ntpd in ntp prior to 4.2.8p14 and 4.3.x prior to 4.3.100 allows remote malicious users to cause a denial of service (daemon exit or system time change) by predicting transmit timestamps for use in spoofed packets. The victim must be relying on unauthenticated IPv4 time sources. There must be an off-path attacker who can query time from the victim's ntpd instance.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
ntp ntp |
||
ntp ntp 4.2.8 |
||
netapp cloud backup - |
||
netapp clustered data ontap - |
||
netapp data ontap - |
||
netapp element software - |
||
netapp hci management node - |
||
netapp ontap tools - |
||
netapp solidfire - |
||
netapp steelstore cloud integrated storage - |
||
netapp hci_compute_node_firmware - |
||
netapp h410c_firmware - |
||
netapp h300s_firmware - |
||
netapp h500s_firmware - |
||
netapp h700s_firmware - |
||
netapp h300e_firmware - |
||
netapp h500e_firmware - |
||
netapp h700e_firmware - |
||
netapp h410s_firmware - |
||
opensuse leap 15.1 |
||
opensuse leap 15.2 |
||
fujitsu m10-1_firmware |
||
fujitsu m10-4_firmware |
||
fujitsu m10-4s_firmware |
||
fujitsu m12-1_firmware |
||
fujitsu m12-2_firmware |
||
fujitsu m12-2s_firmware |