Vulnerability CVE-2018-7185


Published: 2018-03-06

Description:
The protocol engine in ntp 4.2.6 before 4.2.8p11 allows a remote attackers to cause a denial of service (disruption) by continually sending a packet with a zero-origin timestamp and source IP address of the "other side" of an interleaved association causing the victim ntpd to reset its association.

Type:

CWE-20

(Improper Input Validation)

Vendor: Synology
Product: Diskstation manager 
Version:
6.1
6.0
5.2
Product: Router manager 
Version: 1.1;
Product: Virtual diskstation manager 
Product: Vs960hd firmware 
Product: Skynas 
Vendor: NTP
Product: NTP 
Version:
4.2.8
4.2.7p444
4.2.7
4.2.6
Vendor: Canonical
Product: Ubuntu linux 
Version:
18.04
17.10
16.04
14.04
12.04
Vendor: Slackware
Product: Slackware linux 
Version:
14.2
14.1
14.0
Vendor: Netapp
Product: Element software 

CVSS2 => (AV:N/AC:L/Au:N/C:N/I:N/A:P)

CVSS Base Score
Impact Subscore
Exploitability Subscore
5/10
2.9/10
10/10
Exploit range
Attack complexity
Authentication
Remote
Low
No required
Confidentiality impact
Integrity impact
Availability impact
None
None
Partial

 References:
http://packetstormsecurity.com/files/146631/Slackware-Security-Advisory-ntp-Updates.html
http://support.ntp.org/bin/view/Main/NtpBug3454
http://www.securityfocus.com/archive/1/541824/100/0/threaded
http://www.securityfocus.com/bid/103339
https://security.FreeBSD.org/advisories/FreeBSD-SA-18:02.ntp.asc
https://security.gentoo.org/glsa/201805-12
https://security.netapp.com/advisory/ntap-20180626-0001/
https://usn.ubuntu.com/3707-1/
https://usn.ubuntu.com/3707-2/
https://www.synology.com/support/security/Synology_SA_18_13

Related CVE
CVE-2019-5498
OnCommand Insight versions through 7.3.6 may disclose sensitive account information to an authenticated user.
CVE-2019-5502
SMB in Data ONTAP operating in 7-Mode versions prior to 8.2.5P3 has weak cryptography which when exploited could lead to information disclosure or addition or modification of data.
CVE-2019-5501
Data ONTAP operating in 7-Mode versions prior to 8.2.5P3 may disclose sensitive LDAP account information to unauthenticated remote attackers.
CVE-2019-5493
Data ONTAP operating in 7-Mode versions prior to 8.2.5P3 are susceptible to a vulnerability which discloses information to an unauthenticated attacker. A successful attack requires that multiple non-default options be enabled.
CVE-2019-5497
NetApp AFF A700s Baseboard Management Controller (BMC) firmware versions 1.22 and higher were shipped with a default account enabled that could allow unauthorized arbitrary command execution.
CVE-2019-8936
NTP through 4.2.8p12 has a NULL Pointer Dereference.
CVE-2019-5492
Element Plug-in for vCenter Server versions prior to 4.2.3 may disclose sensitive account information to an unauthenticated attacker. NetApp HCI Compute Node versions prior to 1.4P2 bundle affected versions of Element Plug-in for vCenter Server.
CVE-2019-11035
When processing certain files, PHP EXIF extension in versions 7.1.x below 7.1.28, 7.2.x below 7.2.17 and 7.3.x below 7.3.4 can be caused to read past allocated buffer in exif_iif_add_value function. This may lead to information disclosure or crash.

Copyright 2019, cxsecurity.com

 

Back to Top