Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
5
CVSSv2

CVE-2018-7182

Published: 06/03/2018 Updated: 31/10/2019
CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10
CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9
VMScore: 505
Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Subscribe to Ntp

Vulnerability Summary

The ctl_getitem method in ntpd in ntp-4.2.8p6 prior to 4.2.8p11 allows remote malicious users to cause a denial of service (out-of-bounds read) via a crafted mode 6 packet with a ntpd instance from 4.2.8p6 up to and including 4.2.8p10.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

ntp ntp 4.2.8

canonical ubuntu linux 17.10

canonical ubuntu linux 18.04

netapp element software -

Vendor Advisories

Ubuntu Security Notice: ntp vulnerabilities
Several security issues were fixed in NTP ...
Amazon Linux AMI: ALAS-2018-1009
Ephemeral association time spoofing additional protectionntpd in ntp 42x before 428p7 and 43x before 4392 allows authenticated users that know the private symmetric key to create arbitrarily-many ephemeral associations in order to win the clock selection of ntpd and modify a victim's clock via a Sybil attack This issue exists because of an ...
Red Hat: CVE-2018-7182
The ctl_getitem method in ntpd in ntp-428p6 before 428p11 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted mode 6 packet with a ntpd instance from 428p6 through 428p10 ...
Arch Linux Issues:
ctl_getitem() is used by ntpd to process incoming mode 6 packets A malicious mode 6 packet can be sent to an ntpd instance, and if the ntpd instance is from 428p6 thru 428p10, that will cause ctl_getitem() to read past the end of its buffer ...

Exploits

Exploit DB: ntpd 4.2.8p10 - Out-of-Bounds Read (PoC)
# Exploit Title: ntpd 428p10 - Out-of-Bounds Read (PoC) # Bug Discovery: Yihan Lian, a security researcher of Qihoo 360 GearTeam # Exploit Author: Magnus Klaaborg Stubman (@magnusstubman) # Website: dumpcore/blog/cve-2018-7182 # Vendor Homepage: wwwntporg/ # Software Link: wwweecisudeledu/~ntp/ntp_spool/ntp4/ntp-42/n ...
Exploit DB: ntpd 4.2.8p10 Out-Of-Bounds Read
ntpd version 428p10 out-of-bounds read proof of concept exploit ...

References

CWE-125http://www.securityfocus.com/bid/103191http://support.ntp.org/bin/view/Main/NtpBug3412http://packetstormsecurity.com/files/146631/Slackware-Security-Advisory-ntp-Updates.htmlhttps://security.FreeBSD.org/advisories/FreeBSD-SA-18:02.ntp.aschttps://www.synology.com/support/security/Synology_SA_18_13https://security.netapp.com/advisory/ntap-20180626-0001/https://usn.ubuntu.com/3707-1/http://www.securityfocus.com/archive/1/541824/100/0/threadedhttps://security.gentoo.org/glsa/201805-12https://www.exploit-db.com/exploits/45846/https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03962en_ushttps://usn.ubuntu.com/3707-1/https://nvd.nist.govhttps://www.exploit-db.com/exploits/45846/
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2006-4304CVE-2024-4240arbitrary CVE-2024-31601XSSCVE-2023-20198CVE-2024-4256CVE-2024-3342encryption
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook