Vulnerability Details CVE-2018-7185
The protocol engine in ntp 4.2.6 before 4.2.8p11 allows a remote attackers to cause a denial of service (disruption) by continually sending a packet with a zero-origin timestamp and source IP address of the "other side" of an interleaved association causing the victim ntpd to reset its association.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.156
EPSS Ranking 94.3%
CVSS Severity
CVSS v3 Score 7.5
CVSS v2 Score 5.0
References
- http://packetstormsecurity.com/files/146631/Slackware-Security-Advisory-ntp-Updates.html
- http://support.ntp.org/bin/view/Main/NtpBug3454
- http://www.securityfocus.com/archive/1/541824/100/0/threaded
- http://www.securityfocus.com/bid/103339
- https://security.FreeBSD.org/advisories/FreeBSD-SA-18:02.ntp.asc
- https://security.gentoo.org/glsa/201805-12
- https://security.netapp.com/advisory/ntap-20180626-0001/
- https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03962en_us
- https://usn.ubuntu.com/3707-1/
- https://usn.ubuntu.com/3707-2/
- https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html
- https://www.synology.com/support/security/Synology_SA_18_13
- http://packetstormsecurity.com/files/146631/Slackware-Security-Advisory-ntp-Updates.html
- http://support.ntp.org/bin/view/Main/NtpBug3454
- http://www.securityfocus.com/archive/1/541824/100/0/threaded
- http://www.securityfocus.com/bid/103339
- https://security.FreeBSD.org/advisories/FreeBSD-SA-18:02.ntp.asc
- https://security.gentoo.org/glsa/201805-12
- https://security.netapp.com/advisory/ntap-20180626-0001/
- https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03962en_us
- https://usn.ubuntu.com/3707-1/
- https://usn.ubuntu.com/3707-2/
- https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html
- https://www.synology.com/support/security/Synology_SA_18_13
Products affected by CVE-2018-7185
-
cpe:2.3:a:hpe:hpux-ntp:-
-
cpe:2.3:a:hpe:hpux-ntp:b.11.31
-
cpe:2.3:a:hpe:hpux-ntp:c.4.2.8.0.0
-
cpe:2.3:a:hpe:hpux-ntp:c.4.2.8.1.0
-
cpe:2.3:a:hpe:hpux-ntp:c.4.2.8.2.0
-
cpe:2.3:a:hpe:hpux-ntp:c.4.2.8.3.0
-
cpe:2.3:a:netapp:hci:-
-
cpe:2.3:a:netapp:solidfire:-
-
cpe:2.3:a:ntp:ntp:4.2.6
-
cpe:2.3:a:ntp:ntp:4.2.7
-
cpe:2.3:a:ntp:ntp:4.2.7p444
-
cpe:2.3:a:ntp:ntp:4.2.8
-
cpe:2.3:a:synology:router_manager:1.1
-
cpe:2.3:a:synology:router_manager:1.1-6338
-
cpe:2.3:a:synology:router_manager:1.1-6338-1
-
cpe:2.3:a:synology:router_manager:1.1-6338-2
-
cpe:2.3:a:synology:router_manager:1.1.1-6414
-
cpe:2.3:a:synology:router_manager:1.1.1-6414-1
-
cpe:2.3:a:synology:router_manager:1.1.2-6425
-
cpe:2.3:a:synology:router_manager:1.1.2-6425-1
-
cpe:2.3:a:synology:router_manager:1.1.2-6425-2
-
cpe:2.3:a:synology:router_manager:1.1.2-6425-3
-
cpe:2.3:a:synology:router_manager:1.1.3-6447
-
cpe:2.3:a:synology:router_manager:1.1.3-6447-1
-
cpe:2.3:a:synology:router_manager:1.1.3-6447-2
-
cpe:2.3:a:synology:router_manager:1.1.3-6447-3
-
cpe:2.3:a:synology:router_manager:1.1.3-6447-4
-
cpe:2.3:a:synology:router_manager:1.1.4-6509
-
cpe:2.3:a:synology:router_manager:1.1.4-6509-1
-
cpe:2.3:a:synology:router_manager:1.1.4-6509-2
-
cpe:2.3:a:synology:router_manager:1.1.4-6509-3
-
cpe:2.3:a:synology:router_manager:1.1.4-6509-4
-
cpe:2.3:a:synology:router_manager:1.1.5-6542
-
cpe:2.3:a:synology:router_manager:1.1.5-6542-1
-
cpe:2.3:a:synology:router_manager:1.1.5-6542-2
-
cpe:2.3:a:synology:router_manager:1.1.5-6542-3
-
cpe:2.3:a:synology:router_manager:1.1.5-6542-4
-
cpe:2.3:a:synology:router_manager:1.1.6-6931
-
cpe:2.3:a:synology:router_manager:1.1.6-6931-1
-
cpe:2.3:a:synology:router_manager:1.1.6-6931-2
-
cpe:2.3:a:synology:skynas:-
-
cpe:2.3:a:synology:virtual_diskstation_manager:-
-
cpe:2.3:h:oracle:fujitsu_m10-1:-
-
cpe:2.3:h:oracle:fujitsu_m10-4:-
-
cpe:2.3:h:oracle:fujitsu_m10-4s:-
-
cpe:2.3:h:oracle:fujitsu_m12-1:-
-
cpe:2.3:h:oracle:fujitsu_m12-2:-
-
cpe:2.3:h:oracle:fujitsu_m12-2s:-
-
cpe:2.3:h:synology:vs960hd:-
-
cpe:2.3:o:canonical:ubuntu_linux:12.04
-
cpe:2.3:o:canonical:ubuntu_linux:14.04
-
cpe:2.3:o:canonical:ubuntu_linux:16.04
-
cpe:2.3:o:canonical:ubuntu_linux:17.10
-
cpe:2.3:o:canonical:ubuntu_linux:18.04
-
cpe:2.3:o:oracle:fujitsu_m10-1_firmware:-
-
cpe:2.3:o:oracle:fujitsu_m10-1_firmware:xcp2361
-
cpe:2.3:o:oracle:fujitsu_m10-4_firmware:-
-
cpe:2.3:o:oracle:fujitsu_m10-4_firmware:xcp2361
-
cpe:2.3:o:oracle:fujitsu_m10-4s_firmware:-
-
cpe:2.3:o:oracle:fujitsu_m10-4s_firmware:xcp2361
-
cpe:2.3:o:oracle:fujitsu_m12-1_firmware:-
-
cpe:2.3:o:oracle:fujitsu_m12-1_firmware:xcp2361
-
cpe:2.3:o:oracle:fujitsu_m12-2_firmware:-
-
cpe:2.3:o:oracle:fujitsu_m12-2_firmware:xcp2361
-
cpe:2.3:o:oracle:fujitsu_m12-2s_firmware:-
-
cpe:2.3:o:oracle:fujitsu_m12-2s_firmware:xcp2361
-
cpe:2.3:o:synology:diskstation_manager:5.2
-
cpe:2.3:o:synology:diskstation_manager:5.2-5565
-
cpe:2.3:o:synology:diskstation_manager:5.2-5565-1
-
cpe:2.3:o:synology:diskstation_manager:5.2-5565-2
-
cpe:2.3:o:synology:diskstation_manager:5.2-5592
-
cpe:2.3:o:synology:diskstation_manager:5.2-5592-1
-
cpe:2.3:o:synology:diskstation_manager:5.2-5592-2
-
cpe:2.3:o:synology:diskstation_manager:5.2-5592-3
-
cpe:2.3:o:synology:diskstation_manager:5.2-5592-4
-
cpe:2.3:o:synology:diskstation_manager:5.2-5620
-
cpe:2.3:o:synology:diskstation_manager:5.2-5644
-
cpe:2.3:o:synology:diskstation_manager:5.2-5644-1
-
cpe:2.3:o:synology:diskstation_manager:5.2-5644-2
-
cpe:2.3:o:synology:diskstation_manager:5.2-5644-3
-
cpe:2.3:o:synology:diskstation_manager:5.2-5644-5
-
cpe:2.3:o:synology:diskstation_manager:5.2-5644-8
-
cpe:2.3:o:synology:diskstation_manager:5.2-5967
-
cpe:2.3:o:synology:diskstation_manager:5.2-5967-1
-
cpe:2.3:o:synology:diskstation_manager:5.2-5967-2
-
cpe:2.3:o:synology:diskstation_manager:5.2-5967-3
-
cpe:2.3:o:synology:diskstation_manager:5.2-5967-4
-
cpe:2.3:o:synology:diskstation_manager:5.2-5967-5
-
cpe:2.3:o:synology:diskstation_manager:5.2-5967-6
-
cpe:2.3:o:synology:diskstation_manager:5.2-5967-7
-
cpe:2.3:o:synology:diskstation_manager:5.2-5967-8
-
cpe:2.3:o:synology:diskstation_manager:5.2-5967-9
-
cpe:2.3:o:synology:diskstation_manager:6.0
-
cpe:2.3:o:synology:diskstation_manager:6.0-7321
-
cpe:2.3:o:synology:diskstation_manager:6.0-7321-1
-
cpe:2.3:o:synology:diskstation_manager:6.0-7321-2
-
cpe:2.3:o:synology:diskstation_manager:6.0-7321-3
-
cpe:2.3:o:synology:diskstation_manager:6.0-7321-5
-
cpe:2.3:o:synology:diskstation_manager:6.0-7321-6
-
cpe:2.3:o:synology:diskstation_manager:6.0.1-7393
-
cpe:2.3:o:synology:diskstation_manager:6.0.1-7393-1
-
cpe:2.3:o:synology:diskstation_manager:6.0.1-7393-2
-
cpe:2.3:o:synology:diskstation_manager:6.0.2-8451
-
cpe:2.3:o:synology:diskstation_manager:6.0.2-8451-1
-
cpe:2.3:o:synology:diskstation_manager:6.0.2-8451-10
-
cpe:2.3:o:synology:diskstation_manager:6.0.2-8451-2
-
cpe:2.3:o:synology:diskstation_manager:6.0.2-8451-3
-
cpe:2.3:o:synology:diskstation_manager:6.0.2-8451-4
-
cpe:2.3:o:synology:diskstation_manager:6.0.2-8451-5
-
cpe:2.3:o:synology:diskstation_manager:6.0.2-8451-6
-
cpe:2.3:o:synology:diskstation_manager:6.0.2-8451-7
-
cpe:2.3:o:synology:diskstation_manager:6.0.2-8451-8
-
cpe:2.3:o:synology:diskstation_manager:6.0.2-8451-9
-
cpe:2.3:o:synology:diskstation_manager:6.0.3-8754
-
cpe:2.3:o:synology:diskstation_manager:6.0.3-8754-1
-
cpe:2.3:o:synology:diskstation_manager:6.0.3-8754-3
-
cpe:2.3:o:synology:diskstation_manager:6.0.3-8754-4
-
cpe:2.3:o:synology:diskstation_manager:6.0.3-8754-8
-
cpe:2.3:o:synology:diskstation_manager:6.1
-
cpe:2.3:o:synology:diskstation_manager:6.1-15047
-
cpe:2.3:o:synology:diskstation_manager:6.1-15047-1
-
cpe:2.3:o:synology:diskstation_manager:6.1-15047-2
-
cpe:2.3:o:synology:diskstation_manager:6.1.1
-
cpe:2.3:o:synology:diskstation_manager:6.1.1-15101
-
cpe:2.3:o:synology:diskstation_manager:6.1.1-15101-1
-
cpe:2.3:o:synology:diskstation_manager:6.1.1-15101-2
-
cpe:2.3:o:synology:diskstation_manager:6.1.1-15101-3
-
cpe:2.3:o:synology:diskstation_manager:6.1.1-15101-4
-
cpe:2.3:o:synology:diskstation_manager:6.1.2-15132
-
cpe:2.3:o:synology:diskstation_manager:6.1.2-15132-1
-
cpe:2.3:o:synology:diskstation_manager:6.1.3-15152
-
cpe:2.3:o:synology:diskstation_manager:6.1.3-15152-1
-
cpe:2.3:o:synology:diskstation_manager:6.1.3-15152-3
-
cpe:2.3:o:synology:diskstation_manager:6.1.3-15152-4
-
cpe:2.3:o:synology:diskstation_manager:6.1.3-15152-5
-
cpe:2.3:o:synology:diskstation_manager:6.1.3-15152-6
-
cpe:2.3:o:synology:diskstation_manager:6.1.3-15152-7
-
cpe:2.3:o:synology:diskstation_manager:6.1.3-15152-8
-
cpe:2.3:o:synology:diskstation_manager:6.1.4-15217
-
cpe:2.3:o:synology:diskstation_manager:6.1.4-15217-1
-
cpe:2.3:o:synology:diskstation_manager:6.1.4-15217-2
-
cpe:2.3:o:synology:diskstation_manager:6.1.4-15217-3
-
cpe:2.3:o:synology:diskstation_manager:6.1.4-15217-4
-
cpe:2.3:o:synology:diskstation_manager:6.1.4-15217-5
-
cpe:2.3:o:synology:vs960hd_firmware:-