Lucene search

K
nvd[email protected]NVD:CVE-2016-2517
HistoryJan 30, 2017 - 9:59 p.m.

CVE-2016-2517

2017-01-3021:59:01
CWE-20
web.nvd.nist.gov
5

CVSS2

4.9

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:H/Au:S/C:N/I:N/A:C

CVSS3

5.3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

AI Score

6.1

Confidence

High

EPSS

0.018

Percentile

88.3%

NTP before 4.2.8p7 and 4.3.x before 4.3.92 allows remote attackers to cause a denial of service (prevent subsequent authentication) by leveraging knowledge of the controlkey or requestkey and sending a crafted packet to ntpd, which changes the value of trustedkey, controlkey, or requestkey. NOTE: this vulnerability exists because of a CVE-2016-2516 regression.

Affected configurations

Nvd
Node
ntpntpRange4.2.8p6
Node
ntpntpMatch4.3.0
OR
ntpntpMatch4.3.1
OR
ntpntpMatch4.3.2
OR
ntpntpMatch4.3.3
OR
ntpntpMatch4.3.4
OR
ntpntpMatch4.3.5
OR
ntpntpMatch4.3.6
OR
ntpntpMatch4.3.7
OR
ntpntpMatch4.3.8
OR
ntpntpMatch4.3.9
OR
ntpntpMatch4.3.10
OR
ntpntpMatch4.3.11
OR
ntpntpMatch4.3.12
OR
ntpntpMatch4.3.13
OR
ntpntpMatch4.3.14
OR
ntpntpMatch4.3.15
OR
ntpntpMatch4.3.16
OR
ntpntpMatch4.3.17
OR
ntpntpMatch4.3.18
OR
ntpntpMatch4.3.19
OR
ntpntpMatch4.3.20
OR
ntpntpMatch4.3.21
OR
ntpntpMatch4.3.22
OR
ntpntpMatch4.3.23
OR
ntpntpMatch4.3.24
OR
ntpntpMatch4.3.25
OR
ntpntpMatch4.3.26
OR
ntpntpMatch4.3.27
OR
ntpntpMatch4.3.28
OR
ntpntpMatch4.3.29
OR
ntpntpMatch4.3.30
OR
ntpntpMatch4.3.31
OR
ntpntpMatch4.3.32
OR
ntpntpMatch4.3.33
OR
ntpntpMatch4.3.34
OR
ntpntpMatch4.3.35
OR
ntpntpMatch4.3.36
OR
ntpntpMatch4.3.37
OR
ntpntpMatch4.3.38
OR
ntpntpMatch4.3.39
OR
ntpntpMatch4.3.40
OR
ntpntpMatch4.3.41
OR
ntpntpMatch4.3.42
OR
ntpntpMatch4.3.43
OR
ntpntpMatch4.3.44
OR
ntpntpMatch4.3.45
OR
ntpntpMatch4.3.46
OR
ntpntpMatch4.3.47
OR
ntpntpMatch4.3.48
OR
ntpntpMatch4.3.49
OR
ntpntpMatch4.3.50
OR
ntpntpMatch4.3.51
OR
ntpntpMatch4.3.52
OR
ntpntpMatch4.3.53
OR
ntpntpMatch4.3.54
OR
ntpntpMatch4.3.55
OR
ntpntpMatch4.3.56
OR
ntpntpMatch4.3.57
OR
ntpntpMatch4.3.58
OR
ntpntpMatch4.3.59
OR
ntpntpMatch4.3.60
OR
ntpntpMatch4.3.61
OR
ntpntpMatch4.3.62
OR
ntpntpMatch4.3.63
OR
ntpntpMatch4.3.64
OR
ntpntpMatch4.3.65
OR
ntpntpMatch4.3.66
OR
ntpntpMatch4.3.67
OR
ntpntpMatch4.3.68
OR
ntpntpMatch4.3.69
OR
ntpntpMatch4.3.70
OR
ntpntpMatch4.3.71
OR
ntpntpMatch4.3.72
OR
ntpntpMatch4.3.73
OR
ntpntpMatch4.3.74
OR
ntpntpMatch4.3.75
OR
ntpntpMatch4.3.76
OR
ntpntpMatch4.3.77
OR
ntpntpMatch4.3.78
OR
ntpntpMatch4.3.79
OR
ntpntpMatch4.3.80
OR
ntpntpMatch4.3.81
OR
ntpntpMatch4.3.82
OR
ntpntpMatch4.3.83
OR
ntpntpMatch4.3.84
OR
ntpntpMatch4.3.85
OR
ntpntpMatch4.3.86
OR
ntpntpMatch4.3.87
OR
ntpntpMatch4.3.88
OR
ntpntpMatch4.3.89
OR
ntpntpMatch4.3.90
OR
ntpntpMatch4.3.91

CVSS2

4.9

Attack Vector

NETWORK

Attack Complexity

HIGH

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

COMPLETE

AV:N/AC:H/Au:S/C:N/I:N/A:C

CVSS3

5.3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H

AI Score

6.1

Confidence

High

EPSS

0.018

Percentile

88.3%