CVE-2018-7184

NONE EPSS 94.6%
Published Mar 6, 20188y ago · Modified Jun 17, 20262w ago
Find Similar
Published Mar 6, 2018 8y ago
Last Modified Jun 17, 2026 2w ago

Description

ntpd in ntp 4.2.8p4 before 4.2.8p11 drops bad packets before updating the "received" timestamp, which allows remote attackers to cause a denial of service (disruption) by sending a packet with a zero-origin timestamp causing the association to reset and setting the contents of the packet as the most recent timestamp. This issue is a result of an incomplete fix for CVE-2015-7704.

Threat Intelligence

EPSS Exploit Probability
94.6% percentile
Exploit & Patch Status
No Known Exploit
No Patch Available

Affected Products 23

VendorProductVersionRange
ntpntp4.2.8any
ntpntp4.2.8any
ntpntp4.2.8any
ntpntp4.2.8any
ntpntp4.2.8any
ntpntp4.2.8any
ntpntp4.2.8any
synologyrouter_manager1.1any
synologyskynas*any
synologyvirtual_diskstation_manager*any
synologydiskstation_manager5.2any
synologydiskstation_manager6.0any
synologydiskstation_manager6.1any
synologyvs960hd_firmware*any
slackwareslackware_linux14.0any
slackwareslackware_linux14.1any
slackwareslackware_linux14.2any
canonicalubuntu_linux14.04any
canonicalubuntu_linux16.04any
canonicalubuntu_linux17.10any
canonicalubuntu_linux18.04any
netappcloud_backup*any
netappsteelstore_cloud_integrated_storage*any

References 10

  • packetstormsecurity.com http://packetstormsecurity.com/files/146631/Slackware-Security-Advisory-ntp-Updates.html
    Third Party AdvisoryVDB Entry
  • support.ntp.org http://support.ntp.org/bin/view/Main/NtpBug3453
    Third Party Advisory
  • securityfocus.com http://www.securityfocus.com/archive/1/541824/100/0/threaded
    Third Party AdvisoryVDB Entry
  • securityfocus.com http://www.securityfocus.com/bid/103192
    Third Party AdvisoryVDB Entry
  • security.freebsd.org https://security.FreeBSD.org/advisories/FreeBSD-SA-18:02.ntp.asc
    Third Party Advisory
  • security.gentoo.org https://security.gentoo.org/glsa/201805-12
    Third Party Advisory
  • security.netapp.com https://security.netapp.com/advisory/ntap-20180626-0001/
    Third Party Advisory
  • support.hpe.com https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03962en_us
  • usn.ubuntu.com https://usn.ubuntu.com/3707-1/
    Third Party Advisory
  • synology.com https://www.synology.com/support/security/Synology_SA_18_13
    Third Party Advisory

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.