The process_packet function in ntp_proto.c in ntpd in NTP 4.x prior to 4.2.8p8 allows remote malicious users to cause a denial of service (peer-variable modification) by sending spoofed packets from many source IP addresses in a certain scenario, as demonstrated by triggering an incorrect leap indication.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
ntp ntp |
||
ntp ntp 4.2.8 |
||
oracle solaris 10 |
||
oracle solaris 11.3 |
||
suse manager 2.1 |
||
suse manager proxy 2.1 |
||
suse openstack cloud 5 |
||
opensuse leap 42.1 |
||
opensuse opensuse 13.2 |
||
suse linux enterprise desktop 12 |
||
suse linux enterprise server 11 |
||
suse linux enterprise server 12 |
||
siemens simatic net cp 443-1 opc ua firmware |
||
siemens tim 4r-ie firmware |
||
siemens tim 4r-ie dnp3 firmware |