An exploitable denial of service vulnerability exists in the origin timestamp check functionality of ntpd 4.2.8p9. A specially crafted unauthenticated network packet can be used to reset the expected origin timestamp for target peers. Legitimate replies from targeted peers will fail the origin timestamp check (TEST2) causing the reply to be dropped and creating a denial of service condition.
References
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
Configuration 4 (hide)
AND |
|
History
07 Nov 2023, 02:36
Type | Values Removed | Values Added |
---|---|---|
References |
|
|
Information
Published : 2018-06-04 20:29
Updated : 2024-02-28 16:25
NVD link : CVE-2016-9042
Mitre link : CVE-2016-9042
CVE.ORG link : CVE-2016-9042
JSON object : View
Products Affected
siemens
- simatic_net_cp_443-1_opc_ua_firmware
- simatic_net_cp_443-1_opc_ua
freebsd
- freebsd
hpe
- hpux-ntp
ntp
- ntp
CWE
CWE-20
Improper Input Validation