LOW✓ PATCH🇬🇧 English

CVE-2016-7429

CVSS 3.7v3.0pub. 2017-01-13upd. 2026-05-13

NTP before 4.2.8p9 changes the peer structure to the interface it receives the response from a source, which allows remote attackers to cause a denial of service (prevent communication with a source) by sending a response for a source to an interface the source does not use.

oryginał EN
CVSS Vector
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
  • Ntp

    APP
    Ntp
    ≤ 4.2.8
🟢
PATCH DOSTĘPNY
Aktualizacja od producenta gotowa. Wdrożenie w ramach standardowego cyklu.
Tagi
DoS
CWE
Referencje

Powiązane podatności

CVE-2018-12327CRITICAL9.8ten sam produkt

Stack-based buffer overflow in ntpq and ntpdc of NTP version 4.2.8p11 allows an attacker to achieve code execu...

CVE-2018-7183CRITICAL9.8ten sam produkt

Buffer overflow in the decodearr function in ntpq in ntp 4.2.8p6 through 4.2.8p10 allows remote attackers to e...

CVE-2015-7705CRITICAL9.8ten sam produkt

The rate limiting feature in NTP 4.x before 4.2.8p4 and 4.3.x before 4.3.77 allows remote attackers to have un...

CVE-2015-7853CRITICAL9.8ten sam produkt

The datalen parameter in the refclock driver in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remot...

CVE-2015-7871CRITICAL9.8ten sam produkt

Crypto-NAK packets in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to byp...