CVE-2018-17176

A replay issue was discovered on Neato Botvac Connected 2.2.0 devices. Manual control mode requires authentication, but once recorded, the authentication always transmitted in cleartext can be replayed to /bin/webserver on port 8081. There are no nonces, and timestamps are not checked at all...

USN-3096-1: NTP vulnerabilities

Aanchal Malhotra discovered that NTP incorrectly handled authenticated broadcast mode. A remote attacker could use this issue to perform a replay attack. CVE-2015-7973 Matt Street discovered that NTP incorrectly verified peer associations of symmetric keys. A remote attacker could use this issue ...

Network Time Protocol Daemon (ntpd) 4.x < 4.2.8p8 / 4.3.x < 4.3.93 Multiple Vulnerabilities

The version of the remote NTP server is 4.x prior to 4.2.8p8 or 4.3.x prior to 4.3.93. It is, therefore, affected by the following vulnerabilities : - A denial of service vulnerability exists when handling authentication due to improper packet timestamp checks. An unauthenticated, remote attacker...

NTP Timestamp Bypass Vulnerability

NTP is a network protocol that synchronizes the clocks of two computers by exchanging packets. A security vulnerability in NTP allows a local attacker to perform a man-in-the-middle attack by sending packets with zero timestamps, bypassing the source timestamp restriction...

ntp: disabling synchronization via crafted KoD packet

It was discovered that ntpd as a client did not correctly check timestamps in Kiss-of-Death packets. A remote attacker could use this flaw to send a crafted Kiss-of-Death packet to an ntpd client that would increase the client's polling interval value, and effectively disable synchronization with...