Published: 05/07/2016 Updated: 18/06/2020

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9

VMScore: 445

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

ntpd in NTP prior to 4.2.8p8 allows remote malicious users to cause a denial of service (daemon crash) via a crypto-NAK packet. NOTE: this vulnerability exists because of an incorrect fix for CVE-2016-1547.

Vulnerable Product	Search on Vulmon	Subscribe to Product
ntp ntp 4.2.8
ntp ntp 4.3.92
oracle solaris 10
oracle solaris 11.3
suse manager proxy 2.1
suse openstack cloud 5
novell suse manager 2.1
opensuse leap 42.1
opensuse opensuse 13.2
suse linux enterprise desktop 12
suse linux enterprise server 11
suse linux enterprise server 12

ntpd in NTP before 428p8 allows remote attackers to cause a denial of service (daemon crash) via a crypto-NAK packet NOTE: this vulnerability exists because of an incorrect fix for CVE-2016-1547 ...

CWE-476 http://bugs.ntp.org/3046 http://www.kb.cert.org/vuls/id/321640 http://support.ntp.org/bin/view/Main/NtpBug3046 http://support.ntp.org/bin/view/Main/SecurityNotice http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00023.html http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00018.html http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00024.html http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00028.html http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00040.html http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html https://security.gentoo.org/glsa/201607-15 http://www.securitytracker.com/id/1036037 https://security.FreeBSD.org/advisories/FreeBSD-SA-16:24.ntp.asc https://nvd.nist.gov https://access.redhat.com/security/cve/cve-2016-4957 https://www.kb.cert.org/vuls/id/321640

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2016-4957

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect