Описание
NTP before 4.2.8p9 does not properly perform the initial sync calculations, which allows remote attackers to unspecified impact via unknown vectors, related to a "root distance that did not include the peer dispersion."
Пакеты
| Пакет | Статус | Версия исправления | Релиз | Тип |
|---|---|---|---|---|
| ntp | fixed | 1:4.2.8p9+dfsg-1 | package | |
| ntp | not-affected | jessie | package | |
| ntp | not-affected | wheezy | package |
Примечания
http://support.ntp.org/bin/view/Main/NtpBug3067
Although the CVE is only for the issue introduced by the fix for
http://bugs.ntp.org/show_bug.cgi?id=2085, he root-distance calculation
itself in general is incorrect in all version of ntp-4 until ntp-4.2.8p9
EPSS
Связанные уязвимости
NTP before 4.2.8p9 does not properly perform the initial sync calculations, which allows remote attackers to unspecified impact via unknown vectors, related to a "root distance that did not include the peer dispersion."
NTP before 4.2.8p9 does not properly perform the initial sync calculations, which allows remote attackers to unspecified impact via unknown vectors, related to a "root distance that did not include the peer dispersion."
NTP before 4.2.8p9 does not properly perform the initial sync calculations, which allows remote attackers to unspecified impact via unknown vectors, related to a "root distance that did not include the peer dispersion."
NTP before 4.2.8p9 does not properly perform the initial sync calculations, which allows remote attackers to unspecified impact via unknown vectors, related to a "root distance that did not include the peer dispersion."
EPSS