Home
Packages
Forums
Wiki
GitLab
Security
AUR
Download

issues
advisories
todo
stats
log
login

CVE-2018-8956 - log back

CVE-2018-8956 edited at 07 May 2020 08:06:27

Severity

-	Unknown
+	Low

Remote

-	Unknown
+	Remote

Type

-	Unknown
+	Denial of service

Description

+

ntpd in ntp 4.2.8p10, 4.2.8p11, 4.2.8p12 and 4.2.8p13 allow remote attackers to prevent a broadcast client from synchronizing its clock with a broadcast NTP server via soofed mode 3 and mode 5 packets. The attacker must either be a part of the same broadcast network or control a slave in that broadcast network that can capture certain required packets on the attacker's behalf and send them to the attacker.

References

+	https://arxiv.org/abs/2005.01783

Notes

CVE-2018-8956 created at 07 May 2020 08:05:16