Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2016-9042

An exploitable denial of service vulnerability exists in the origin timestamp check functionality of ntpd 4.2.8p9. A specially crafted unauthenticated network packet can be used to reset the expected origin timestamp for target peers. Legitimate replies from targeted peers will fail the origin timestamp check (TEST2) causing the reply to be dropped and creating a denial of service condition.

Published

2018-06-04T20:29:00.417

Last Modified

2024-11-21T03:00:29.693

Status

Modified

Source

[email protected]

Severity

CVSSv3.1: 5.9 (MEDIUM)

CVSSv2 Vector

AV:N/AC:M/Au:N/C:N/I:N/A:P

Access Vector: NETWORK
Access Complexity: MEDIUM
Authentication: NONE
Confidentiality Impact: NONE
Integrity Impact: NONE
Availability Impact: PARTIAL

Exploitability Score

8.6

Impact Score

2.9

Weaknesses

Type: Primary
CWE-20

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	ntp	ntp	4.2.8	Yes
Operating System	freebsd	freebsd	10.0	Yes
Operating System	freebsd	freebsd	11.0	Yes
Application	hpe	hpux-ntp	< c.4.2.8.4.0	Yes
Operating System	siemens	simatic_net_cp_443-1_opc_ua_firmware	*	Yes
Hardware	siemens	simatic_net_cp_443-1_opc_ua	-	No

References

http://packetstormsecurity.com/files/142101/FreeBSD-Security-Advisory-FreeBSD-SA-17-03.ntp.html ([email protected])
http://packetstormsecurity.com/files/142284/Slackware-Security-Advisory-ntp-Updates.html ([email protected])
http://seclists.org/fulldisclosure/2017/Nov/7 ([email protected])
http://seclists.org/fulldisclosure/2017/Sep/62 ([email protected])
http://www.securityfocus.com/archive/1/540403/100/0/threaded ([email protected])
http://www.securityfocus.com/archive/1/archive/1/540403/100/0/threaded ([email protected])
http://www.securityfocus.com/archive/1/archive/1/540464/100/0/threaded ([email protected])
http://www.securityfocus.com/bid/97046 Permissions Required, Third Party Advisory, VDB Entry ([email protected])
http://www.securitytracker.com/id/1038123 Third Party Advisory, VDB Entry ([email protected])
http://www.securitytracker.com/id/1039427 Third Party Advisory, VDB Entry ([email protected])
http://www.ubuntu.com/usn/USN-3349-1 ([email protected])
https://bto.bluecoat.com/security-advisory/sa147 ([email protected])
https://cert-portal.siemens.com/productcert/pdf/ssa-211752.pdf Third Party Advisory ([email protected])
https://kc.mcafee.com/corporate/index?page=content&id=SB10201 ([email protected])
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7KVLFA3J43QFIP4I7HE7KQ5FXSMJEKC6/ ([email protected])
https://security.FreeBSD.org/advisories/FreeBSD-SA-17:03.ntp.asc Third Party Advisory ([email protected])
https://support.apple.com/kb/HT208144 ([email protected])
https://support.f5.com/csp/article/K39041624 ([email protected])
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03962en_us Third Party Advisory ([email protected])
https://us-cert.cisa.gov/ics/advisories/icsa-21-159-11 ([email protected])
https://www.talosintelligence.com/vulnerability_reports/TALOS-2016-0260 Exploit, Mitigation, Third Party Advisory ([email protected])
http://packetstormsecurity.com/files/142101/FreeBSD-Security-Advisory-FreeBSD-SA-17-03.ntp.html (af854a3a-2127-422b-91ae-364da2661108)
http://packetstormsecurity.com/files/142284/Slackware-Security-Advisory-ntp-Updates.html (af854a3a-2127-422b-91ae-364da2661108)
http://seclists.org/fulldisclosure/2017/Nov/7 (af854a3a-2127-422b-91ae-364da2661108)
http://seclists.org/fulldisclosure/2017/Sep/62 (af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/archive/1/540403/100/0/threaded (af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/archive/1/archive/1/540403/100/0/threaded (af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/archive/1/archive/1/540464/100/0/threaded (af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/97046 Permissions Required, Third Party Advisory, VDB Entry (af854a3a-2127-422b-91ae-364da2661108)
http://www.securitytracker.com/id/1038123 Third Party Advisory, VDB Entry (af854a3a-2127-422b-91ae-364da2661108)
http://www.securitytracker.com/id/1039427 Third Party Advisory, VDB Entry (af854a3a-2127-422b-91ae-364da2661108)
http://www.ubuntu.com/usn/USN-3349-1 (af854a3a-2127-422b-91ae-364da2661108)
https://bto.bluecoat.com/security-advisory/sa147 (af854a3a-2127-422b-91ae-364da2661108)
https://cert-portal.siemens.com/productcert/pdf/ssa-211752.pdf Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://kc.mcafee.com/corporate/index?page=content&id=SB10201 (af854a3a-2127-422b-91ae-364da2661108)
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7KVLFA3J43QFIP4I7HE7KQ5FXSMJEKC6/ (af854a3a-2127-422b-91ae-364da2661108)
https://security.FreeBSD.org/advisories/FreeBSD-SA-17:03.ntp.asc Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://support.apple.com/kb/HT208144 (af854a3a-2127-422b-91ae-364da2661108)
https://support.f5.com/csp/article/K39041624 (af854a3a-2127-422b-91ae-364da2661108)
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03962en_us Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)
https://us-cert.cisa.gov/ics/advisories/icsa-21-159-11 (af854a3a-2127-422b-91ae-364da2661108)
https://www.talosintelligence.com/vulnerability_reports/TALOS-2016-0260 Exploit, Mitigation, Third Party Advisory (af854a3a-2127-422b-91ae-364da2661108)