cve-2018-7184
Vulnerability from cvelistv5
Published
2018-03-06 20:00
Modified
2024-08-05 06:24
Severity ?
EPSS score ?
Summary
ntpd in ntp 4.2.8p4 before 4.2.8p11 drops bad packets before updating the "received" timestamp, which allows remote attackers to cause a denial of service (disruption) by sending a packet with a zero-origin timestamp causing the association to reset and setting the contents of the packet as the most recent timestamp. This issue is a result of an incomplete fix for CVE-2015-7704.
References
▼ | URL | Tags | |
---|---|---|---|
cve@mitre.org | http://packetstormsecurity.com/files/146631/Slackware-Security-Advisory-ntp-Updates.html | Third Party Advisory, VDB Entry | |
cve@mitre.org | http://support.ntp.org/bin/view/Main/NtpBug3453 | Third Party Advisory | |
cve@mitre.org | http://www.securityfocus.com/archive/1/541824/100/0/threaded | Third Party Advisory, VDB Entry | |
cve@mitre.org | http://www.securityfocus.com/bid/103192 | Third Party Advisory, VDB Entry | |
cve@mitre.org | https://security.FreeBSD.org/advisories/FreeBSD-SA-18:02.ntp.asc | Third Party Advisory | |
cve@mitre.org | https://security.gentoo.org/glsa/201805-12 | Third Party Advisory | |
cve@mitre.org | https://security.netapp.com/advisory/ntap-20180626-0001/ | Third Party Advisory | |
cve@mitre.org | https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03962en_us | ||
cve@mitre.org | https://usn.ubuntu.com/3707-1/ | Third Party Advisory | |
cve@mitre.org | https://www.synology.com/support/security/Synology_SA_18_13 | Third Party Advisory |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T06:24:11.248Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://packetstormsecurity.com/files/146631/Slackware-Security-Advisory-ntp-Updates.html" }, { "name": "103192", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/103192" }, { "name": "GLSA-201805-12", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201805-12" }, { "name": "FreeBSD-SA-18:02", "tags": [ "vendor-advisory", "x_refsource_FREEBSD", "x_transferred" ], "url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-18:02.ntp.asc" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20180626-0001/" }, { "name": "20180301 [Newsletter/Marketing] [slackware-security] ntp (SSA:2018-060-02)", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/541824/100/0/threaded" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://support.ntp.org/bin/view/Main/NtpBug3453" }, { "name": "USN-3707-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "https://usn.ubuntu.com/3707-1/" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://www.synology.com/support/security/Synology_SA_18_13" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03962en_us" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2018-02-28T00:00:00", "descriptions": [ { "lang": "en", "value": "ntpd in ntp 4.2.8p4 before 4.2.8p11 drops bad packets before updating the \"received\" timestamp, which allows remote attackers to cause a denial of service (disruption) by sending a packet with a zero-origin timestamp causing the association to reset and setting the contents of the packet as the most recent timestamp. This issue is a result of an incomplete fix for CVE-2015-7704." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2019-10-31T18:06:24", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "http://packetstormsecurity.com/files/146631/Slackware-Security-Advisory-ntp-Updates.html" }, { "name": "103192", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/103192" }, { "name": "GLSA-201805-12", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201805-12" }, { "name": "FreeBSD-SA-18:02", "tags": [ "vendor-advisory", "x_refsource_FREEBSD" ], "url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-18:02.ntp.asc" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://security.netapp.com/advisory/ntap-20180626-0001/" }, { "name": "20180301 [Newsletter/Marketing] [slackware-security] ntp (SSA:2018-060-02)", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://www.securityfocus.com/archive/1/541824/100/0/threaded" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://support.ntp.org/bin/view/Main/NtpBug3453" }, { "name": "USN-3707-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "https://usn.ubuntu.com/3707-1/" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://www.synology.com/support/security/Synology_SA_18_13" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03962en_us" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2018-7184", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "ntpd in ntp 4.2.8p4 before 4.2.8p11 drops bad packets before updating the \"received\" timestamp, which allows remote attackers to cause a denial of service (disruption) by sending a packet with a zero-origin timestamp causing the association to reset and setting the contents of the packet as the most recent timestamp. This issue is a result of an incomplete fix for CVE-2015-7704." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "http://packetstormsecurity.com/files/146631/Slackware-Security-Advisory-ntp-Updates.html", "refsource": "MISC", "url": "http://packetstormsecurity.com/files/146631/Slackware-Security-Advisory-ntp-Updates.html" }, { "name": "103192", "refsource": "BID", "url": "http://www.securityfocus.com/bid/103192" }, { "name": "GLSA-201805-12", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201805-12" }, { "name": "FreeBSD-SA-18:02", "refsource": "FREEBSD", "url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-18:02.ntp.asc" }, { "name": "https://security.netapp.com/advisory/ntap-20180626-0001/", "refsource": "CONFIRM", "url": "https://security.netapp.com/advisory/ntap-20180626-0001/" }, { "name": "20180301 [Newsletter/Marketing] [slackware-security] ntp (SSA:2018-060-02)", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/541824/100/0/threaded" }, { "name": "http://support.ntp.org/bin/view/Main/NtpBug3453", "refsource": "CONFIRM", "url": "http://support.ntp.org/bin/view/Main/NtpBug3453" }, { "name": "USN-3707-1", "refsource": "UBUNTU", "url": "https://usn.ubuntu.com/3707-1/" }, { "name": "https://www.synology.com/support/security/Synology_SA_18_13", "refsource": "CONFIRM", "url": "https://www.synology.com/support/security/Synology_SA_18_13" }, { "name": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03962en_us", "refsource": "CONFIRM", "url": "https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03962en_us" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2018-7184", "datePublished": "2018-03-06T20:00:00", "dateReserved": "2018-02-16T00:00:00", "dateUpdated": "2024-08-05T06:24:11.248Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1", "meta": { "nvd": "{\"cve\":{\"id\":\"CVE-2018-7184\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2018-03-06T20:29:01.437\",\"lastModified\":\"2020-08-24T17:37:01.140\",\"vulnStatus\":\"Modified\",\"descriptions\":[{\"lang\":\"en\",\"value\":\"ntpd in ntp 4.2.8p4 before 4.2.8p11 drops bad packets before updating the \\\"received\\\" timestamp, which allows remote attackers to cause a denial of service (disruption) by sending a packet with a zero-origin timestamp causing the association to reset and setting the contents of the packet as the most recent timestamp. This issue is a result of an incomplete fix for CVE-2015-7704.\"},{\"lang\":\"es\",\"value\":\"ntpd en ntp, en versiones 4.2.8p4 anteriores a la 4.2.8p11, env\u00eda paquetes malos antes de actualizar la marca de tiempo \\\"received\\\". Esto permite que atacantes remotos provoquen una denegaci\u00f3n de servicio (interrupci\u00f3n) mediante el env\u00edo de un paquete con una marca de tiempo zero-origin que provoca que la asociaci\u00f3n se restablezca y establezca el contenido del paquete como la marca de tiempo m\u00e1s reciente. Este problema es el resultado de una soluci\u00f3n incompleta para CVE-2015-7704.\"}],\"metrics\":{\"cvssMetricV30\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"3.0\",\"vectorString\":\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\",\"attackVector\":\"NETWORK\",\"attackComplexity\":\"LOW\",\"privilegesRequired\":\"NONE\",\"userInteraction\":\"NONE\",\"scope\":\"UNCHANGED\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"HIGH\",\"baseScore\":7.5,\"baseSeverity\":\"HIGH\"},\"exploitabilityScore\":3.9,\"impactScore\":3.6}],\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:N/A:P\",\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"NONE\",\"availabilityImpact\":\"PARTIAL\",\"baseScore\":5.0},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":2.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-noinfo\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ntp:ntp:4.2.8:p10:*:*:*:*:*:*\",\"matchCriteriaId\":\"0BC62D4E-D519-458C-BE4E-10DDB73A97D3\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ntp:ntp:4.2.8:p4:*:*:*:*:*:*\",\"matchCriteriaId\":\"99C71C00-7222-483B-AEFB-159337BD3C92\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ntp:ntp:4.2.8:p5:*:*:*:*:*:*\",\"matchCriteriaId\":\"75A9AA28-1B20-44BB-815C-7294A53E910E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ntp:ntp:4.2.8:p6:*:*:*:*:*:*\",\"matchCriteriaId\":\"8C213794-111D-41F3-916C-AD97F731D600\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ntp:ntp:4.2.8:p7:*:*:*:*:*:*\",\"matchCriteriaId\":\"50811A7B-0379-4437-8737-B4C1ACBC9EFD\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ntp:ntp:4.2.8:p8:*:*:*:*:*:*\",\"matchCriteriaId\":\"F12E4CF5-536C-416B-AD8D-6AE7CBE22C71\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ntp:ntp:4.2.8:p9:*:*:*:*:*:*\",\"matchCriteriaId\":\"EE002C76-406D-4F22-B738-E17BDEA70BCC\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:synology:diskstation_manager:5.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"416E0865-B437-493B-AE38-C24B6037B78E\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:synology:diskstation_manager:6.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"048C2114-ECF7-422E-B68C-84BF193F59C8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:synology:diskstation_manager:6.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"752FBED9-088B-495C-ACF2-F281C0A8F807\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:synology:router_manager:1.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"46261C28-E276-4639-BA3D-A735B02599F8\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:synology:skynas:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7C997777-BE79-4F77-90D7-E1A71D474D88\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:synology:virtual_diskstation_manager:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F5342AD6-8273-4215-BA0F-1457A628DB14\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:synology:vs960hd_firmware:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"3D0C5120-B961-440F-B454-584BC54B549C\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:slackware:slackware_linux:14.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"936EF68B-2A93-402C-BED4-20E6EDB2F102\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:slackware:slackware_linux:14.1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"F1B46F08-93A8-49D9-AC5D-43E19C062FFA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:slackware:slackware_linux:14.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"D65ED7B3-FD80-4D2B-B11D-AAABB34C49CA\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*\",\"matchCriteriaId\":\"B5A6F2F3-4894-4392-8296-3B8DD2679084\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:16.04:*:*:*:lts:*:*:*\",\"matchCriteriaId\":\"F7016A2A-8365-4F1A-89A2-7A19F2BCAE5B\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:17.10:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"9070C9D8-A14A-467F-8253-33B966C16886\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:o:canonical:ubuntu_linux:18.04:*:*:*:lts:*:*:*\",\"matchCriteriaId\":\"23A7C53F-B80F-4E6A-AFA9-58EEA84BE11D\"}]}]},{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:cloud_backup:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"5C2089EE-5D7F-47EC-8EA5-0F69790564C4\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:netapp:steelstore_cloud_integrated_storage:-:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E94F7F59-1785-493F-91A7-5F5EA5E87E4D\"}]}]}],\"references\":[{\"url\":\"http://packetstormsecurity.com/files/146631/Slackware-Security-Advisory-ntp-Updates.html\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://support.ntp.org/bin/view/Main/NtpBug3453\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"http://www.securityfocus.com/archive/1/541824/100/0/threaded\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"http://www.securityfocus.com/bid/103192\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\",\"VDB Entry\"]},{\"url\":\"https://security.FreeBSD.org/advisories/FreeBSD-SA-18:02.ntp.asc\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.gentoo.org/glsa/201805-12\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://security.netapp.com/advisory/ntap-20180626-0001/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbux03962en_us\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://usn.ubuntu.com/3707-1/\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]},{\"url\":\"https://www.synology.com/support/security/Synology_SA_18_13\",\"source\":\"cve@mitre.org\",\"tags\":[\"Third Party Advisory\"]}]}}" } }
Loading...
Loading...
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.