CVE-2018-7185
Description
The protocol engine in ntp 4.2.6 before 4.2.8p11 allows a remote attackers to cause a denial of service (disruption) by continually sending a packet with a zero-origin timestamp and source IP address of the other side of an interleaved association causing the victim ntpd to reset its association.
Risk Information
Base Score
7.5
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
EPSS Score
Exploitation Probability
2.92
Associated Vulnerability
| Vulnerability | OS Platform |
|---|---|
| Network Time Protocol daemon and utility programs (USN-3707-1) ntp_4.2.8p4+dfsg-3ubuntu5.9_i386.deb | Linux |
| Network Time Protocol daemon and utility programs (USN-3707-1) ntp_4.2.8p4+dfsg-3ubuntu5.9_amd64.deb | Linux |
| Network Time Protocol daemon and utility programs (USN-3707-1) ntp_4.2.8p10+dfsg-5ubuntu3.3_i386.deb | Linux |
| Network Time Protocol daemon and utility programs (USN-3707-1) ntp_4.2.8p10+dfsg-5ubuntu3.3_amd64.deb | Linux |
| Network Time Protocol daemon and utility programs (USN-3707-1) ntp_4.2.8p10+dfsg-5ubuntu7.1_i386.deb | Linux |
| Network Time Protocol daemon and utility programs (USN-3707-1) ntp_4.2.8p10+dfsg-5ubuntu7.1_amd64.deb | Linux |
| Network Time Protocol daemon and utility programs (USN-3707-1) ntp_4.2.6.p5+dfsg-3ubuntu2.14.04.13_i386.deb | Linux |
| Network Time Protocol daemon and utility programs (USN-3707-1) ntp_4.2.6.p5+dfsg-3ubuntu2.14.04.13_amd64.deb | Linux |
| CVE-2018-7185 | NCM |
Patch Details
No records foundReferences
https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234