CVE-2016-4956

medium
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

ntpd in NTP 4.x before 4.2.8p8 allows remote attackers to cause a denial of service (interleaved-mode transition and time change) via a spoofed broadcast packet. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-1548.

References

http://support.ntp.org/bin/view/Main/NtpBug3042

http://www.kb.cert.org/vuls/id/321640

http://bugs.ntp.org/3042

http://support.ntp.org/bin/view/Main/SecurityNotice

http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00023.html

http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00018.html

http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00024.html

http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00028.html

http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00040.html

http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html

http://www.securityfocus.com/bid/91009

https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03757en_us

https://security.gentoo.org/glsa/201607-15

http://www.securitytracker.com/id/1036037

https://security.FreeBSD.org/advisories/FreeBSD-SA-16:24.ntp.asc

https://cert-portal.siemens.com/productcert/pdf/ssa-211752.pdf

Details

Source: MITRE

Published: 2016-07-05

Updated: 2021-07-16

Risk Information

CVSS v2

Base Score: 5

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

Impact Score: 2.9

Exploitability Score: 10

Severity: MEDIUM

CVSS v3

Base Score: 5.3

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

Impact Score: 1.4

Exploitability Score: 3.9

Severity: MEDIUM

Vulnerable Software

Configuration 1

OR

cpe:2.3:a:ntp:ntp:*:*:*:*:*:*:*:*

cpe:2.3:a:ntp:ntp:4.2.8:-:*:*:*:*:*:*

cpe:2.3:a:ntp:ntp:4.2.8:p1:*:*:*:*:*:*

cpe:2.3:a:ntp:ntp:4.2.8:p1-beta1:*:*:*:*:*:*

cpe:2.3:a:ntp:ntp:4.2.8:p1-beta2:*:*:*:*:*:*

cpe:2.3:a:ntp:ntp:4.2.8:p1-beta3:*:*:*:*:*:*

cpe:2.3:a:ntp:ntp:4.2.8:p1-beta4:*:*:*:*:*:*

cpe:2.3:a:ntp:ntp:4.2.8:p1-beta5:*:*:*:*:*:*

cpe:2.3:a:ntp:ntp:4.2.8:p1-rc1:*:*:*:*:*:*

cpe:2.3:a:ntp:ntp:4.2.8:p1-rc2:*:*:*:*:*:*

cpe:2.3:a:ntp:ntp:4.2.8:p2:*:*:*:*:*:*

cpe:2.3:a:ntp:ntp:4.2.8:p5:*:*:*:*:*:*

cpe:2.3:a:ntp:ntp:4.2.8:p3:*:*:*:*:*:*

cpe:2.3:a:ntp:ntp:4.2.8:p4:*:*:*:*:*:*

cpe:2.3:a:ntp:ntp:4.2.8:p7:*:*:*:*:*:*

cpe:2.3:a:ntp:ntp:4.2.8:p6:*:*:*:*:*:*

cpe:2.3:a:ntp:ntp:4.2.8:p3-rc3:*:*:*:*:*:*

cpe:2.3:a:ntp:ntp:4.2.8:p3-rc2:*:*:*:*:*:*

cpe:2.3:a:ntp:ntp:4.2.8:p3-rc1:*:*:*:*:*:*

cpe:2.3:a:ntp:ntp:4.2.8:p2-rc3:*:*:*:*:*:*

cpe:2.3:a:ntp:ntp:4.2.8:p2-rc2:*:*:*:*:*:*

cpe:2.3:a:ntp:ntp:4.2.8:p2-rc1:*:*:*:*:*:*

cpe:2.3:a:ntp:ntp:*:*:*:*:*:*:*:*

Configuration 2

OR

cpe:2.3:o:oracle:solaris:10:*:*:*:*:*:*:*

cpe:2.3:o:oracle:solaris:11.3:*:*:*:*:*:*:*

Configuration 3

OR

cpe:2.3:a:suse:manager_proxy:2.1:*:*:*:*:*:*:*

cpe:2.3:a:suse:openstack_cloud:5:*:*:*:*:*:*:*

cpe:2.3:o:novell:suse_manager:2.1:*:*:*:*:*:*:*

cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*

cpe:2.3:o:opensuse:opensuse:13.2:*:*:*:*:*:*:*

cpe:2.3:o:suse:linux_enterprise_desktop:12:sp1:*:*:*:*:*:*

cpe:2.3:o:suse:linux_enterprise_server:11:sp2:*:*:ltss:*:*:*

cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:ltss:*:*:*

cpe:2.3:o:suse:linux_enterprise_server:11:sp4:*:*:*:*:*:*

cpe:2.3:o:suse:linux_enterprise_server:12:sp1:*:*:*:*:*:*

Configuration 4

AND

OR

cpe:2.3:o:siemens:simatic_net_cp_443-1_opc_ua_firmware:*:*:*:*:*:*:*:*

OR

cpe:2.3:h:siemens:simatic_net_cp_443-1_opc_ua:-:*:*:*:*:*:*:*

Tenable Plugins

View all (20 total)

IDNameProductFamilySeverity
125009EulerOS Virtualization 3.0.1.0 : ntp (EulerOS-SA-2019-1556)NessusHuawei Local Security Checks
critical
101311EulerOS 2.0 SP2 : ntp (EulerOS-SA-2017-1125)NessusHuawei Local Security Checks
medium
101310EulerOS 2.0 SP1 : ntp (EulerOS-SA-2017-1124)NessusHuawei Local Security Checks
medium
95967F5 Networks BIG-IP : NTP vulnerability (K64505405)NessusF5 Networks Local Security Checks
high
93896Ubuntu 12.04 LTS / 14.04 LTS / 16.04 LTS : ntp vulnerabilities (USN-3096-1)NessusUbuntu Local Security Checks
high
93186SUSE SLES10 Security Update : ntp (SUSE-SU-2016:1912-1)NessusSuSE Local Security Checks
critical
93153SUSE SLES11 Security Update : ntp (SUSE-SU-2016:1602-1)NessusSuSE Local Security Checks
high
92927FreeBSD : FreeBSD -- Multiple ntp vulnerabilities (7cfcea05-600a-11e6-a6c3-14dae9d210b8)NessusFreeBSD Local Security Checks
high
92662Amazon Linux AMI : ntp (ALAS-2016-727)NessusAmazon Linux Local Security Checks
high
92485GLSA-201607-15 : NTP: Multiple vulnerabilitiesNessusGentoo Local Security Checks
critical
92288Fedora 22 : ntp (2016-c3bd6a3496)NessusFedora Local Security Checks
medium
92265Fedora 23 : ntp (2016-89e0874533)NessusFedora Local Security Checks
medium
92095Fedora 24 : ntp (2016-50b0066b7f)NessusFedora Local Security Checks
medium
91721openSUSE Security Update : ntp (openSUSE-2016-750)NessusSuSE Local Security Checks
high
91666SUSE SLES11 Security Update : ntp (SUSE-SU-2016:1584-1)NessusSuSE Local Security Checks
high
91663SUSE SLED12 / SLES12 Security Update : ntp (SUSE-SU-2016:1568-1)NessusSuSE Local Security Checks
critical
91662SUSE SLED12 / SLES12 Security Update : ntp (SUSE-SU-2016:1563-1)NessusSuSE Local Security Checks
high
91630openSUSE Security Update : ntp (openSUSE-2016-727)NessusSuSE Local Security Checks
high
91515Network Time Protocol Daemon (ntpd) 4.x < 4.2.8p8 / 4.3.x < 4.3.93 Multiple VulnerabilitiesNessusMisc.
high
91462Slackware 13.0 / 13.1 / 13.37 / 14.0 / 14.1 / current : ntp (SSA:2016-155-01)NessusSlackware Local Security Checks
high