Network Time Protocol Trap Crash Denial of Service Vulnerability(CVE-2016-9311)

Summary An exploitable denial of service vulnerability exists in the trap functionality of ntpd. If an ntpd instance is configured to send traps, a specially crafted network packet can be used to cause a null pointer dereference resulting in a denial of service. This vulnerability can be triggere...

NTP 4.2.8p8 - Denial of Service Exploit

Exploit for linux platform in category dos / poc !/usr/bin/env python Exploit Title: ntpd remote pre-auth Denial of Service Date: 2016-11-21 Exploit Author: Magnus Klaaborg Stubman @magnusstubman Website: http://dumpco.re/cve-2016-7434/ Vendor Homepage: http://www.ntp.org/ Software Link:...

CVE-2016-4953

ntpd in NTP 4.x before 4.2.8p8 allows remote attackers to cause a denial of service ephemeral-association demobilization by sending a spoofed crypto-NAK packet with incorrect authentication data at a certain time...

CVE-2016-4954

The processpacket function in ntpproto.c in ntpd in NTP 4.x before 4.2.8p8 allows remote attackers to cause a denial of service peer-variable modification by sending spoofed packets from many source IP addresses in a certain scenario, as demonstrated by triggering an incorrect leap indication...

UBUNTU-CVE-2016-4954

The processpacket function in ntpproto.c in ntpd in NTP 4.x before 4.2.8p8 allows remote attackers to cause a denial of service peer-variable modification by sending spoofed packets from many source IP addresses in a certain scenario, as demonstrated by triggering an incorrect leap indication...

Security update for ntp (important)

ntp was updated to version 4.2.8p8 to fix five security issues. These security issues were fixed: - CVE-2016-4953: Bad authentication demobilizes ephemeral associations bsc982065. - CVE-2016-4954: Processing spoofed server packets bsc982066. - CVE-2016-4955: Autokey association reset bsc982067. -...

SUSE SLED12 / SLES12 Security Update : ntp (SUSE-SU-2016:1563-1)

ntp was updated to version 4.2.8p8 to fix five security issues. These security issues were fixed : - CVE-2016-4953: Bad authentication demobilizes ephemeral associations bsc982065. - CVE-2016-4954: Processing spoofed server packets bsc982066. - CVE-2016-4955: Autokey association reset bsc982067. ...

SUSE: Security Advisory for ntp (SUSE-SU-2016:1568-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Unspecified vulnerability in ntpd

ntpd Network Time Protocol daemon is an operating system daemon that uses the Network Time Protocol NTP to keep synchronized with the system time of a time server. An unspecified vulnerability exists in ntpd versions prior to 4.2.8p8. A remote attacker could exploit this vulnerability to send...

NTP.org 'ntpd' 4.2.7p385 - 4.2.8p8, 4.3.0 - 4.3.93 Multiple Vulnerabilities (Nov 2016)

NTP.org SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:ntp:ntp"; ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.106408";...