CVE-2016-9042
moderate-risk
Published 2018-06-04
An exploitable denial of service vulnerability exists in the origin timestamp check functionality of ntpd 4.2.8p9. A specially crafted unauthenticated network packet can be used to reset the expected origin timestamp for target peers. Legitimate replies from targeted peers will fail the origin timestamp check (TEST2) causing the reply to be dropped and creating a denial of service condition.
Do I need to act?
~
4.8% chance of exploitation in next 30 days
EPSS score — moderate exploit probability
-
Not on CISA KEV list
No confirmed active exploitation reported to CISA
?
Patch status unknown
Check vendor advisories for fix availability and mitigation guidance
5
CVSS 5.9/10
Medium
NETWORK
/ HIGH complexity
References (42)
Permissions Required
http://www.securityfocus.com/bid/97046
Third Party Advisory
http://www.securitytracker.com/id/1038123
Third Party Advisory
http://www.securitytracker.com/id/1039427
Third Party Advisory
https://cert-portal.siemens.com/productcert/pdf/ssa-211752.pdf
Third Party Advisory
https://security.FreeBSD.org/advisories/FreeBSD-SA-17:03.ntp.asc
Third Party Advisory
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpe...
and 22 more references
38
/ 100
moderate-risk
Severity
18/34 · Moderate
Exploitability
8/34 · Low
Exposure
12/34 · Low