Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

CVE ID:CVE-2018-7170
Description:ntpd in ntp 4.2.x before 4.2.8p7 and 4.3.x before 4.3.92 allows authenticated users that know the private symmetric key to create arbitrarily-many ephemeral associations in order to win the clock selection of ntpd and modify a victim's clock via a Sybil attack. This issue exists because of an incomplete fix for CVE-2016-1549.
Test IDs: 1.3.6.1.4.1.25623.1.0.812793   1.3.6.1.4.1.25623.1.0.875015   1.3.6.1.4.1.25623.1.0.852083   1.3.6.1.4.1.25623.1.0.852021   1.3.6.1.4.1.25623.1.1.4.2018.3342.1   1.3.6.1.4.1.25623.1.1.4.2018.3351.1   1.3.6.1.4.1.25623.1.1.4.2018.3356.1   1.3.6.1.4.1.25623.1.1.4.2018.3386.1   1.3.6.1.4.1.25623.1.1.4.2018.3352.1  
Cross References: Common Vulnerability Exposure (CVE) ID: CVE-2018-7170
BugTraq ID: 103194
http://www.securityfocus.com/bid/103194
Bugtraq: 20180301 [Newsletter/Marketing] [slackware-security] ntp (SSA:2018-060-02) (Google Search)
http://www.securityfocus.com/archive/1/541824/100/0/threaded
FreeBSD Security Advisory: FreeBSD-SA-18:02
https://security.FreeBSD.org/advisories/FreeBSD-SA-18:02.ntp.asc
https://security.gentoo.org/glsa/201805-12
http://packetstormsecurity.com/files/146631/Slackware-Security-Advisory-ntp-Updates.html
https://bugzilla.redhat.com/show_bug.cgi?id=1550214




© 1998-2021 E-Soft Inc. All rights reserved.