cbcvebase.
CVE-2018-7184
published 2018-03-06

CVE-2018-7184: ntpd in ntp 4.2.8p4 before 4.2.8p11 drops bad packets before updating the "received" timestamp, which allows remote attackers to cause a denial of service…

PriorityP341high7.5CVSS 3.0
AVNACLPRNUINSUCNINAH
EPSS
8.86%
94.6th percentile
ntpd in ntp 4.2.8p4 before 4.2.8p11 drops bad packets before updating the "received" timestamp, which allows remote attackers to cause a denial of service (disruption) by sending a packet with a zero-origin timestamp causing the association to reset and setting the contents of the packet as the most recent timestamp. This issue is a result of an incomplete fix for CVE-2015-7704.

Affected

24 ranges
VendorProductVersion rangeFixed in
canonicalubuntu_linux
canonicalubuntu_linux
canonicalubuntu_linux
canonicalubuntu_linux
debianntp< ntp 1:4.2.8p11+dfsg-1 (bullseye)ntp 1:4.2.8p11+dfsg-1 (bullseye)
debianntpsec< ntp 1:4.2.8p11+dfsg-1 (bullseye)ntp 1:4.2.8p11+dfsg-1 (bullseye)
ntpntp
ntpntp
ntpntp
ntpntp
ntpntp
ntpntp
ntpntp
ntpntp>= 0 < 1:4.2.8p11+dfsg-11:4.2.8p11+dfsg-1
ntpntp>= 0 < 1:4.2.6.p5+dfsg-3ubuntu2.14.04.131:4.2.6.p5+dfsg-3ubuntu2.14.04.13
ntpntp>= 0 < 1:4.2.8p4+dfsg-3ubuntu5.91:4.2.8p4+dfsg-3ubuntu5.9
ntpntp>= 0 < 1:4.2.8p10+dfsg-5ubuntu7.11:4.2.8p10+dfsg-5ubuntu7.1
slackwareslackware_linux
slackwareslackware_linux
slackwareslackware_linux
synologydiskstation_manager
synologydiskstation_manager
synologydiskstation_manager
synologyrouter_manager

CVSS provenance

nvdv3.07.5HIGHCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
nvdv2.05.0MEDIUMAV:N/AC:L/Au:N/C:N/I:N/A:P
osv7.5HIGH
vendor_debian7.5LOW
vendor_redhat7.5HIGH
vendor_ubuntu7.5HIGH
Stop checking back — get the weekly exploitation signal.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.