5.3
CVSSv3

CVE-2016-2517

CVSSv4: NA | CVSSv3: 5.3 | CVSSv2: 4.9 | VMScore: 630 | EPSS: 0.01002 | KEV: Not Included
Published: 30/01/2017 Updated: 21/11/2024

Vulnerability Summary

NTP prior to 4.2.8p7 and 4.3.x prior to 4.3.92 allows remote malicious users to cause a denial of service (prevent subsequent authentication) by leveraging knowledge of the controlkey or requestkey and sending a crafted packet to ntpd, which changes the value of trustedkey, controlkey, or requestkey. NOTE: this vulnerability exists because of a CVE-2016-2516 regression.

Vulnerable Product Search on Vulmon Subscribe to Product

ntp ntp

ntp ntp 4.3.0

ntp ntp 4.3.1

ntp ntp 4.3.2

ntp ntp 4.3.3

ntp ntp 4.3.4

ntp ntp 4.3.5

ntp ntp 4.3.6

ntp ntp 4.3.7

ntp ntp 4.3.8

ntp ntp 4.3.9

ntp ntp 4.3.10

ntp ntp 4.3.11

ntp ntp 4.3.12

ntp ntp 4.3.13

ntp ntp 4.3.14

ntp ntp 4.3.15

ntp ntp 4.3.16

ntp ntp 4.3.17

ntp ntp 4.3.18

ntp ntp 4.3.19

ntp ntp 4.3.20

ntp ntp 4.3.21

ntp ntp 4.3.22

ntp ntp 4.3.23

ntp ntp 4.3.24

ntp ntp 4.3.25

ntp ntp 4.3.26

ntp ntp 4.3.27

ntp ntp 4.3.28

ntp ntp 4.3.29

ntp ntp 4.3.30

ntp ntp 4.3.31

ntp ntp 4.3.32

ntp ntp 4.3.33

ntp ntp 4.3.34

ntp ntp 4.3.35

ntp ntp 4.3.36

ntp ntp 4.3.37

ntp ntp 4.3.38

ntp ntp 4.3.39

ntp ntp 4.3.40

ntp ntp 4.3.41

ntp ntp 4.3.42

ntp ntp 4.3.43

ntp ntp 4.3.44

ntp ntp 4.3.45

ntp ntp 4.3.46

ntp ntp 4.3.47

ntp ntp 4.3.48

ntp ntp 4.3.49

ntp ntp 4.3.50

ntp ntp 4.3.51

ntp ntp 4.3.52

ntp ntp 4.3.53

ntp ntp 4.3.54

ntp ntp 4.3.55

ntp ntp 4.3.56

ntp ntp 4.3.57

ntp ntp 4.3.58

ntp ntp 4.3.59

ntp ntp 4.3.60

ntp ntp 4.3.61

ntp ntp 4.3.62

ntp ntp 4.3.63

ntp ntp 4.3.64

ntp ntp 4.3.65

ntp ntp 4.3.66

ntp ntp 4.3.67

ntp ntp 4.3.68

ntp ntp 4.3.69

ntp ntp 4.3.70

ntp ntp 4.3.71

ntp ntp 4.3.72

ntp ntp 4.3.73

ntp ntp 4.3.74

ntp ntp 4.3.75

ntp ntp 4.3.76

ntp ntp 4.3.77

ntp ntp 4.3.78

ntp ntp 4.3.79

ntp ntp 4.3.80

ntp ntp 4.3.81

ntp ntp 4.3.82

ntp ntp 4.3.83

ntp ntp 4.3.84

ntp ntp 4.3.85

ntp ntp 4.3.86

ntp ntp 4.3.87

ntp ntp 4.3.88

ntp ntp 4.3.89

ntp ntp 4.3.90

ntp ntp 4.3.91

Vendor Advisories

NTP before 428p7 and 43x before 4392 allows remote attackers to cause a denial of service (prevent subsequent authentication) by leveraging knowledge of the controlkey or requestkey and sending a crafted packet to ntpd, which changes the value of trustedkey, controlkey, or requestkey NOTE: this vulnerability exists because of a CVE-2016-251 ...