CVE-2016-9042
 
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
1Exploited in Wild
-Decision
Descriptions
An exploitable denial of service vulnerability exists in the origin timestamp check functionality of ntpd 4.2.8p9. A specially crafted unauthenticated network packet can be used to reset the expected origin timestamp for target peers. Legitimate replies from targeted peers will fail the origin timestamp check (TEST2) causing the reply to be dropped and creating a denial of service condition.
Existe una vulnerabilidad explotable de denegación de servicio (DoS) en la funcionalidad de comprobación de marca de tiempo de origen de ntpd 4.2.8p9. Se puede emplear un paquete de red no autenticado especialmente manipulado para reiniciar la marca de tiempo de origen esperada para los peers objetivo. Las respuestas legítimas de los peers objetivo no pasarán la comprobación de marca de tiempo de origen (TEST2), lo que hace que la respuesta se elimine y se cree una condición de denegación de servicio (DoS).
CVSS Scores
SSVC
- Decision:-
Timeline
- 2016-10-26 CVE Reserved
- 2017-04-12 CVE Published
- 2024-09-17 CVE Updated
- 2024-09-17 EPSS Updated
- 2024-09-17 First Exploit
- ---------- Exploited in Wild
- ---------- KEV Due Date
CWE
- CWE-20: Improper Input Validation
CAPEC
References (20)
URL | Date | SRC |
---|---|---|
https://www.talosintelligence.com/vulnerability_reports/TALOS-2016-0260 | 2024-09-17 |
URL | Date | SRC |
---|
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Siemens Search vendor "Siemens" | Simatic Net Cp 443-1 Opc Ua Firmware Search vendor "Siemens" for product "Simatic Net Cp 443-1 Opc Ua Firmware" | * | - |
Affected
| in | Siemens Search vendor "Siemens" | Simatic Net Cp 443-1 Opc Ua Search vendor "Siemens" for product "Simatic Net Cp 443-1 Opc Ua" | - | - |
Safe
|
Ntp Search vendor "Ntp" | Ntp Search vendor "Ntp" for product "Ntp" | 4.2.8 Search vendor "Ntp" for product "Ntp" and version "4.2.8" | p9 |
Affected
| ||||||
Freebsd Search vendor "Freebsd" | Freebsd Search vendor "Freebsd" for product "Freebsd" | 10.0 Search vendor "Freebsd" for product "Freebsd" and version "10.0" | - |
Affected
| ||||||
Freebsd Search vendor "Freebsd" | Freebsd Search vendor "Freebsd" for product "Freebsd" | 11.0 Search vendor "Freebsd" for product "Freebsd" and version "11.0" | - |
Affected
| ||||||
Hpe Search vendor "Hpe" | Hpux-ntp Search vendor "Hpe" for product "Hpux-ntp" | < c.4.2.8.4.0 Search vendor "Hpe" for product "Hpux-ntp" and version " < c.4.2.8.4.0" | - |
Affected
|