An exploitable denial of service vulnerability exists in the origin timestamp check functionality of ntpd 4.2.8p9. A specially crafted unauthenticated network packet can be used to reset the expected origin timestamp for target peers. Legitimate replies from targeted peers will fail the origin timestamp check (TEST2) causing the reply to be dropped and creating a denial of service condition.
Metrics
Affected Vendors & Products
References
History
No history.
MITRE
Status: PUBLISHED
Assigner: talos
Published: 2018-06-04T20:00:00Z
Updated: 2024-09-17T03:53:51.612Z
Reserved: 2016-10-26T00:00:00
Link: CVE-2016-9042
Vulnrichment
No data.
NVD
Status : Modified
Published: 2018-06-04T20:29:00.417
Modified: 2024-11-21T03:00:29.693
Link: CVE-2016-9042
Redhat