Linux Distros Unpatched Vulnerability : CVE-2016-1549

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - A malicious authenticated peer can create arbitrarily-many ephemeral associations in order to win the clock selection algorithm in ntpd in NTP 4.2.8p4 and earli...

Synology DiskStation Manager NTPD Victim's Clock Modification (CVE-2018-7170)

ntpd in ntp 4.2.x before 4.2.8p7 and 4.3.x before 4.3.92 allows authenticated users that know the private symmetric key to create arbitrarily-many ephemeral associations in order to win the clock selection of ntpd and modify a victim's clock via a Sybil attack. This issue exists because of an...

SUSE CVE-2016-1549

A malicious authenticated peer can create arbitrarily-many ephemeral associations in order to win the clock selection algorithm in ntpd in NTP 4.2.8p4 and earlier and NTPsec 3e160db8dc248a0bcb053b56a80167dc742d2b74 and a5fb34b9cc89b92a8fef2f459004865c93bb7f92 and modify a victim's clock...

SUSE SLES12 Security Update : ntp (SUSE-SU-2020:1805-1)

This update for ntp fixes the following issues : ntp was updated to 4.2.8p15 CVE-2020-11868: Fixed an issue which a server mode packet with spoofed source address frequently send to the client ntpd could have caused denial of service bsc1169740. CVE-2018-8956: Fixed an issue which could have...

CVE-2020-13817

A high-performance ntpd instance that gets its time from unauthenticated IPv4 time sources may be vulnerable to an off-path attacker who can query time from the victim's ntpd instance. An attacker who can send a large number of packets with the spoofed IPv4 address of the upstream server can use...

Medium: ntp

Issue Overview: Ephemeral association time spoofing additional protection ntpd in ntp 4.2.x before 4.2.8p7 and 4.3.x before 4.3.92 allows authenticated users that know the private symmetric key to create arbitrarily-many ephemeral associations in order to win the clock selection of ntpd and modif...

Code injection

ntpd in ntp 4.2.x before 4.2.8p7 and 4.3.x before 4.3.92 allows authenticated users that know the private symmetric key to create arbitrarily-many ephemeral associations in order to win the clock selection of ntpd and modify a victim's clock via a Sybil attack. This issue exists because of an...

CVE-2018-7170

ntpd in ntp 4.2.x before 4.2.8p7 and 4.3.x before 4.3.92 allows authenticated users that know the private symmetric key to create arbitrarily-many ephemeral associations in order to win the clock selection of ntpd and modify a victim's clock via a Sybil attack. This issue exists because of an...

CVE-2018-7170

CVE-2018-7170 affects ntp’s ntpd component in ntp 4.2.x before 4.2.8p7 and 4.3.x before 4.3.92. An authenticated attacker who knows a private symmetric key can create many ephemeral associations to win the clock selection (Sybil attack) and modify a victim’s clock. The issue arises from an incomp...

PT-2018-2021 · Ntp +5 · Ntp +5

Name of the Vulnerable Software and Affected Versions: ntp versions 4.2.6 through 4.2.8p10 Description: The issue is related to the implementation of the NTP protocol, specifically with insufficient input validation. This can be exploited by a remote attacker to cause a denial of service by sendi...

CVE-2018-7170

A flaw was found in ntpd making it vulnerable to Sybil attacks. An authenticated attacker could target systems configured to use a trusted key in certain configurations and to create an arbitrary number of associations and subsequently modify a victim's clock...

PT-2018-2209 · Ntp +4 · Ntp +4

Name of the Vulnerable Software and Affected Versions: ntp versions 4.2.x through 4.2.8p6 ntp versions 4.3.x through 4.3.91 Description: The issue is related to errors in key management in the ntpd implementation of the NTP protocol, allowing a remote attacker to impact the integrity of protected...

DEBIAN-CVE-2016-1549

A malicious authenticated peer can create arbitrarily-many ephemeral associations in order to win the clock selection algorithm in ntpd in NTP 4.2.8p4 and earlier and NTPsec 3e160db8dc248a0bcb053b56a80167dc742d2b74 and a5fb34b9cc89b92a8fef2f459004865c93bb7f92 and modify a victim's clock...

CVE-2016-1549

CVE-2016-1549 affects ntpd; a malicious authenticated peer can create arbitrarily-many ephemeral associations to win the clock selection and modify a victim’s clock. Affected versions: ntpd 4.2.8p4 and earlier. Remediation: upgrade ntp/ntpd to a fixed release (upstream fix vs. later advisories in...