Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2020-13817

Опубликовано: 04 июн. 2020
Источник: ubuntu
Приоритет: low
EPSS Низкий
CVSS2: 5.8
CVSS3: 7.4

Описание

ntpd in ntp before 4.2.8p14 and 4.3.x before 4.3.100 allows remote attackers to cause a denial of service (daemon exit or system time change) by predicting transmit timestamps for use in spoofed packets. The victim must be relying on unauthenticated IPv4 time sources. There must be an off-path attacker who can query time from the victim's ntpd instance.

РелизСтатусПримечание
bionic

ignored

end of standard support, was needs-triage
devel

DNE

eoan

ignored

end of life
esm-apps/bionic

needs-triage

esm-apps/focal

needs-triage

esm-apps/jammy

needs-triage

esm-infra-legacy/trusty

needs-triage

esm-infra/xenial

needs-triage

focal

ignored

end of standard support, was needs-triage
groovy

ignored

end of life

Показывать по

Ссылки на источники

EPSS

Процентиль: 58%
0.00375
Низкий

5.8 Medium

CVSS2

7.4 High

CVSS3

Связанные уязвимости

redhat логотип

CVE-2020-13817

CVSS3: 7.4
redhat
больше 5 лет назад

ntpd in ntp before 4.2.8p14 and 4.3.x before 4.3.100 allows remote attackers to cause a denial of service (daemon exit or system time change) by predicting transmit timestamps for use in spoofed packets. The victim must be relying on unauthenticated IPv4 time sources. There must be an off-path attacker who can query time from the victim's ntpd instance.

nvd логотип

CVE-2020-13817

CVSS3: 7.4
nvd
около 5 лет назад

ntpd in ntp before 4.2.8p14 and 4.3.x before 4.3.100 allows remote attackers to cause a denial of service (daemon exit or system time change) by predicting transmit timestamps for use in spoofed packets. The victim must be relying on unauthenticated IPv4 time sources. There must be an off-path attacker who can query time from the victim's ntpd instance.

debian логотип

CVE-2020-13817

CVSS3: 7.4
debian
около 5 лет назад

ntpd in ntp before 4.2.8p14 and 4.3.x before 4.3.100 allows remote att ...

github логотип

GHSA-fx6x-7xgx-2wwp

CVSS3: 7.4
github
около 3 лет назад

ntpd in ntp before 4.2.8p14 and 4.3.x before 4.3.100 allows remote attackers to cause a denial of service (daemon exit or system time change) by predicting transmit timestamps for use in spoofed packets. The victim must be relying on unauthenticated IPv4 time sources. There must be an off-path attacker who can query time from the victim's ntpd instance.

fstec логотип

BDU:2024-07287

CVSS3: 5.9
fstec
около 6 лет назад

Уязвимость реализации протокола синхронизации времени NTP, связанная с использованием недостаточно случайных значений, позволяющая нарушителю вызвать отказ в обслуживании

EPSS

Процентиль: 58%
0.00375
Низкий

5.8 Medium

CVSS2

7.4 High

CVSS3