CVE-2016-4953

Published: Jul 5, 2016

Modified: Aug 6, 2024

PUBLISHED

Description

ntpd in NTP 4.x before 4.2.8p8 allows remote attackers to cause a denial of service (ephemeral-association demobilization) by sending a spoofed crypto-NAK packet with incorrect authentication data at a certain time.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

SUSE-SU-2016:1602

vendor-advisory

x_refsource_SUSE

91010

vdb-entry

x_refsource_BID

openSUSE-SU-2016:1583

vendor-advisory

x_refsource_SUSE

FreeBSD-SA-16:24

vendor-advisory

x_refsource_FREEBSD

SUSE-SU-2016:1912

vendor-advisory

x_refsource_SUSE

https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03757en_us

x_refsource_CONFIRM

http://support.ntp.org/bin/view/Main/NtpBug3045

x_refsource_CONFIRM

1036037

vdb-entry

x_refsource_SECTRACK

SUSE-SU-2016:1584

vendor-advisory

x_refsource_SUSE

http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html

x_refsource_CONFIRM

SUSE-SU-2016:2094

vendor-advisory

x_refsource_SUSE

VU#321640

third-party-advisory

x_refsource_CERT-VN

http://support.ntp.org/bin/view/Main/SecurityNotice

x_refsource_CONFIRM

http://bugs.ntp.org/3045

x_refsource_CONFIRM

openSUSE-SU-2016:1636

vendor-advisory

x_refsource_SUSE

SUSE-SU-2016:1563

vendor-advisory

x_refsource_SUSE

GLSA-201607-15

vendor-advisory

x_refsource_GENTOO

http://packetstormsecurity.com/files/137321/Slackware-Security-Advisory-ntp-Updates.html

x_refsource_MISC

20160603 Multiple Vulnerabilities in Network Time Protocol Daemon Affecting Cisco Products: June 2016

vendor-advisory

x_refsource_CISCO

20170607 [security bulletin] HPESBHF03757 rev.1 - HPE Network Products including Comware 5 and Comware 7 running NTP, Remote Denial of Service (DoS)

mailing-list

x_refsource_BUGTRAQ

http://packetstormsecurity.com/files/137322/FreeBSD-Security-Advisory-FreeBSD-SA-16-24.ntp.html

x_refsource_MISC

SUSE-SU-2016:1568

vendor-advisory

x_refsource_SUSE

20160604 [slackware-security] ntp (SSA:2016-155-01)

mailing-list

x_refsource_BUGTRAQ

20170607 [security bulletin] HPESBHF03757 rev.1 - HPE Network Products including Comware 5 and Comware 7 running NTP, Remote Denial of Service (DoS)

mailing-list

x_refsource_BUGTRAQ

20160604 FreeBSD Security Advisory FreeBSD-SA-16:24.ntp

mailing-list

x_refsource_BUGTRAQ

VU#321640

third-party-advisory

x_refsource_CERT-VN

20160604 [slackware-security] ntp (SSA:2016-155-01)

mailing-list

x_refsource_BUGTRAQ

20160604 FreeBSD Security Advisory FreeBSD-SA-16:24.ntp

mailing-list

x_refsource_BUGTRAQ

https://cert-portal.siemens.com/productcert/pdf/ssa-497656.pdf

x_refsource_CONFIRM

https://us-cert.cisa.gov/ics/advisories/icsa-21-103-11

x_refsource_CONFIRM

https://cert-portal.siemens.com/productcert/pdf/ssa-211752.pdf

x_refsource_CONFIRM

https://us-cert.cisa.gov/ics/advisories/icsa-21-159-11

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2016-4953

Description

Affected Products

References