager	eq	1.1
synology:diskstation_manager	synology diskstation manager	eq	6.0
synology:diskstation_manager	synology diskstation manager	eq	5.2
synology:diskstation_manager	synology diskstation manager	eq	6.1
synology:vs960hd_firmware	synology vs960hd firmware	eq	-
slackware:slackware_linux	slackware slackware linux	eq	14.1
slackware:slackware_linux	slackware slackware linux	eq	14.0