The ntpd client in NTP 4.x before 4.2.8p4 and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service via a number of crafted “KOD” messages.

OSVersionArchitecturePackageVersionFilename
Debian11allntp< 1:4.2.8p4+dfsg-3ntp_1:4.2.8p4+dfsg-3_all.deb
Debian10allntp< 1:4.2.8p4+dfsg-3ntp_1:4.2.8p4+dfsg-3_all.deb

OS	Version	Architecture	Package	Version	Filename
Debian	11	all	ntp	< 1:4.2.8p4+dfsg-3	ntp_1:4.2.8p4+dfsg-3_all.deb
Debian	10	all	ntp	< 1:4.2.8p4+dfsg-3	ntp_1:4.2.8p4+dfsg-3_all.deb

checkpoint_advisories 1

prion 2

f5 3

cve 2

nessus 42

ubuntucve 4

veracode 1

redhat 2

openvas 35

centos 1

debiancve 1

redhatcve 1

oraclelinux 3

ibm 14

ics 2

citrix 1

fedora 3

amazon 3

mageia 1

slackware 2

freebsd 2

cisco 2

arista 2

suse 9

fortinet 1

freebsd_advisory 1

osv 2

archlinux 1

securityvulns 2

debian 2

ubuntu 1

symantec 1

cert 1

gentoo 1

oracle 1

checkpoint_advisories

NTP Kiss-o-Death Packet Denial of Service - Ver2 (CVE-2015-7704)

2018-06-25 00:00:00

prion

Code injection

2017-08-07 20:29:00

Design/Logic Flaw

2018-03-06 20:29:00

SOL17566 - NTP vulnerability CVE-2015-7704

2015-11-05 00:00:00

K17566 : NTP vulnerability CVE-2015-7704

2015-11-10 00:00:00

K13540723 : NTP vulnerability CVE-2018-7184

2018-03-26 00:00:00

cve

CVE-2015-7704

2017-08-07 20:29:00

CVE-2018-7184

2018-03-06 20:29:00

nessus

RHEL 6 : ntp (RHSA-2015:2520)

2015-11-30 00:00:00

Rockwell Automation Stratix Denial of Service by Spoofed Kiss-o'-Death (CVE-2015-7704)

2023-11-15 00:00:00

F5 Networks BIG-IP : NTP vulnerability (K17566)

2015-11-06 00:00:00

ubuntucve

CVE-2015-7704

2015-10-22 00:00:00

CVE-2015-7705

2015-10-22 00:00:00

CVE-2018-7184

2018-03-06 00:00:00

veracode

Denial Of Service (DoS)

2019-01-15 09:08:52

redhat

(RHSA-2015:2520) Important: ntp security update

2015-11-26 00:00:00

(RHSA-2015:1930) Important: ntp security update

2015-10-26 00:00:00

openvas

CentOS Update for ntp CESA-2015:1930 centos7

2015-10-27 00:00:00

RedHat Update for ntp RHSA-2015:1930-01

2015-10-27 00:00:00

CentOS Update for ntp CESA-2015:1930 centos6

2015-10-27 00:00:00

centos

ntp, ntpdate, sntp security update

2015-10-26 15:51:06

debiancve

CVE-2018-7184

2018-03-06 20:29:00

redhatcve

CVE-2018-7184

2018-02-28 19:49:03

oraclelinux

ntp security update

2015-10-26 00:00:00

ntp security, bug fix, and enhancement update

2015-11-23 00:00:00

ntp security and bug fix update

2016-05-12 00:00:00

ibm

Security Bulletin: Vulnerabilities in Network Time Protocol (NTP) affect IBM Security Identity Governance Appliance (CVE-2015-5300 CVE-2015-7704 CVE-2015-8138 )

2018-06-16 21:41:35

Security Bulletin: Vulnerabilities in NTP affect IBM Security Network Protection (CVE-2015-5300, CVE-2015-7704, and CVE-2015-8138)

2018-06-16 21:40:41

Security Bulletin: Vulnerabilities in ntp affect Power Hardware Management Console (CVE-2015-5300, CVE-2015-7704, CVE-2015-8138)

2021-09-23 01:31:39

ics

Siemens RUGGEDCOM ROX-based Devices NTP Vulnerabilities

2018-08-27 12:00:00

Rockwell Automation Stratix 5900

2017-05-10 12:00:00

citrix

Citrix XenServer Multiple Security Updates

2017-01-25 05:00:00

fedora

[SECURITY] Fedora 23 Update: ntp-4.2.6p5-34.fc23

2015-11-02 18:55:43

[SECURITY] Fedora 21 Update: ntp-4.2.6p5-34.fc21

2015-11-04 22:51:44

[SECURITY] Fedora 22 Update: ntp-4.2.6p5-36.fc22

2016-02-21 02:33:52

amazon

Medium: ntp

2018-05-10 17:01:00

Important: ntp

2015-10-27 16:42:00

Medium: ntp

2018-05-10 17:11:00

mageia

Updated ntp packages fixes security vulnerabilities

2015-10-26 00:50:36

slackware

[slackware-security] ntp

2016-04-29 21:57:25

[slackware-security] ntp

2015-10-29 22:49:05

freebsd

ntp -- multiple vulnerabilities

2016-04-26 00:00:00

ntp -- 13 low- and medium-severity vulnerabilities

2015-10-21 00:00:00

cisco

Multiple Vulnerabilities in Network Time Protocol Daemon Affecting Cisco Products: April 2016

2016-04-28 09:00:00

Multiple Vulnerabilities in ntpd Affecting Cisco Products - October 2015

2015-10-21 23:00:00

arista

Security Advisory 0019

2018-04-25 00:00:00

Security Advisory 0016

2015-11-04 00:00:00

suse

Security update for ntp (important)

2016-05-12 20:09:15

Security update for ntp (important)

2016-05-18 14:10:13

Security update for ntp (important)

2016-06-01 18:08:21

fortinet

ntp-4.2.8p7 Security Vulnerability Announcement April 2016

2017-04-03 00:00:00

freebsd_advisory

FreeBSD-SA-15:25.ntp

2015-10-26 00:00:00

osv

ntp - security update

2015-11-01 00:00:00

ntp - security update

2015-10-28 00:00:00

archlinux

ntp: multiple issues

2015-10-22 00:00:00

securityvulns

ntp multiple security vulnerabilities

2015-11-01 00:00:00

[USN-2783-1] NTP vulnerabilities

2015-11-01 00:00:00

debian

[SECURITY] [DLA 335-1] ntp security update

2015-10-28 20:45:05

[SECURITY] [DSA 3388-1] ntp security update

2015-11-01 22:20:55

ubuntu

NTP vulnerabilities

2015-10-27 00:00:00

symantec

SA103 : October 2015 NTP Security Vulnerabilities

2015-11-24 08:00:00

cert

NTP.org ntpd contains multiple vulnerabilities

2016-04-27 00:00:00

gentoo

NTP: Multiple vulnerabilities

2016-07-20 00:00:00

oracle

Oracle Critical Patch Update - July 2016

2016-07-19 00:00:00

Products

Security Intelligence
Non-intrusive assessment
Developers SDK
Windows scanner
Linux scanner
Perimeter control tool
MSSP

Database

Vulnerabilities
Exploits
IOC
Security News
BugBounty
Popular
Wild Exploited
Top Vulnerabilities

Tools

Linux Security Scanner
API integration
Subscriptions
Plugins
Manual Audit

Learn More

Stats
API
Docs
Api-keys
License
Pricing
Glossary
FAQ

Company

Blog
Contacts
About Us
OpenSource
EULA
Brand Guideline
Privacy Policy

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply. All product names, logos, and brands are property of their respective owners. All company, product and service names used in this website are for identification purposes only. Use of these names, logos, and brands does not imply endorsement.If you are an owner of some content and want it to be removed, please contact us. Using Vulners services you are accepting Vulners services end-user license agreement

@2024 Vulners Inc

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

0.873 High

EPSS

Percentile

98.6%

JSON

Related for DEBIANCVE:CVE-2015-7704