Published: 13/01/2017 Updated: 21/11/2024

The read_mru_list function in NTP prior to 4.2.8p9 allows remote malicious users to cause a denial of service (crash) via a crafted mrulist query.

Vulnerable Product	Search on Vulmon	Subscribe to Product
ntp ntp
ntp ntp 4.2.7
ntp ntp 4.2.8
hpe hpux-ntp

Several security issues were fixed in NTP ...

The read_mru_list function in NTP before 428p9 allows remote attackers to cause a denial of service (crash) via a crafted mrulist query ...

If ntpd is configured to allow mrulist query requests from a server that sends a crafted malicious packet, ntpd will crash on receipt of that crafted malicious mrulist query packet ...

ntpd versions 427p22 up to but not including 428p9 and 430 up to, but not including 4394 suffer from a remote denial of service vulnerability The vulnerability allow unauthenticated users to crash ntpd with a single malformed UDP packet, which cause a null pointer dereference ...

#!/usr/bin/env python # Exploit Title: ntpd remote pre-auth Denial of Service # Date: 2016-11-21 # Exploit Author: Magnus Klaaborg Stubman (@magnusstubman) # Website: dumpcore/cve-2016-7434/ # Vendor Homepage: wwwntporg/ # Software Link: wwweecisudeledu/~ntp/ntp_spool/ntp4/ntp-42/ntp-428p8targz # Version: ntp-427 ...

NTPD remote DOS exploit and vulnerable container

CVE-2016-7434 ntpd DOS exploit Ntpd suffer from a null pointer reference which is possible to trigger to crash the application According to NTPorg, "If ntpd is configured to allow mrulist query requests from a server that sends a crafted malicious packet, ntpd will crash on receipt of that crafted malicious mrulist query packet" The ntpd program is an operating-sy

cve-2016-7434

CVE-2016-7434 This is part of Cved: a tool to manage vulnerable docker containers Cved: githubcom/git-rep-src/cved Image source: githubcom/cved-sources/cve-2016-7434 Image author: githubcom/opsxcq/exploit-CVE-2016-7434

CVE-2016-7434 CVE-2016-7434 ntpd remote pre-auth Denial of Service PoC's/info Sources: dumpcore/cve-2016-7434/ wwwexploit-dbcom/exploits/40806/ root@nop:~/code/CVE-2016-7434# echo -e "\x16\x0a\x00\x10\x00\x00\x00\x00\x00\x00\x00\x36\x6e\x6f\x6e\x63\x65\x2c\x20\x6c\x61\x64\x64\x72\x3d\x5b\x5d\x3a\x48\x72\x61\x67\x73\x3d\x33\x32\x2c\x20\x6c\x61\x64\x

CWE-20 https://usn.ubuntu.com/3349-1/https://nvd.nist.gov https://www.exploit-db.com/exploits/40806/https://www.first.org/epss https://www.kb.cert.org/vuls/id/633847 http://nwtime.org/ntp428p9_release/http://support.ntp.org/bin/view/Main/NtpBug3082 http://support.ntp.org/bin/view/Main/SecurityNotice#Recent_Vulnerabilities http://www.securityfocus.com/bid/94448 http://www.securitytracker.com/id/1037354 https://bto.bluecoat.com/security-advisory/sa139 https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03706en_us https://security.FreeBSD.org/advisories/FreeBSD-SA-16:39.ntp.asc https://www.exploit-db.com/exploits/40806/https://www.kb.cert.org/vuls/id/633847 http://nwtime.org/ntp428p9_release/http://support.ntp.org/bin/view/Main/NtpBug3082 http://support.ntp.org/bin/view/Main/SecurityNotice#Recent_Vulnerabilities http://www.securityfocus.com/bid/94448 http://www.securitytracker.com/id/1037354 https://bto.bluecoat.com/security-advisory/sa139 https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03706en_us https://security.FreeBSD.org/advisories/FreeBSD-SA-16:39.ntp.asc https://www.exploit-db.com/exploits/40806/https://www.kb.cert.org/vuls/id/633847

CVE-2016-7434

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

Exploits

Github Repositories

References

Vulmon Search

About

Products

Connect