Back to search
CVE-2018-8956
Published: May 6, 2020
Modified: Aug 5, 2024
PUBLISHED
Description
ntpd in ntp 4.2.8p10, 4.2.8p11, 4.2.8p12 and 4.2.8p13 allow remote attackers to prevent a broadcast client from synchronizing its clock with a broadcast NTP server via soofed mode 3 and mode 5 packets. The attacker must either be a part of the same broadcast network or control a slave in that broadcast network that can capture certain required packets on the attacker's behalf and send them to the attacker.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
http://www.ntp.org/
x_refsource_MISC
https://tools.ietf.org/html/rfc5905
x_refsource_MISC
https://nikhiltripathi.in/NTP_attack.pdf
x_refsource_MISC
https://arxiv.org/abs/2005.01783
x_refsource_MISC
https://security.netapp.com/advisory/ntap-20200518-0006/
x_refsource_CONFIRM
openSUSE-SU-2020:0934
vendor-advisory
x_refsource_SUSE
openSUSE-SU-2020:1007
vendor-advisory
x_refsource_SUSE
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now