Lucene search
K

9 matches found

F5 Networks
F5 Networks
added 2023/02/21 6:29 p.m.35 views

K92800352: NTP vulnerability CVE-2016-4953

Security Advisory Description ntpd in NTP 4.x before 4.2.8p8 allows remote attackers to cause a denial of service ephemeral-association demobilization by sending a spoofed crypto-NAK packet with incorrect authentication data at a certain time. CVE-2016-4953 Impact There is no impact; F5 products...

7.5CVSS7AI score0.17245EPSS
Exploits0
SUSE CVE
SUSE CVE
added 2023/02/15 5:2 a.m.5 views

SUSE CVE-2016-4957

ntpd in NTP before 4.2.8p8 allows remote attackers to cause a denial of service daemon crash via a crypto-NAK packet. NOTE: this vulnerability exists because of an incorrect fix for CVE-2016-1547...

7.5CVSS7.9AI score0.44936EPSS
Exploits1References13
Prion
Prion
added 2017/01/06 9:59 p.m.25 views

Authentication flaw

An off-path attacker can cause a preemptible client association to be demobilized in NTP 4.2.8p4 and earlier and NTPSec a5fb34b9cc89b92a8fef2f459004865c93bb7f92 by sending a crypto NAK packet to a victim client with a spoofed source address of an existing associated peer. This is true even if...

5CVSS7.4AI score0.0511EPSS
Exploits2References15Affected Software1
Cvelist
Cvelist
added 2017/01/06 9:0 p.m.26 views

CVE-2016-1547

An off-path attacker can cause a preemptible client association to be demobilized in NTP 4.2.8p4 and earlier and NTPSec a5fb34b9cc89b92a8fef2f459004865c93bb7f92 by sending a crypto NAK packet to a victim client with a spoofed source address of an existing associated peer. This is true even if...

6.4AI score0.0511EPSS
Exploits2References15
UbuntuCve
UbuntuCve
added 2016/07/05 1:59 a.m.28 views

CVE-2016-4957

ntpd in NTP before 4.2.8p8 allows remote attackers to cause a denial of service daemon crash via a crypto-NAK packet. NOTE: this vulnerability exists because of an incorrect fix for CVE-2016-1547...

7.5CVSS6.8AI score0.44936EPSS
Exploits1References2
Prion
Prion
added 2016/07/05 1:59 a.m.19 views

Authentication flaw

ntpd in NTP 4.x before 4.2.8p8 allows remote attackers to cause a denial of service ephemeral-association demobilization by sending a spoofed crypto-NAK packet with incorrect authentication data at a certain time...

5CVSS7.4AI score0.17245EPSS
Exploits0References32Affected Software9
CVE
CVE
added 2016/07/05 1:0 a.m.94 views

CVE-2016-4957

ntpd (NTP) before version 4.2.8p8 is vulnerable to a remote DoS via specially crafted crypto-NAK packets, causing ntpd to crash. This issue stems from an incorrect fix applied after CVE-2016-1547 and affects ntpd’s handling of CRYPTO-NAK. Public references indicate an impact to the daemon’s avail...

7.5CVSS6.2AI score0.44936EPSS
Exploits1References13Affected Software1
Debian CVE
Debian CVE
added 2016/07/05 1:0 a.m.37 views

CVE-2016-4953

ntpd in NTP 4.x before 4.2.8p8 allows remote attackers to cause a denial of service ephemeral-association demobilization by sending a spoofed crypto-NAK packet with incorrect authentication data at a certain time...

7.5CVSS6.7AI score0.17245EPSS
Exploits0
Talos
Talos
added 2016/04/26 12:0 a.m.59 views

Network Time Protocol Crypto-NAK Preemptible Association Denial of Service Vulnerability

SUMMARY An off-path attacker can cause a preemptible client association to be demobilized by sending a crypto NAK packet to a victim client with a spoofed source address of an existing associated peer. This is true even if authentication is enabled. Furthermore, if the attacker keeps sending cryp...

5.3CVSS7.4AI score0.0511EPSS
Exploits2
Rows per page
Query Builder