CVE-2015-8138

Опубликовано: 30 янв. 2017

Источник: ubuntu

Приоритет: medium

EPSS Низкий

CVSS2: 5

CVSS3: 5.3

Описание

NTP before 4.2.8p6 and 4.3.x before 4.3.90 allows remote attackers to bypass the origin timestamp validation via a packet with an origin timestamp set to zero.

Релиз	Статус	Примечание
devel	not-affected	1:4.2.8p4+dfsg-3ubuntu6
esm-infra-legacy/trusty	released	1:4.2.6.p5+dfsg-3ubuntu2.14.04.10
esm-infra/xenial	released	1:4.2.8p4+dfsg-3ubuntu5.3
precise	released	1:4.2.6.p3+dfsg-1ubuntu3.11
precise/esm	not-affected	1:4.2.6.p3+dfsg-1ubuntu3.11
trusty	released	1:4.2.6.p5+dfsg-3ubuntu2.14.04.10
trusty/esm	released	1:4.2.6.p5+dfsg-3ubuntu2.14.04.10
upstream	released	4.2.8p6
vivid	ignored	end of life
vivid/stable-phone-overlay	ignored	end of life

Показывать по

Ссылки на источники

EPSS

Процентиль: 89%

0.04814

Низкий

5 Medium

CVSS2

5.3 Medium

CVSS3

Связанные уязвимости

CVE-2015-8138

redhat

больше 9 лет назад

NTP before 4.2.8p6 and 4.3.x before 4.3.90 allows remote attackers to bypass the origin timestamp validation via a packet with an origin timestamp set to zero.

CVE-2015-8138

CVSS3: 5.3

nvd

больше 8 лет назад

NTP before 4.2.8p6 and 4.3.x before 4.3.90 allows remote attackers to bypass the origin timestamp validation via a packet with an origin timestamp set to zero.

CVE-2015-8138

CVSS3: 5.3

debian

больше 8 лет назад

NTP before 4.2.8p6 and 4.3.x before 4.3.90 allows remote attackers to ...

GHSA-5mf2-6mvq-v64v

CVSS3: 5.3

github

больше 3 лет назад

NTP before 4.2.8p6 and 4.3.x before 4.3.90 allows remote attackers to bypass the origin timestamp validation via a packet with an origin timestamp set to zero.

ELSA-2016-0063

oracle-oval

больше 9 лет назад

ELSA-2016-0063: ntp security update (IMPORTANT)

EPSS

Процентиль: 89%

0.04814

Низкий

5 Medium

CVSS2

5.3 Medium

CVSS3

CVE-2015-8138

Описание

Пакет ntp

Ссылки на источники

Связанные уязвимости