- Home
- CVEs with nessus.description==The+version+of+the+remote+NTP+server+is+4.x+prior+to+4.2.8p9.+It+is%2C+therefore%2C+affected+by+the+following+vulnerabilities+%3A%0A%0A++-+A+denial+of+service+vulnerability+exists+when+rate+++++limiting+is+configured+for+all+associations%2C+the+limits+++++also+being+applied+to+responses+received+from+the+++++configured+sources.+An+unauthenticated%2C+remote+attacker+++++can+exploit+this%2C+by+periodically+sending+spoofed+++++packets%2C+to+keep+rate+limiting+active%2C+resulting+in+++++valid+responses+not+being+accepted+by+ntpd+from+its+++++sources.+%28CVE-2016-7426%29%0A%0A++-+A+denial+of+service+vulnerability+exists+in+the+++++broadcast+mode+replay+prevention+functionality.+An+++++unauthenticated%2C+adjacent+attacker+can+exploit+this%2C+via+++++specially+crafted+broadcast+mode+NTP+packets+++++periodically+injected+into+the+broadcast+domain%2C+to+++++cause+ntpd+to+reject+broadcast+mode+packets+from+++++legitimate+NTP+broadcast+servers.+%28CVE-2016-7427%29%0A%0A++-+A+denial+of+service+vulnerability+exists+in+the+++++broadcast+mode+poll+interval+functionality.+An+++++unauthenticated%2C+adjacent+attacker+can+exploit+this%2C+via+++++specially+crafted+broadcast+mode+NTP+packets%2C+to+cause+++++ntpd+to+reject+packets+from+a+legitimate+NTP+broadcast+++++server.+%28CVE-2016-7428%29%0A%0A++-+A+denial+of+service+vulnerability+exists+when+receiving+++++server+responses+on+sockets+that+correspond+to+different+++++interfaces+than+what+were+used+in+the+request.+An+++++unauthenticated%2C+remote+attacker+can+exploit+this%2C+by+++++sending+repeated+requests+using+specially+crafted+++++packets+with+spoofed+source+addresses%2C+to+cause+ntpd+++++to+select+the+incorrect+interface+for+the+source%2C+which+++++prevents+it+from+sending+new+requests+until+the+++++interface+list+is+refreshed.+This+eventually+results+in+++++preventing+ntpd+from+synchronizing+with+the+source.%0A++++%28CVE-2016-7429%29%0A%0A++-+A+flaw+exists+that+allows+packets+with+an+origin+++++timestamp+of+zero+to+bypass+security+checks.+An+++++unauthenticated%2C+remote+attacker+can+exploit+this+to+++++spoof+arbitrary+content.+%28CVE-2016-7431%29%0A%0A++-+A+flaw+exists+due+to+the+root+delay+being+included+++++twice%2C+which+may+result+in+the+jitter+value+being+higher+++++than+expected.+An+unauthenticated%2C+remote+attacker+can+++++exploit+this+to+cause+a+denial+of+service+condition.%0A++++%28CVE-2016-7433%29%0A%0A++-+A+denial+of+service+vulnerability+exists+when+handling+++++specially+crafted+mrulist+query+packets+that+allows+an+++++unauthenticated%2C+remote+attacker+to+crash+ntpd.%0A++++%28CVE-2016-7434%29%0A%0A++-+A+flaw+exists+in+the+control+mode+%28mode+6%29+functionality+++++when+handling+specially+crafted+control+mode+packets.+An+++++unauthenticated%2C+adjacent+attacker+can+exploit+this+to+++++set+or+disable+ntpd+traps%2C+resulting+in+the+disclosure+++++of+potentially+sensitive+information%2C+disabling+of+++++legitimate+monitoring%2C+or+DDoS+amplification.%0A++++%28CVE-2016-9310%29%0A%0A++-+A+NULL+pointer+dereference+flaw+exists+in+the+++++report_event%28%29+function+within+file+ntpd%2Fntp_control.c+++++when+the+trap+service+handles+certain+peer+events.+An+++++unauthenticated%2C+remote+attacker+can+exploit+this%2C+via+++++a+specially+crafted+packet%2C+to+cause+a+denial+of+service+++++condition.+%28CVE-2016-9311%29%0A%0A++-+A+denial+of+service+vulnerability+exists+when+handling+++++oversize+UDP+packets+that+allows+an+unauthenticated%2C+++++remote+attacker+to+crash+ntpd.+Note+that+this+++++vulnerability+only+affects+Windows+versions.%0A++++%28CVE-2016-9312%29
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top