Openntpd: >> Openntpd Security Vulnerabilities
OpenNTPD before 6.0p1 does not validate the CN for HTTPS constraint requests, which allows remote attackers to bypass the man-in-the-middle mitigations via a crafted timestamp constraint with a valid certificate.
CVSS Score
5.9
EPSS Score
0.003
Published
2017-01-31