Описание
NTP before 4.2.8p9 does not properly perform the initial sync calculations, which allows remote attackers to unspecified impact via unknown vectors, related to a "root distance that did not include the peer dispersion."
A flaw was found in the way ntpd calculated the root delay. A remote attacker could send a specially-crafted spoofed packet to cause denial of service or in some special cases even crash.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 5 | ntp | Not affected | ||
| Red Hat Enterprise Linux 6 | ntp | Fixed | RHSA-2017:0252 | 06.02.2017 |
| Red Hat Enterprise Linux 7 | ntp | Fixed | RHSA-2017:0252 | 06.02.2017 |
Показывать по
Дополнительная информация
Статус:
2.9 Low
CVSS3
1.2 Low
CVSS2
Связанные уязвимости
NTP before 4.2.8p9 does not properly perform the initial sync calculations, which allows remote attackers to unspecified impact via unknown vectors, related to a "root distance that did not include the peer dispersion."
NTP before 4.2.8p9 does not properly perform the initial sync calculations, which allows remote attackers to unspecified impact via unknown vectors, related to a "root distance that did not include the peer dispersion."
NTP before 4.2.8p9 does not properly perform the initial sync calculat ...
NTP before 4.2.8p9 does not properly perform the initial sync calculations, which allows remote attackers to unspecified impact via unknown vectors, related to a "root distance that did not include the peer dispersion."
2.9 Low
CVSS3
1.2 Low
CVSS2