ntpd in ntp prior to 4.2.8p14 and 4.3.x prior to 4.3.100 allows remote malicious users to cause a denial of service (daemon exit or system time change) by predicting transmit timestamps for use in spoofed packets. The victim must be relying on unauthenticated IPv4 time sources. There must be an off-path attacker who can query time from the victim's ntpd instance.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
ntp ntp 4.2.8 |
||
ntp ntp |
||
netapp cloud backup - |
||
netapp element software - |
||
netapp steelstore cloud integrated storage - |
||
netapp clustered data ontap - |
||
netapp data ontap - |
||
netapp solidfire - |
||
netapp hci management node - |
||
netapp ontap tools - |
||
netapp hci compute node firmware - |
||
netapp h410c firmware - |
||
netapp h300s firmware - |
||
netapp h500s firmware - |
||
netapp h700s firmware - |
||
netapp h300e firmware - |
||
netapp h500e firmware - |
||
netapp h700e firmware - |
||
netapp h410s firmware - |
||
opensuse leap 15.1 |
||
opensuse leap 15.2 |
||
fujitsu m10-1 firmware |
||
fujitsu m10-4 firmware |
||
fujitsu m10-4s firmware |
||
fujitsu m12-1 firmware |
||
fujitsu m12-2 firmware |
||
fujitsu m12-2s firmware |