CVE-2016-7431

Опубликовано: 13 янв. 2017

Источник: debian

EPSS Средний

Описание

NTP before 4.2.8p9 allows remote attackers to bypass the origin timestamp protection mechanism via an origin timestamp of zero. NOTE: this vulnerability exists because of a CVE-2015-8138 regression.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
ntp	fixed	1:4.2.8p9+dfsg-1		package
ntp	not-affected		jessie	package
ntp	not-affected		wheezy	package

Примечания

http://support.ntp.org/bin/view/Main/NtpBug3102

EPSS

Процентиль: 95%

0.19912

Средний

Связанные уязвимости

CVE-2016-7431

CVSS3: 5.3

ubuntu

больше 8 лет назад

NTP before 4.2.8p9 allows remote attackers to bypass the origin timestamp protection mechanism via an origin timestamp of zero. NOTE: this vulnerability exists because of a CVE-2015-8138 regression.

CVE-2016-7431

CVSS3: 5.3

redhat

больше 8 лет назад

NTP before 4.2.8p9 allows remote attackers to bypass the origin timestamp protection mechanism via an origin timestamp of zero. NOTE: this vulnerability exists because of a CVE-2015-8138 regression.

CVE-2016-7431

CVSS3: 5.3

nvd

больше 8 лет назад

NTP before 4.2.8p9 allows remote attackers to bypass the origin timestamp protection mechanism via an origin timestamp of zero. NOTE: this vulnerability exists because of a CVE-2015-8138 regression.

GHSA-27gj-3475-hjqq

CVSS3: 5.3

github

около 3 лет назад

NTP before 4.2.8p9 allows remote attackers to bypass the origin timestamp protection mechanism via an origin timestamp of zero. NOTE: this vulnerability exists because of a CVE-2015-8138 regression.

openSUSE-SU-2016:3280-1

suse-cvrf

больше 8 лет назад

Security update for ntp

EPSS

Процентиль: 95%

0.19912

Средний