CVE编号
CVE-2019-8936利用情况
暂无补丁情况
官方补丁披露时间
2019-05-16漏洞描述
**保留**此候选人已被一个组织或个人保留,在宣布新的安全问题时将使用该候选人。候选人被公布后,将提供该候选人的详细信息。解决建议
建议您更新当前系统或软件至最新版,完成漏洞的修复。
参考链接 |
|
|---|---|
| http://bugs.ntp.org/show_bug.cgi?id=3565 | |
| http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00032.html | |
| http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00036.html | |
| http://packetstormsecurity.com/files/152915/FreeBSD-Security-Advisory-FreeBSD... | |
| http://support.ntp.org/bin/view/Main/SecurityNotice | |
| https://lists.fedoraproject.org/archives/list/[email protected]... | |
| https://lists.fedoraproject.org/archives/list/[email protected]... | |
| https://lists.fedoraproject.org/archives/list/[email protected]... | |
| https://seclists.org/bugtraq/2019/May/39 | |
| https://security.FreeBSD.org/advisories/FreeBSD-SA-19:04.ntp.asc | |
| https://security.gentoo.org/glsa/201903-15 | |
| https://security.netapp.com/advisory/ntap-20190503-0001/ | |
| https://support.f5.com/csp/article/K61363039 | |
| https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-... | |
| https://usn.ubuntu.com/4563-1/ |
受影响软件情况
| # | 类型 | 厂商 | 产品 | 版本 | 影响面 | ||||
| 1 | |||||||||
|---|---|---|---|---|---|---|---|---|---|
| 运行在以下环境 | |||||||||
| 应用 | hpe | hpux-ntp | * |
Up to (excluding) c.4.2.8.4.0 |
|||||
| 运行在以下环境 | |||||||||
| 应用 | ntp | ntp | * |
Up to (excluding) 4.2.8 |
|||||
| 运行在以下环境 | |||||||||
| 应用 | ntp | ntp | 4.2.8 | - | |||||
| 运行在以下环境 | |||||||||
| 系统 | amazon_AMI | ntp | * |
Up to (excluding) 4.2.8p12-1.41.amzn1 |
|||||
| 运行在以下环境 | |||||||||
| 系统 | fedora_28 | ntp | * |
Up to (excluding) 4.2.8p13-1.fc28 |
|||||
| 运行在以下环境 | |||||||||
| 系统 | fedora_29 | ntp | * |
Up to (excluding) 4.2.8p13-1.fc29 |
|||||
| 运行在以下环境 | |||||||||
| 系统 | fedora_30 | ntp | * |
Up to (excluding) 4.2.8p13-1.fc30 |
|||||
| 运行在以下环境 | |||||||||
| 系统 | opensuse_Leap_15.0 | ntp | * |
Up to (excluding) 4.2.8p13-lp150.8.1 |
|||||
| 运行在以下环境 | |||||||||
| 系统 | opensuse_Leap_42.3 | ntp | * |
Up to (excluding) 4.2.8p13-31.9.1 |
|||||
| 运行在以下环境 | |||||||||
| 系统 | suse_11_SP4 | ntp | * |
Up to (excluding) 4.2.8p13-64.13.1 |
|||||
| 运行在以下环境 | |||||||||
| 系统 | suse_12_SP3 | ntp | * |
Up to (excluding) 4.2.8p13-85.1 |
|||||
| 运行在以下环境 | |||||||||
| 系统 | suse_12_SP4 | ntp | * |
Up to (excluding) 4.2.8p13-85.1 |
|||||
| 运行在以下环境 | |||||||||
| 系统 | ubuntu_18.04 | ntp | * |
Up to (excluding) 1:4.2.8p10+dfsg-5ubuntu7.3 |
|||||
| 运行在以下环境 | |||||||||
| 系统 | ubuntu_20.04 | ntp | * |
Up to (excluding) 1:4.2.8p12+dfsg-3ubuntu4.20.04.1 |
|||||
| 运行在以下环境 | |||||||||
| 系统 | ubuntu_21.04 | ntp | * |
Up to (excluding) 1:4.2.8p12+dfsg-3ubuntu4.1 |
|||||
- 攻击路径 远程
- 攻击复杂度 复杂
- 权限要求 无需权限
- 影响范围 有限影响
- EXP成熟度 未验证
- 补丁情况 官方补丁
- 数据保密性 无影响
- 数据完整性 无影响
- 服务器危害 无影响
- 全网数量 100
还没有评论,来说两句吧...