ntpd in ntp prior to 4.2.8p14 and 4.3.x prior to 4.3.100 allows an off-path malicious user to block unauthenticated synchronization via a server mode packet with a spoofed source IP address, because transmissions are rescheduled even when a packet lacks a valid origin timestamp.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
ntp ntp 4.2.8 |
||
ntp ntp |
||
redhat enterprise linux 7.0 |
||
netapp clustered data ontap - |
||
netapp virtual storage console |
||
netapp data ontap - |
||
netapp vasa provider for clustered data ontap |
||
netapp solidfire - |
||
netapp hci management node - |
||
netapp hci_storage_node_firmware - |
||
netapp fabric-attached_storage_8300_firmware - |
||
netapp fabric-attached_storage_8700_firmware - |
||
netapp fabric-attached_storage_a400_firmware - |
||
netapp all_flash_fabric-attached_storage_8300_firmware - |
||
netapp all_flash_fabric-attached_storage_8700_firmware - |
||
netapp all_flash_fabric-attached_storage_a400_firmware - |
||
debian debian linux 8.0 |
||
opensuse leap 15.1 |
||
opensuse leap 15.2 |