LOWβœ“ PATCHπŸ‡΅πŸ‡± Wersja polska

CVE-2016-7429

CVSS 3.7v3.0pub. 2017-01-13upd. 2026-05-13

NTP before 4.2.8p9 changes the peer structure to the interface it receives the response from a source, which allows remote attackers to cause a denial of service (prevent communication with a source) by sending a response for a source to an interface the source does not use.

CVSS Vector
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L
  • Ntp

    APP
    Ntp
    ≀ 4.2.8
🟒
PATCH AVAILABLE
Vendor update available. Deploy in standard maintenance cycle.
Tags
DoS
CWE
References

Related vulnerabilities

CVE-2018-12327CRITICAL9.8ten sam produkt

Stack-based buffer overflow in ntpq and ntpdc of NTP version 4.2.8p11 allows an attacker to achieve code execu...

CVE-2018-7183CRITICAL9.8ten sam produkt

Buffer overflow in the decodearr function in ntpq in ntp 4.2.8p6 through 4.2.8p10 allows remote attackers to e...

CVE-2015-7705CRITICAL9.8ten sam produkt

The rate limiting feature in NTP 4.x before 4.2.8p4 and 4.3.x before 4.3.77 allows remote attackers to have un...

CVE-2015-7853CRITICAL9.8ten sam produkt

The datalen parameter in the refclock driver in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remot...

CVE-2015-7871CRITICAL9.8ten sam produkt

Crypto-NAK packets in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to byp...

CVE-2016-7429 β€” Ntp β€” LOW β€” CVSS 3.7 | CVEbaza.pl