Published: 06/05/2020 Updated: 19/07/2020

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

CVSS v3 Base Score: 5.3 | Impact Score: 1.4 | Exploitability Score: 3.9

VMScore: 445

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

ntpd in ntp 4.2.8p10, 4.2.8p11, 4.2.8p12 and 4.2.8p13 allow remote malicious users to prevent a broadcast client from synchronizing its clock with a broadcast NTP server via soofed mode 3 and mode 5 packets. The attacker must either be a part of the same broadcast network or control a slave in that broadcast network that can capture certain required packets on the attacker's behalf and send them to the attacker.

Vulnerable Product	Search on Vulmon	Subscribe to Product
ntp ntp 4.2.8

ntpd in ntp 428p10, 428p11, 428p12 and 428p13 allow remote attackers to prevent a broadcast client from synchronizing its clock with a broadcast NTP server via soofed mode 3 and mode 5 packets The attacker must either be a part of the same broadcast network or control a slave in that broadcast network that can capture certain required pack ...

CWE-20 http://www.ntp.org/https://tools.ietf.org/html/rfc5905 https://nikhiltripathi.in/NTP_attack.pdf https://arxiv.org/abs/2005.01783 https://security.netapp.com/advisory/ntap-20200518-0006/http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00005.html http://lists.opensuse.org/opensuse-security-announce/2020-07/msg00044.html https://nvd.nist.gov https://security.archlinux.org/CVE-2018-8956

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2018-8956

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect