Lucene search

K

Redhat.comRH:CVE-2016-9042

HistoryMar 22, 2017 - 2:17 a.m.

CVE-2016-9042

2017-03-2202:17:57

redhat.com

access.redhat.com

8

5.9 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

A vulnerability was found in NTP, affecting the origin timestamp check function. An attacker able to spoof messages from all of the configured peers could send crafted packets to ntpd, causing later replies from those peers to be discarded, resulting in denial of service.

Mitigation

Implement BCP-38.

Configure enough servers/peers that an attacker cannot target all of your time sources.

Properly monitor your ntpd instances, and auto-restart ntpd (without -g) if it stops running.

References

www.talosintelligence.com/reports/TALOS-2016-0260/

bugzilla.redhat.com/show_bug.cgi?id=1434017

5.9 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

HIGH

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H

4.3 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:N/I:N/A:P

Related for RH:CVE-2016-9042

debiancve1 f51 prion1 nessus12 cve1 ubuntucve1 openvas8 talos1 seebug1 freebsd1 freebsd_advisory1 ibm3 fedora1 slackware1 symantec1 ubuntu1 ics1 cloudfoundry1 apple2