CVE-2016-1549

MEDIUM6.5EPSS 0.97%

發布日:2017/1/6修改日:2026/4/28

也稱為:DEBIAN-CVE-2016-1549

描述

A malicious authenticated peer can create arbitrarily-many ephemeral associations in order to win the clock selection algorithm in ntpd in NTP 4.2.8p4 and earlier and NTPsec 3e160db8dc248a0bcb053b56a80167dc742d2b74 and a5fb34b9cc89b92a8fef2f459004865c93bb7f92 and modify a victim's clock.

受影響套件(1)

Debian/ntpfrom 0, < 1:4.2.8p7+dfsg-1

CVSS 分數

來源	版本	嚴重程度	向量
osv	CVSS 3.1	MEDIUM6.5	CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

參考連結(1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2016-1549