CVE-2016-9310 – ntp: Mode 6 unauthenticated trap information disclosure and DDoS vector
https://notcve.org/view.php?id=CVE-2016-9310
The control mode (mode 6) functionality in ntpd in NTP before 4.2.8p9 allows remote attackers to set or unset traps via a crafted control mode packet. La funcionalidad de modo de control (mode 6) en ntpd en NTP en versiones anteriores a 4.2.8p9 permite a atacantes remotos establecer o desactivar trampas a través de un paquete de modo de control manipulado. A flaw was found in the control mode functionality of ntpd. A remote attacker could send a crafted control mode packet which could lead to information disclosure or result in DDoS amplification attacks. • http://nwtime.org/ntp428p9_release http://rhn.redhat.com/errata/RHSA-2017-0252.html http://support.ntp.org/bin/view/Main/NtpBug3118 http://support.ntp.org/bin/view/Main/SecurityNotice#Recent_Vulnerabilities http://www.securityfocus.com/bid/94452 http://www.securitytracker.com/id/1037354 https://bto.bluecoat.com/security-advisory/sa139 https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03706en_us https://security.FreeBSD.org/advisories/FreeBSD-SA- • CWE-400: Uncontrolled Resource Consumption •
CVE-2016-7427
https://notcve.org/view.php?id=CVE-2016-7427
The broadcast mode replay prevention functionality in ntpd in NTP before 4.2.8p9 allows remote attackers to cause a denial of service (reject broadcast mode packets) via a crafted broadcast mode packet. La funcionalidad de prevención de repetición del modo de difusión en ntpd en NTP en versiones anteriores a 4.2.8p9 permite a atacantes remotos provocar una denegación de servicio (rechazar paquetes de modo de difusión) a través de un paquete de modo de difusión manipulado. • http://nwtime.org/ntp428p9_release http://support.ntp.org/bin/view/Main/NtpBug3114 http://support.ntp.org/bin/view/Main/SecurityNotice#Recent_Vulnerabilities http://www.securityfocus.com/bid/94447 http://www.securitytracker.com/id/1037354 https://bto.bluecoat.com/security-advisory/sa139 https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03706en_us https://security.FreeBSD.org/advisories/FreeBSD-SA-16:39.ntp.asc https://support.hpe.com/hpsc/doc • CWE-400: Uncontrolled Resource Consumption •
CVE-2016-7431
https://notcve.org/view.php?id=CVE-2016-7431
NTP before 4.2.8p9 allows remote attackers to bypass the origin timestamp protection mechanism via an origin timestamp of zero. NOTE: this vulnerability exists because of a CVE-2015-8138 regression. NTP en versiones anteriores a 4.2.8p9 permite a atacantes remotos eludir el mecanismo de protección de la marca de tiempo de origen a través de una marca de tiempo de origen de cero. NOTA: esta vulnerabilidad existe debido a una regresión de CVE-2015-8138. • http://lists.opensuse.org/opensuse-updates/2016-12/msg00153.html http://nwtime.org/ntp428p9_release http://packetstormsecurity.com/files/140240/FreeBSD-Security-Advisory-FreeBSD-SA-16.39.ntp.html http://support.ntp.org/bin/view/Main/NtpBug3102 http://support.ntp.org/bin/view/Main/SecurityNotice#Recent_Vulnerabilities http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171129-01-ntpd-en http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html http://www.securityfocus.c • CWE-20: Improper Input Validation •
CVE-2016-7428
https://notcve.org/view.php?id=CVE-2016-7428
ntpd in NTP before 4.2.8p9 allows remote attackers to cause a denial of service (reject broadcast mode packets) via the poll interval in a broadcast packet. ntpd en NTP en versiones anteriores a 4.2.8p9 permite a atacantes remotos provocar una denegación de servicio (rechazar paquetes de modo de difusión) a través del intervalo de encuesta en un paquete de difusión. • http://nwtime.org/ntp428p9_release http://support.ntp.org/bin/view/Main/NtpBug3113 http://support.ntp.org/bin/view/Main/SecurityNotice#Recent_Vulnerabilities http://www.securityfocus.com/bid/94446 http://www.securitytracker.com/id/1037354 https://bto.bluecoat.com/security-advisory/sa139 https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03706en_us https://security.FreeBSD.org/advisories/FreeBSD-SA-16:39.ntp.asc https://support.hpe.com/hpsc/doc • CWE-400: Uncontrolled Resource Consumption •
CVE-2016-7426 – ntp: Client rate limiting and server responses
https://notcve.org/view.php?id=CVE-2016-7426
NTP before 4.2.8p9 rate limits responses received from the configured sources when rate limiting for all associations is enabled, which allows remote attackers to cause a denial of service (prevent responses from the sources) by sending responses with a spoofed source address. NTP en versiones anteriores a 4.2.8p9 limita la clasificación de respuestas recibidas desde las fuentes configuradas cuando la limitación de clasificación para todas las asociaciones está habilitado, lo que permite a atacantes remotos provocar una denegación de servicio (prevenir las respuestas de las fuentes) enviando respuestas con una dirección de origen suplantada. It was found that when ntp is configured with rate limiting for all associations the limits are also applied to responses received from its configured sources. A remote attacker who knows the sources can cause a denial of service by preventing ntpd from accepting valid responses from its sources. • http://nwtime.org/ntp428p9_release http://rhn.redhat.com/errata/RHSA-2017-0252.html http://support.ntp.org/bin/view/Main/NtpBug3071 http://support.ntp.org/bin/view/Main/SecurityNotice#Recent_Vulnerabilities http://www.securityfocus.com/bid/94451 http://www.securitytracker.com/id/1037354 https://bto.bluecoat.com/security-advisory/sa139 https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03706en_us https://security.FreeBSD.org/advisories/FreeBSD-SA- • CWE-400: Uncontrolled Resource Consumption •