CVE-2016-9042 in ntpinfo

Summary

An exploitable denial of service vulnerability exists in the origin timestamp check functionality of ntpd 4.2.8p9. A specially crafted unauthenticated network packet can be used to reset the expected origin timestamp for target peers. Legitimate replies from targeted peers will fail the origin timestamp check (TEST2) causing the reply to be dropped and creating a denial of service condition.

If you want to get best quality of vulnerability data, you may have to visit VulDB.

Responsible

Talos

Reservation

10/26/2016

Disclosure

06/04/2018

Moderation

VulDB entry created

Entries

VDB-98552 (1)

CPE

ready

CWE

CWE-20 (Confirmed)

CVSS

5.0

EPSS

0.04844

Activities

Very Low

Sources

MITRE	https://www.cve.org/CVERecord?id=CVE-2016-9042
NVD	https://nvd.nist.gov/vuln/detail/CVE-2016-9042
CVE Details	https://www.cvedetails.com/cve/CVE-2016-9042/

◂ Previous Overview Next ▸

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!