CVE-2016-4956

2016-06-02T13:49:28
ID RH:CVE-2016-4956
Type redhatcve
Reporter redhat.com
Modified 2021-08-27T12:07:37

Description

ntpd in NTP 4.x before 4.2.8p8 allows remote attackers to cause a denial of service (interleaved-mode transition and time change) via a spoofed broadcast packet. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-1548.

Mitigation

Do not use NTP's broadcast mode in the clients by not configuring the "broadcastclient" directive in the ntp.conf file.