CVE-2016-9042

medium
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

An exploitable denial of service vulnerability exists in the origin timestamp check functionality of ntpd 4.2.8p9. A specially crafted unauthenticated network packet can be used to reset the expected origin timestamp for target peers. Legitimate replies from targeted peers will fail the origin timestamp check (TEST2) causing the reply to be dropped and creating a denial of service condition.

References

https://www.talosintelligence.com/vulnerability_reports/TALOS-2016-0260

https://security.FreeBSD.org/advisories/FreeBSD-SA-17:03.ntp.asc

http://www.securitytracker.com/id/1039427

http://www.securitytracker.com/id/1038123

http://www.securityfocus.com/bid/97046

https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03962en_us

https://cert-portal.siemens.com/productcert/pdf/ssa-211752.pdf

Details

Source: MITRE

Published: 2018-06-04

Updated: 2021-07-12

Type: CWE-20

Risk Information

CVSS v2

Base Score: 4.3

Vector: AV:N/AC:M/Au:N/C:N/I:N/A:P

Impact Score: 2.9

Exploitability Score: 8.6

Severity: MEDIUM

CVSS v3

Base Score: 5.9

Vector: CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

Impact Score: 3.6

Exploitability Score: 2.2

Severity: MEDIUM

Tenable Plugins

View all (12 total)

IDNameProductFamilySeverity
700511macOS < 10.13 Multiple VulnerabilitiesNessus Network MonitorOperating System Detection
critical
106504pfSense < 2.3.4 Multiple Vulnerabilities (SA-17_04)NessusFirewalls
critical
103598macOS < 10.13 Multiple VulnerabilitiesNessusMacOS X Local Security Checks
critical
101588Fedora 26 : ntp (2017-20d54b2782)NessusFedora Local Security Checks
high
101263Ubuntu 14.04 LTS / 16.04 LTS / 16.10 / 17.04 : ntp vulnerabilities (USN-3349-1)NessusUbuntu Local Security Checks
high
100496FreeBSD : FreeBSD -- Multiple vulnerabilities of ntp (3c0237f5-420e-11e7-82c5-14dae9d210b8)NessusFreeBSD Local Security Checks
high
99700openSUSE Security Update : ntp (openSUSE-2017-511)NessusSuSE Local Security Checks
high
99597Slackware 13.0 / 13.1 / 13.37 / 14.0 / 14.1 / 14.2 / current : ntp (SSA:2017-112-02)NessusSlackware Local Security Checks
high
99469SUSE SLES11 Security Update : ntp (SUSE-SU-2017:1052-1)NessusSuSE Local Security Checks
high
99468SUSE SLED12 / SLES12 Security Update : ntp (SUSE-SU-2017:1048-1)NessusSuSE Local Security Checks
high
99467SUSE SLES12 Security Update : ntp (SUSE-SU-2017:1047-1)NessusSuSE Local Security Checks
high
97988Network Time Protocol Daemon (ntpd) 4.x < 4.2.8p10 Multiple VulnerabilitiesNessusMisc.
high