vulnerability
FreeBSD: ntp -- multiple vulnerabilities (FreeBSD-SA-16:09.ntp) (Multiple CVEs)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 6 | (AV:N/AC:M/Au:N/C:N/I:P/A:P) | Jan 20, 2016 | Jan 25, 2016 | Jul 28, 2025 |
Severity
6
CVSS
(AV:N/AC:M/Au:N/C:N/I:P/A:P)
Published
Jan 20, 2016
Added
Jan 25, 2016
Modified
Jul 28, 2025
Description
NTP 4.x before 4.2.8p6 and 4.3.x before 4.3.90 do not verify peer associations of symmetric keys when authenticating packets, which might allow remote attackers to conduct impersonation attacks via an arbitrary trusted key, aka a "skeleton key."
Solutions
freebsd-upgrade-base-10_1-release-p28freebsd-upgrade-base-10_2-release-p11freebsd-upgrade-base-9_3-release-p35freebsd-upgrade-package-ntpfreebsd-upgrade-package-ntp-devel
References
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.