The ctl_getitem method in ntpd in ntp-4.2.8p6 before 4.2.8p11 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted mode 6 packet with a ntpd instance from 4.2.8p6 through 4.2.8p10.

References

bugzilla.redhat.com/show_bug.cgi?id=1550208

ubuntucve 2

packetstorm 1

zdt 1

debiancve 1

f5 1

exploitpack 1

cve 1

prion 1

exploitdb 1

osv 2

openvas 14

ubuntu 3

nessus 16

ibm 5

cloudfoundry 1

gentoo 1

slackware 1

fedora 3

freebsd 1

freebsd_advisory 1

archlinux 1

mageia 1

symantec 1

aix 1

amazon 2

photon 2

ubuntucve

CVE-2018-7182

2018-03-06 00:00:00

CVE-2019-8936

2019-05-15 00:00:00

packetstorm

ntpd 4.2.8p10 Out-Of-Bounds Read

2018-11-15 00:00:00

zdt

ntpd 4.2.8p10 - Out-of-Bounds Read Exploit

2018-11-14 00:00:00

debiancve

CVE-2018-7182

2018-03-06 20:29:00

K38742515 : NTP vulnerability CVE-2018-7182

2018-03-12 00:00:00

exploitpack

ntpd 4.2.8p10 - Out-of-Bounds Read (PoC)

2018-11-14 00:00:00

cve

CVE-2018-7182

2018-03-06 20:29:00

prion

Out-of-bounds

2018-03-06 20:29:00

exploitdb

ntpd 4.2.8p10 - Out-of-Bounds Read (PoC)

2018-11-14 00:00:00

osv

ntp vulnerability

2020-10-01 21:04:43

ntp vulnerability

2021-04-20 13:38:45

openvas

Ubuntu: Security Advisory (USN-4563-2)

2021-04-21 00:00:00

Ubuntu: Security Advisory (USN-4563-1)

2020-10-02 00:00:00

NTP.org 'ntpd' 'ctl_getitem()' And 'decodearr()' Multiple Vulnerabilities

2018-03-07 00:00:00

ubuntu

NTP vulnerability

2021-04-20 00:00:00

NTP vulnerability

2020-10-01 00:00:00

NTP vulnerabilities

2018-07-09 00:00:00

nessus

Symantec Content Analysis < 2.3.5.1 affected by Multiple Vulnerabilities (SYMSA1451)

2019-05-30 00:00:00

Ubuntu 14.04 LTS / 16.04 LTS / 18.04 LTS : NTP vulnerabilities (USN-3707-1)

2018-07-10 00:00:00

GLSA-201805-12 : NTP: Multiple vulnerabilities

2018-05-29 00:00:00

ibm

Security Bulletin: IBM Flex System Chassis Management Module (CMM) is affected by vulnerabilities in NTP

2023-12-07 22:31:02

Security Bulletin: Vulnerabilities in ntp affect IBM Integrated Management Module II (IMM2) for System x, Flex and BladeCenter Systems

2023-12-07 22:30:58

Security Bulletin: Vulnerabilities in NTP affect QLogic 8Gb Intelligent Pass-thru Module and SAN Switch Module for IBM BladeCenter and IBM Flex System FC3171 8Gb SAN Switch & SAN Pass-thru

2023-12-07 22:31:02

cloudfoundry

USN-3707-1: NTP vulnerabilities | Cloud Foundry

2018-07-19 00:00:00

gentoo

NTP: Multiple vulnerabilities

2018-05-26 00:00:00

slackware

[slackware-security] ntp

2018-03-01 23:49:07

fedora

[SECURITY] Fedora 27 Update: ntp-4.2.8p11-1.fc27

2018-03-27 20:16:30

[SECURITY] Fedora 26 Update: ntp-4.2.8p11-1.fc26

2018-03-27 19:30:28

[SECURITY] Fedora 27 Update: ntp-4.2.8p12-1.fc27

2018-09-26 20:17:54

freebsd

ntp -- multiple vulnerabilities

2018-02-27 00:00:00

freebsd_advisory

FreeBSD-SA-18:02.ntp

2018-03-07 00:00:00

archlinux

[ASA-201803-11] ntp: multiple issues

2018-03-16 00:00:00

mageia

Updated ntp packages fix security vulnerabilities

2018-04-07 01:54:47

symantec

SA165: NTP Vulnerabilities February 2018

2018-04-26 08:00:00

aix

Vulnerabilities in NTP affect AIX,Vulnerabilities in NTP affect VIOS

2018-08-14 14:48:57

amazon

Medium: ntp

2018-05-10 17:01:00

Medium: ntp

2018-05-10 17:11:00

photon

Home Download Photon OS User Documentation FAQ Security Advisories Related Information Lightwave - PHSA-2018-1.0-0167

2018-07-27 00:00:00

Critical Photon OS Security Update - PHSA-2018-0167

2018-07-27 00:00:00

Products

Security Intelligence
Non-intrusive assessment
Developers SDK
Windows scanner
Linux scanner
Perimeter control tool
MSSP

Database

Vulnerabilities
Exploits
IOC
Security News
BugBounty
Popular
Wild Exploited
Top Vulnerabilities

Tools

Linux Security Scanner
API integration
Subscriptions
Plugins
Manual Audit

Learn More

Stats
API
Docs
Api-keys
License
Pricing
Glossary
FAQ

Company

Blog
Contacts
About Us
OpenSource
EULA
Brand Guideline
Privacy Policy

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply. All product names, logos, and brands are property of their respective owners. All company, product and service names used in this website are for identification purposes only. Use of these names, logos, and brands does not imply endorsement.If you are an owner of some content and want it to be removed, please contact us. Using Vulners services you are accepting Vulners services end-user license agreement

@2024 Vulners Inc

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

JSON

Related for RH:CVE-2018-7182