6.4 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:P/A:P
0.963 High
EPSS
Percentile
99.5%
ntp_request.c in ntpd in NTP before 4.2.4p8, and 4.2.5, allows remote
attackers to cause a denial of service (CPU and bandwidth consumption) by
using MODE_PRIVATE to send a spoofed (1) request or (2) response packet
that triggers a continuous exchange of MODE_PRIVATE error responses between
two NTP daemons.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
ubuntu | 6.06 | noarch | ntp | <Β 1:4.2.0a+stable-8.1ubuntu6.3 | UNKNOWN |
ubuntu | 8.04 | noarch | ntp | <Β 1:4.2.4p4+dfsg-3ubuntu2.3 | UNKNOWN |
ubuntu | 8.10 | noarch | ntp | <Β 1:4.2.4p4+dfsg-6ubuntu2.4 | UNKNOWN |
ubuntu | 9.04 | noarch | ntp | <Β 1:4.2.4p4+dfsg-7ubuntu5.2 | UNKNOWN |
ubuntu | 9.10 | noarch | ntp | <Β 1:4.2.4p6+dfsg-1ubuntu5.1 | UNKNOWN |