fkie_cve-2015-8138
Vulnerability from fkie_nvd
Published
2017-01-30 21:59
Modified
2025-04-20 01:37
Severity ?
Summary
NTP before 4.2.8p6 and 4.3.x before 4.3.90 allows remote attackers to bypass the origin timestamp validation via a packet with an origin timestamp set to zero.
References
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ntp | ntp | * | |
| ntp | ntp | 4.3.0 | |
| ntp | ntp | 4.3.1 | |
| ntp | ntp | 4.3.2 | |
| ntp | ntp | 4.3.3 | |
| ntp | ntp | 4.3.4 | |
| ntp | ntp | 4.3.5 | |
| ntp | ntp | 4.3.6 | |
| ntp | ntp | 4.3.7 | |
| ntp | ntp | 4.3.8 | |
| ntp | ntp | 4.3.10 | |
| ntp | ntp | 4.3.11 | |
| ntp | ntp | 4.3.12 | |
| ntp | ntp | 4.3.13 | |
| ntp | ntp | 4.3.14 | |
| ntp | ntp | 4.3.15 | |
| ntp | ntp | 4.3.16 | |
| ntp | ntp | 4.3.17 | |
| ntp | ntp | 4.3.18 | |
| ntp | ntp | 4.3.19 | |
| ntp | ntp | 4.3.20 | |
| ntp | ntp | 4.3.21 | |
| ntp | ntp | 4.3.22 | |
| ntp | ntp | 4.3.23 | |
| ntp | ntp | 4.3.24 | |
| ntp | ntp | 4.3.25 | |
| ntp | ntp | 4.3.26 | |
| ntp | ntp | 4.3.27 | |
| ntp | ntp | 4.3.28 | |
| ntp | ntp | 4.3.29 | |
| ntp | ntp | 4.3.30 | |
| ntp | ntp | 4.3.31 | |
| ntp | ntp | 4.3.32 | |
| ntp | ntp | 4.3.33 | |
| ntp | ntp | 4.3.34 | |
| ntp | ntp | 4.3.35 | |
| ntp | ntp | 4.3.36 | |
| ntp | ntp | 4.3.37 | |
| ntp | ntp | 4.3.38 | |
| ntp | ntp | 4.3.39 | |
| ntp | ntp | 4.3.40 | |
| ntp | ntp | 4.3.41 | |
| ntp | ntp | 4.3.42 | |
| ntp | ntp | 4.3.43 | |
| ntp | ntp | 4.3.44 | |
| ntp | ntp | 4.3.45 | |
| ntp | ntp | 4.3.46 | |
| ntp | ntp | 4.3.47 | |
| ntp | ntp | 4.3.48 | |
| ntp | ntp | 4.3.49 | |
| ntp | ntp | 4.3.50 | |
| ntp | ntp | 4.3.51 | |
| ntp | ntp | 4.3.52 | |
| ntp | ntp | 4.3.53 | |
| ntp | ntp | 4.3.54 | |
| ntp | ntp | 4.3.55 | |
| ntp | ntp | 4.3.56 | |
| ntp | ntp | 4.3.57 | |
| ntp | ntp | 4.3.58 | |
| ntp | ntp | 4.3.59 | |
| ntp | ntp | 4.3.60 | |
| ntp | ntp | 4.3.61 | |
| ntp | ntp | 4.3.62 | |
| ntp | ntp | 4.3.63 | |
| ntp | ntp | 4.3.64 | |
| ntp | ntp | 4.3.65 | |
| ntp | ntp | 4.3.66 | |
| ntp | ntp | 4.3.67 | |
| ntp | ntp | 4.3.68 | |
| ntp | ntp | 4.3.69 | |
| ntp | ntp | 4.3.70 | |
| ntp | ntp | 4.3.71 | |
| ntp | ntp | 4.3.72 | |
| ntp | ntp | 4.3.73 | |
| ntp | ntp | 4.3.74 | |
| ntp | ntp | 4.3.75 | |
| ntp | ntp | 4.3.76 | |
| ntp | ntp | 4.3.77 | |
| ntp | ntp | 4.3.78 | |
| ntp | ntp | 4.3.79 | |
| ntp | ntp | 4.3.80 | |
| ntp | ntp | 4.3.81 | |
| ntp | ntp | 4.3.82 | |
| ntp | ntp | 4.3.83 | |
| ntp | ntp | 4.3.84 | |
| ntp | ntp | 4.3.85 | |
| ntp | ntp | 4.3.86 | |
| ntp | ntp | 4.3.87 | |
| ntp | ntp | 4.3.88 | |
| ntp | ntp | 4.3.89 |
{ configurations: [ { nodes: [ { cpeMatch: [ { criteria: "cpe:2.3:a:ntp:ntp:*:p5:*:*:*:*:*:*", matchCriteriaId: "99442254-E77A-43F7-8A9B-FC918AC336A6", versionEndIncluding: "4.2.8", vulnerable: true, }, { criteria: "cpe:2.3:a:ntp:ntp:4.3.0:*:*:*:*:*:*:*", matchCriteriaId: "0C1CCF6F-74C6-42D7-B88B-36ED73BB1F8D", vulnerable: true, }, { criteria: "cpe:2.3:a:ntp:ntp:4.3.1:*:*:*:*:*:*:*", matchCriteriaId: "B23D9009-DF45-44C1-80DF-CEEC9B9E3F20", vulnerable: true, }, { criteria: "cpe:2.3:a:ntp:ntp:4.3.2:*:*:*:*:*:*:*", matchCriteriaId: "43921601-667E-4415-83BE-E5B39D969BD3", vulnerable: true, }, { criteria: "cpe:2.3:a:ntp:ntp:4.3.3:*:*:*:*:*:*:*", matchCriteriaId: "75DD9C02-0C46-4785-8D77-C5465E4ED967", vulnerable: true, }, { criteria: "cpe:2.3:a:ntp:ntp:4.3.4:*:*:*:*:*:*:*", matchCriteriaId: "A497BADE-0516-494F-89FA-EAFC6AD17F7A", vulnerable: true, }, { criteria: "cpe:2.3:a:ntp:ntp:4.3.5:*:*:*:*:*:*:*", matchCriteriaId: "4298439A-EAF2-4CAA-990B-4AA37E7A0E8D", vulnerable: true, }, { criteria: "cpe:2.3:a:ntp:ntp:4.3.6:*:*:*:*:*:*:*", matchCriteriaId: "30E9C822-C04A-4908-9596-76F9FB561206", vulnerable: true, }, { criteria: "cpe:2.3:a:ntp:ntp:4.3.7:*:*:*:*:*:*:*", matchCriteriaId: "12EBD400-8EC1-4F9C-B600-85B8FF3BDEA4", vulnerable: true, }, { criteria: "cpe:2.3:a:ntp:ntp:4.3.8:*:*:*:*:*:*:*", matchCriteriaId: "BE6CFF4C-2620-4FD6-91A2-C0D0DAA4287D", vulnerable: true, }, { criteria: "cpe:2.3:a:ntp:ntp:4.3.10:*:*:*:*:*:*:*", matchCriteriaId: "121ED6C5-8985-4DEF-9040-2AC63582E596", vulnerable: true, }, { criteria: "cpe:2.3:a:ntp:ntp:4.3.11:*:*:*:*:*:*:*", matchCriteriaId: "566B4B99-8B4F-4ED8-B2DC-D90EC71ECB99", vulnerable: true, }, { criteria: "cpe:2.3:a:ntp:ntp:4.3.12:*:*:*:*:*:*:*", matchCriteriaId: "68499DA4-64EF-412F-A434-8E0F78D77CE9", vulnerable: true, }, { criteria: "cpe:2.3:a:ntp:ntp:4.3.13:*:*:*:*:*:*:*", matchCriteriaId: "836C5AC9-463F-4703-81B9-7B5484F47A5F", vulnerable: true, }, { criteria: "cpe:2.3:a:ntp:ntp:4.3.14:*:*:*:*:*:*:*", matchCriteriaId: "FED14811-8F49-4796-BADD-DB7973EC32DF", vulnerable: true, }, { criteria: "cpe:2.3:a:ntp:ntp:4.3.15:*:*:*:*:*:*:*", matchCriteriaId: "D4EB2830-ADE5-4C87-964E-16748BF88EF6", vulnerable: true, }, { criteria: "cpe:2.3:a:ntp:ntp:4.3.16:*:*:*:*:*:*:*", matchCriteriaId: "8C0284FD-2933-4160-80D2-53B32CD73287", vulnerable: true, }, { criteria: "cpe:2.3:a:ntp:ntp:4.3.17:*:*:*:*:*:*:*", matchCriteriaId: "D9AB963A-7284-433F-9890-5AE402E4E000", vulnerable: true, }, { criteria: "cpe:2.3:a:ntp:ntp:4.3.18:*:*:*:*:*:*:*", matchCriteriaId: "EEDEFF7A-D964-4D9A-93BF-41E9D16EA793", vulnerable: true, }, { criteria: "cpe:2.3:a:ntp:ntp:4.3.19:*:*:*:*:*:*:*", matchCriteriaId: "9C434153-911C-4F07-ADD0-0EAB47F96E89", vulnerable: true, }, { criteria: "cpe:2.3:a:ntp:ntp:4.3.20:*:*:*:*:*:*:*", matchCriteriaId: "8183B043-8B96-4A8B-A5C9-544D4F1CED8D", vulnerable: true, }, { criteria: "cpe:2.3:a:ntp:ntp:4.3.21:*:*:*:*:*:*:*", matchCriteriaId: "6DE349AB-44CB-4263-80CE-59DFD572B363", vulnerable: true, }, { criteria: "cpe:2.3:a:ntp:ntp:4.3.22:*:*:*:*:*:*:*", matchCriteriaId: "3DB55DF6-567F-4B6A-81E1-9013914416D9", vulnerable: true, }, { criteria: "cpe:2.3:a:ntp:ntp:4.3.23:*:*:*:*:*:*:*", matchCriteriaId: "80727B0B-AB5E-46CC-9DDF-F319C2D9B242", vulnerable: true, }, { criteria: "cpe:2.3:a:ntp:ntp:4.3.24:*:*:*:*:*:*:*", matchCriteriaId: "E0755962-2D5F-41E6-9BDB-C2ECBCCD2818", vulnerable: true, }, { criteria: "cpe:2.3:a:ntp:ntp:4.3.25:*:*:*:*:*:*:*", matchCriteriaId: "2EBAADB5-FA32-4CF9-A4B2-51EEA300B0EC", vulnerable: true, }, { criteria: "cpe:2.3:a:ntp:ntp:4.3.26:*:*:*:*:*:*:*", matchCriteriaId: "A202FDAD-D757-4850-9D1E-C31B0F3BA718", vulnerable: true, }, { criteria: "cpe:2.3:a:ntp:ntp:4.3.27:*:*:*:*:*:*:*", matchCriteriaId: "B6A345D7-DFC0-4E0D-AAAB-8206C35F63D4", vulnerable: true, }, { criteria: "cpe:2.3:a:ntp:ntp:4.3.28:*:*:*:*:*:*:*", matchCriteriaId: "C4069EF5-DC7D-4487-8636-AC2EAB17BAC8", vulnerable: true, }, { criteria: "cpe:2.3:a:ntp:ntp:4.3.29:*:*:*:*:*:*:*", matchCriteriaId: "73DF3A5C-F1D9-468E-BD08-5E2578898DEA", vulnerable: true, }, { criteria: "cpe:2.3:a:ntp:ntp:4.3.30:*:*:*:*:*:*:*", matchCriteriaId: "0858AE44-4B0A-4941-B4A8-937B557D1448", vulnerable: true, }, { criteria: "cpe:2.3:a:ntp:ntp:4.3.31:*:*:*:*:*:*:*", matchCriteriaId: "979C84FF-CB21-4819-B3CA-1A55FDF20BD4", vulnerable: true, }, { criteria: "cpe:2.3:a:ntp:ntp:4.3.32:*:*:*:*:*:*:*", matchCriteriaId: "94709B39-C394-4B44-A362-9429F4CB9D50", vulnerable: true, }, { criteria: "cpe:2.3:a:ntp:ntp:4.3.33:*:*:*:*:*:*:*", matchCriteriaId: "2E4526AC-6BCC-43A5-B501-263D0ED0655B", vulnerable: true, }, { criteria: "cpe:2.3:a:ntp:ntp:4.3.34:*:*:*:*:*:*:*", matchCriteriaId: "E04FF6B4-CD1C-4AC1-B286-D6AB705D680B", vulnerable: true, }, { criteria: "cpe:2.3:a:ntp:ntp:4.3.35:*:*:*:*:*:*:*", matchCriteriaId: "1FAFA0C8-1349-43A4-BDAC-3B5A601B9FDE", vulnerable: true, }, { criteria: "cpe:2.3:a:ntp:ntp:4.3.36:*:*:*:*:*:*:*", matchCriteriaId: "6BA130B1-DD20-4E98-963F-61E85A09E29E", vulnerable: true, }, { criteria: "cpe:2.3:a:ntp:ntp:4.3.37:*:*:*:*:*:*:*", matchCriteriaId: "9AAC9B73-5020-47C9-803E-ABB6162AADE0", vulnerable: true, }, { criteria: "cpe:2.3:a:ntp:ntp:4.3.38:*:*:*:*:*:*:*", matchCriteriaId: "D2A6B7B5-3AC9-4442-BD91-3783C2B4235C", vulnerable: true, }, { criteria: "cpe:2.3:a:ntp:ntp:4.3.39:*:*:*:*:*:*:*", matchCriteriaId: "D72F5C09-520B-486C-AD9A-9CBBFE6487CA", vulnerable: true, }, { criteria: "cpe:2.3:a:ntp:ntp:4.3.40:*:*:*:*:*:*:*", matchCriteriaId: "097DED37-D3F3-45C4-B131-1C4294406722", vulnerable: true, }, { criteria: "cpe:2.3:a:ntp:ntp:4.3.41:*:*:*:*:*:*:*", matchCriteriaId: "85A4F607-0A9D-4F84-B50D-28C54E6EDC06", vulnerable: true, }, { criteria: "cpe:2.3:a:ntp:ntp:4.3.42:*:*:*:*:*:*:*", matchCriteriaId: "8C689CAF-632A-4FF2-8C86-541EEDD574E8", vulnerable: true, }, { criteria: "cpe:2.3:a:ntp:ntp:4.3.43:*:*:*:*:*:*:*", matchCriteriaId: "7B0ACF5B-BBA9-4B6C-B19D-B8AEF7212781", vulnerable: true, }, { criteria: "cpe:2.3:a:ntp:ntp:4.3.44:*:*:*:*:*:*:*", matchCriteriaId: "E09C8254-73DC-4AFA-A250-A8192DC917F6", vulnerable: true, }, { criteria: "cpe:2.3:a:ntp:ntp:4.3.45:*:*:*:*:*:*:*", matchCriteriaId: "D344FA12-3C5F-418B-9209-EA8BDD230074", vulnerable: true, }, { criteria: "cpe:2.3:a:ntp:ntp:4.3.46:*:*:*:*:*:*:*", matchCriteriaId: "D1C3A62A-C6F6-4B2E-A254-CDA12BD34DBB", vulnerable: true, }, { criteria: "cpe:2.3:a:ntp:ntp:4.3.47:*:*:*:*:*:*:*", matchCriteriaId: "073A0AFF-C5C6-422E-BD63-2353AA4B58E1", vulnerable: true, }, { criteria: "cpe:2.3:a:ntp:ntp:4.3.48:*:*:*:*:*:*:*", matchCriteriaId: "59B5DA29-4139-405D-8AA8-23FAECBBC5CD", vulnerable: true, }, { criteria: "cpe:2.3:a:ntp:ntp:4.3.49:*:*:*:*:*:*:*", matchCriteriaId: "73F4D15D-6D2A-4730-B7CF-21284E92FEFF", vulnerable: true, }, { criteria: "cpe:2.3:a:ntp:ntp:4.3.50:*:*:*:*:*:*:*", matchCriteriaId: "79A0C6AB-813F-4417-A98E-33FBB7AAB939", vulnerable: true, }, { criteria: "cpe:2.3:a:ntp:ntp:4.3.51:*:*:*:*:*:*:*", matchCriteriaId: "815ABF0E-ED94-4426-8889-D3C2AECACC26", vulnerable: true, }, { criteria: "cpe:2.3:a:ntp:ntp:4.3.52:*:*:*:*:*:*:*", matchCriteriaId: "894612F1-8C51-4F66-AFE7-D8077F63E562", vulnerable: true, }, { criteria: "cpe:2.3:a:ntp:ntp:4.3.53:*:*:*:*:*:*:*", matchCriteriaId: "63FD3D1E-08F8-4C7F-876C-47E88386B83E", vulnerable: true, }, { criteria: "cpe:2.3:a:ntp:ntp:4.3.54:*:*:*:*:*:*:*", matchCriteriaId: "9C068E27-A3DD-4FD2-81FB-2CFEC3C047CD", vulnerable: true, }, { criteria: "cpe:2.3:a:ntp:ntp:4.3.55:*:*:*:*:*:*:*", matchCriteriaId: "E21A12E6-0802-4BDC-AF71-50D7D0433B87", vulnerable: true, }, { criteria: "cpe:2.3:a:ntp:ntp:4.3.56:*:*:*:*:*:*:*", matchCriteriaId: "DC7EE44A-7D8B-41A5-82A6-04AEE50278CE", vulnerable: true, }, { criteria: "cpe:2.3:a:ntp:ntp:4.3.57:*:*:*:*:*:*:*", matchCriteriaId: "6862529A-1AE5-4E2D-A4B0-E351D1900C64", vulnerable: true, }, { criteria: "cpe:2.3:a:ntp:ntp:4.3.58:*:*:*:*:*:*:*", matchCriteriaId: "4C6B6711-0F75-4FEA-8917-04391FC9D378", vulnerable: true, }, { criteria: "cpe:2.3:a:ntp:ntp:4.3.59:*:*:*:*:*:*:*", matchCriteriaId: "6AC0249C-3CFC-4CD3-9481-9F6BE1FC5E31", vulnerable: true, }, { criteria: "cpe:2.3:a:ntp:ntp:4.3.60:*:*:*:*:*:*:*", matchCriteriaId: "3BE639D9-0B1E-4DFB-B275-D11665FDA4AD", vulnerable: true, }, { criteria: "cpe:2.3:a:ntp:ntp:4.3.61:*:*:*:*:*:*:*", matchCriteriaId: "B35E9C41-0F2A-4790-B996-8EC00FA863F1", vulnerable: true, }, { criteria: "cpe:2.3:a:ntp:ntp:4.3.62:*:*:*:*:*:*:*", matchCriteriaId: "28BAB268-3A70-4422-9C6C-49E6453D750D", vulnerable: true, }, { criteria: "cpe:2.3:a:ntp:ntp:4.3.63:*:*:*:*:*:*:*", matchCriteriaId: "9A5960F1-DDA9-4885-952F-450EC00B5C9F", vulnerable: true, }, { criteria: "cpe:2.3:a:ntp:ntp:4.3.64:*:*:*:*:*:*:*", matchCriteriaId: "E725D449-BBC2-40E3-BF53-D9BF7B4F57D3", vulnerable: true, }, { criteria: "cpe:2.3:a:ntp:ntp:4.3.65:*:*:*:*:*:*:*", matchCriteriaId: "B10975CB-56EB-44D0-BDEF-60484B6BD85E", vulnerable: true, }, { criteria: "cpe:2.3:a:ntp:ntp:4.3.66:*:*:*:*:*:*:*", matchCriteriaId: "3EE56C0F-0AF4-45CF-ACA2-0E583BBB3187", vulnerable: true, }, { criteria: "cpe:2.3:a:ntp:ntp:4.3.67:*:*:*:*:*:*:*", matchCriteriaId: "16A4A1AC-ED08-4EFE-A826-1BB1B5CAB34E", vulnerable: true, }, { criteria: "cpe:2.3:a:ntp:ntp:4.3.68:*:*:*:*:*:*:*", matchCriteriaId: "BF9D7AD6-6BDB-4519-B9F8-3181E21850FC", vulnerable: true, }, { criteria: "cpe:2.3:a:ntp:ntp:4.3.69:*:*:*:*:*:*:*", matchCriteriaId: "B061FF9A-0D00-429D-9B2F-14EEA41E7A33", vulnerable: true, }, { criteria: "cpe:2.3:a:ntp:ntp:4.3.70:*:*:*:*:*:*:*", matchCriteriaId: "D6CB0260-2A96-41A8-81A0-8E9722B22D87", vulnerable: true, }, { criteria: "cpe:2.3:a:ntp:ntp:4.3.71:*:*:*:*:*:*:*", matchCriteriaId: "AE037065-9E33-4A5A-8188-1F086D7BE394", vulnerable: true, }, { criteria: "cpe:2.3:a:ntp:ntp:4.3.72:*:*:*:*:*:*:*", matchCriteriaId: "70200031-5902-416D-A140-DC2CDFDAF683", vulnerable: true, }, { criteria: "cpe:2.3:a:ntp:ntp:4.3.73:*:*:*:*:*:*:*", matchCriteriaId: "575C5F15-2C16-4B39-A718-1641DDD88F84", vulnerable: true, }, { criteria: "cpe:2.3:a:ntp:ntp:4.3.74:*:*:*:*:*:*:*", matchCriteriaId: "9E7BFD7E-9B3F-4D63-BEBC-16F22DA6F8E6", vulnerable: true, }, { criteria: "cpe:2.3:a:ntp:ntp:4.3.75:*:*:*:*:*:*:*", matchCriteriaId: "42631437-772B-45E0-A1F3-5D9E2FC77D19", vulnerable: true, }, { criteria: "cpe:2.3:a:ntp:ntp:4.3.76:*:*:*:*:*:*:*", matchCriteriaId: "CA9E62EF-E21F-421F-9A57-54A551CEC441", vulnerable: true, }, { criteria: "cpe:2.3:a:ntp:ntp:4.3.77:*:*:*:*:*:*:*", matchCriteriaId: "871E046E-013A-4E10-9457-4D1F407519EA", vulnerable: true, }, { criteria: "cpe:2.3:a:ntp:ntp:4.3.78:*:*:*:*:*:*:*", matchCriteriaId: "B5E4B06F-AD55-4D61-B966-B38B854C0A75", vulnerable: true, }, { criteria: "cpe:2.3:a:ntp:ntp:4.3.79:*:*:*:*:*:*:*", matchCriteriaId: "19817731-42C2-4745-88F2-D27258FC7DB1", vulnerable: true, }, { criteria: "cpe:2.3:a:ntp:ntp:4.3.80:*:*:*:*:*:*:*", matchCriteriaId: "77479EEE-F81B-4653-8FAD-0AFBA3C71B09", vulnerable: true, }, { criteria: "cpe:2.3:a:ntp:ntp:4.3.81:*:*:*:*:*:*:*", matchCriteriaId: "0208619E-9179-46D9-8E47-6CB5B4046DF9", vulnerable: true, }, { criteria: "cpe:2.3:a:ntp:ntp:4.3.82:*:*:*:*:*:*:*", matchCriteriaId: "6FBAE2A2-B7CB-45F6-A84C-5B9B742A0B56", vulnerable: true, }, { criteria: "cpe:2.3:a:ntp:ntp:4.3.83:*:*:*:*:*:*:*", matchCriteriaId: "5CC16904-03FC-42B2-89F0-CA0D59A5FB91", vulnerable: true, }, { criteria: "cpe:2.3:a:ntp:ntp:4.3.84:*:*:*:*:*:*:*", matchCriteriaId: "4E3980D1-54F1-4C2F-B140-B2F18D8958A3", vulnerable: true, }, { criteria: "cpe:2.3:a:ntp:ntp:4.3.85:*:*:*:*:*:*:*", matchCriteriaId: "0C845718-520A-42CB-9BA7-00723694A01F", vulnerable: true, }, { criteria: "cpe:2.3:a:ntp:ntp:4.3.86:*:*:*:*:*:*:*", matchCriteriaId: "FAB7BF51-DD1A-41E1-B5E5-02A6BADC30DE", vulnerable: true, }, { criteria: "cpe:2.3:a:ntp:ntp:4.3.87:*:*:*:*:*:*:*", matchCriteriaId: "431DA557-0977-43C2-8DEF-127B1BAA9F46", vulnerable: true, }, { criteria: "cpe:2.3:a:ntp:ntp:4.3.88:*:*:*:*:*:*:*", matchCriteriaId: "733C0A5D-3A0A-4449-9DE0-BD06D4942799", vulnerable: true, }, { criteria: "cpe:2.3:a:ntp:ntp:4.3.89:*:*:*:*:*:*:*", matchCriteriaId: "C9E5DAD5-465A-4A53-856A-1F674723EB00", vulnerable: true, }, ], negate: false, operator: "OR", }, ], }, ], cveTags: [], descriptions: [ { lang: "en", value: "NTP before 4.2.8p6 and 4.3.x before 4.3.90 allows remote attackers to bypass the origin timestamp validation via a packet with an origin timestamp set to zero.", }, { lang: "es", value: "NTP en versiones anteriores a 4.2.8p6 y 4.3.x en versiones anteriores a 4.3.90 permite a atacantes remotos eludir la validación de marca horaria de origen a través de un paquete con una marca horaria de origen puesta a cero.", }, ], id: "CVE-2015-8138", lastModified: "2025-04-20T01:37:25.860", metrics: { cvssMetricV2: [ { acInsufInfo: true, baseSeverity: "MEDIUM", cvssData: { accessComplexity: "LOW", accessVector: "NETWORK", authentication: "NONE", availabilityImpact: "NONE", baseScore: 5, confidentialityImpact: "NONE", integrityImpact: "PARTIAL", vectorString: "AV:N/AC:L/Au:N/C:N/I:P/A:N", version: "2.0", }, exploitabilityScore: 10, impactScore: 2.9, obtainAllPrivilege: false, obtainOtherPrivilege: false, obtainUserPrivilege: false, source: "nvd@nist.gov", type: "Primary", userInteractionRequired: false, }, ], cvssMetricV30: [ { cvssData: { attackComplexity: "LOW", attackVector: "NETWORK", availabilityImpact: "NONE", baseScore: 5.3, baseSeverity: "MEDIUM", confidentialityImpact: "NONE", integrityImpact: "LOW", privilegesRequired: "NONE", scope: "UNCHANGED", userInteraction: "NONE", vectorString: "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", version: "3.0", }, exploitabilityScore: 3.9, impactScore: 1.4, source: "nvd@nist.gov", type: "Primary", }, ], }, published: "2017-01-30T21:59:00.723", references: [ { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177507.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/176434.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00059.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00060.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00020.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00038.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00048.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00026.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00042.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2016-05/msg00114.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0063.html", }, { source: "cve@mitre.org", tags: [ "Vendor Advisory", ], url: "http://support.ntp.org/bin/view/Main/SecurityNotice#April_2016_NTP_4_2_8p7_Security", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160127-ntpd", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160428-ntpd", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2016/dsa-3629", }, { source: "cve@mitre.org", url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/81811", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1034782", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-3096-1", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://bto.bluecoat.com/security-advisory/sa113", }, { source: "cve@mitre.org", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-211752.pdf", }, { source: "cve@mitre.org", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-497656.pdf", }, { source: "cve@mitre.org", url: "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03750en_us", }, { source: "cve@mitre.org", url: "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03766en_us", }, { source: "cve@mitre.org", url: "https://security.FreeBSD.org/advisories/FreeBSD-SA-16:09.ntp.asc", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/201607-15", }, { source: "cve@mitre.org", url: "https://security.netapp.com/advisory/ntap-20171004-0002/", }, { source: "cve@mitre.org", url: "https://security.netapp.com/advisory/ntap-20171031-0001/", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161123-ntpd", }, { source: "cve@mitre.org", url: "https://us-cert.cisa.gov/ics/advisories/icsa-21-103-11", }, { source: "cve@mitre.org", url: "https://www.arista.com/en/support/advisories-notices/security-advisories/1332-security-advisory-19", }, { source: "cve@mitre.org", tags: [ "Third Party Advisory", "US Government Resource", ], url: "https://www.kb.cert.org/vuls/id/718152", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177507.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/176434.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00059.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00060.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00020.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00038.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00048.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00026.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00042.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://lists.opensuse.org/opensuse-updates/2016-05/msg00114.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://rhn.redhat.com/errata/RHSA-2016-0063.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Vendor Advisory", ], url: "http://support.ntp.org/bin/view/Main/SecurityNotice#April_2016_NTP_4_2_8p7_Security", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160127-ntpd", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160428-ntpd", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.debian.org/security/2016/dsa-3629", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securityfocus.com/bid/81811", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "VDB Entry", ], url: "http://www.securitytracker.com/id/1034782", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "http://www.ubuntu.com/usn/USN-3096-1", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://bto.bluecoat.com/security-advisory/sa113", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-211752.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://cert-portal.siemens.com/productcert/pdf/ssa-497656.pdf", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03750en_us", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03766en_us", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.FreeBSD.org/advisories/FreeBSD-SA-16:09.ntp.asc", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://security.gentoo.org/glsa/201607-15", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.netapp.com/advisory/ntap-20171004-0002/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://security.netapp.com/advisory/ntap-20171031-0001/", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", ], url: "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161123-ntpd", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://us-cert.cisa.gov/ics/advisories/icsa-21-103-11", }, { source: "af854a3a-2127-422b-91ae-364da2661108", url: "https://www.arista.com/en/support/advisories-notices/security-advisories/1332-security-advisory-19", }, { source: "af854a3a-2127-422b-91ae-364da2661108", tags: [ "Third Party Advisory", "US Government Resource", ], url: "https://www.kb.cert.org/vuls/id/718152", }, ], sourceIdentifier: "cve@mitre.org", vulnStatus: "Deferred", weaknesses: [ { description: [ { lang: "en", value: "CWE-20", }, ], source: "nvd@nist.gov", type: "Primary", }, ], }
Log in or create an account to share your comment.
Security Advisory comment format.
This schema specifies the format of a comment related to a security advisory.
Title of the comment
Description of the comment
Loading…
Loading…
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.