Lucene search

K
nvd[email protected]NVD:CVE-2016-4956
HistoryJul 05, 2016 - 1:59 a.m.

CVE-2016-4956

2016-07-0501:59:03
web.nvd.nist.gov
9
ntpd
ntp 4.x
denial of service

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

CVSS3

5.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

AI Score

6.4

Confidence

High

EPSS

0.023

Percentile

89.8%

ntpd in NTP 4.x before 4.2.8p8 allows remote attackers to cause a denial of service (interleaved-mode transition and time change) via a spoofed broadcast packet. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-1548.

Affected configurations

Nvd
Node
ntpntpRange4.2.0–4.2.8
OR
ntpntpRange4.3.0–4.3.93
OR
ntpntpMatch4.2.8-
OR
ntpntpMatch4.2.8p1
OR
ntpntpMatch4.2.8p1-beta1
OR
ntpntpMatch4.2.8p1-beta2
OR
ntpntpMatch4.2.8p1-beta3
OR
ntpntpMatch4.2.8p1-beta4
OR
ntpntpMatch4.2.8p1-beta5
OR
ntpntpMatch4.2.8p1-rc1
OR
ntpntpMatch4.2.8p1-rc2
OR
ntpntpMatch4.2.8p2
OR
ntpntpMatch4.2.8p2-rc1
OR
ntpntpMatch4.2.8p2-rc2
OR
ntpntpMatch4.2.8p2-rc3
OR
ntpntpMatch4.2.8p3
OR
ntpntpMatch4.2.8p3-rc1
OR
ntpntpMatch4.2.8p3-rc2
OR
ntpntpMatch4.2.8p3-rc3
OR
ntpntpMatch4.2.8p4
OR
ntpntpMatch4.2.8p5
OR
ntpntpMatch4.2.8p6
OR
ntpntpMatch4.2.8p7
Node
oraclesolarisMatch10
OR
oraclesolarisMatch11.3
Node
susemanager_proxyMatch2.1
OR
suseopenstack_cloudMatch5
OR
novellsuse_managerMatch2.1
OR
opensuseleapMatch42.1
OR
opensuseopensuseMatch13.2
OR
suselinux_enterprise_desktopMatch12sp1
OR
suselinux_enterprise_serverMatch11sp2ltss
OR
suselinux_enterprise_serverMatch11sp3ltss
OR
suselinux_enterprise_serverMatch11sp4
OR
suselinux_enterprise_serverMatch12sp1
Node
siemenssimatic_net_cp_443-1_opc_ua_firmware
AND
siemenssimatic_net_cp_443-1_opc_uaMatch-
VendorProductVersionCPE
ntpntp*cpe:2.3:a:ntp:ntp:*:*:*:*:*:*:*:*
ntpntp4.2.8cpe:2.3:a:ntp:ntp:4.2.8:-:*:*:*:*:*:*
ntpntp4.2.8cpe:2.3:a:ntp:ntp:4.2.8:p1:*:*:*:*:*:*
ntpntp4.2.8cpe:2.3:a:ntp:ntp:4.2.8:p1-beta1:*:*:*:*:*:*
ntpntp4.2.8cpe:2.3:a:ntp:ntp:4.2.8:p1-beta2:*:*:*:*:*:*
ntpntp4.2.8cpe:2.3:a:ntp:ntp:4.2.8:p1-beta3:*:*:*:*:*:*
ntpntp4.2.8cpe:2.3:a:ntp:ntp:4.2.8:p1-beta4:*:*:*:*:*:*
ntpntp4.2.8cpe:2.3:a:ntp:ntp:4.2.8:p1-beta5:*:*:*:*:*:*
ntpntp4.2.8cpe:2.3:a:ntp:ntp:4.2.8:p1-rc1:*:*:*:*:*:*
ntpntp4.2.8cpe:2.3:a:ntp:ntp:4.2.8:p1-rc2:*:*:*:*:*:*
Rows per page:
1-10 of 361

References

CVSS2

5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

CVSS3

5.3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

LOW

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L

AI Score

6.4

Confidence

High

EPSS

0.023

Percentile

89.8%