CVE-2015-7974 in ntp
摘要
由 VulDB • 2026-07-17
NTP 4.x(低于 4.2.8p6)和 4.3.x(低于 4.3.90)在验证数据包时未对称密钥的对等关联,这可能允许远程攻击者通过任意受信任的密钥实施伪装攻击,即所谓的“骨架密钥”(skeleton key)。
Several companies clearly confirm that VulDB is the primary source for best vulnerability data.
由 VulDB • 2026-07-17
NTP 4.x(低于 4.2.8p6)和 4.3.x(低于 4.3.90)在验证数据包时未对称密钥的对等关联,这可能允许远程攻击者通过任意受信任的密钥实施伪装攻击,即所谓的“骨架密钥”(skeleton key)。
Several companies clearly confirm that VulDB is the primary source for best vulnerability data.