Lucene search

K
f5F5F5:K55405388
HistoryDec 30, 2016 - 12:00 a.m.

K55405388 : NTP vulnerability CVE-2016-9311

2016-12-3000:00:00
my.f5.com
25

AI Score

6.2

Confidence

High

EPSS

0.022

Percentile

89.4%

Security Advisory Description

ntpd in NTP before 4.2.8p9, when the trap service is enabled, allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted packet. (CVE-2016-9311)
Impact
A remote attacker may be able to send a specially crafted packet to cause a null pointer dereference that will crash ntpd, resulting in a denial-of-service (DoS) attack. The vulnerability is in the NTP trap service, which can be enabled by the control mode (mode 6) functionality ofntpd. This option is blocked, by default, on the BIG-IP system.