CVE-2016-7431 : NTP before 4.2.8p9 allows remote attackers to bypass the origin timestamp protec

NTP before 4.2.8p9 allows remote attackers to bypass the origin timestamp protection mechanism via an origin timestamp of zero. NOTE: this vulnerability exists because of a CVE-2015-8138 regression.

Published 2017-01-13 16:59:00

Updated 2021-07-12 17:15:08

Source MITRE

View at NVD, CVE.org

Vulnerability category: Input validation

Products affected by CVE-2016-7431

NTP » NTP » Version: 4.2.8 Update P8
cpe:2.3:a:ntp:ntp:4.2.8:p8:*:*:*:*:*:*
Matching versions

Exploit prediction scoring system (EPSS) score for CVE-2016-7431

EPSS FAQ

15.65%

Probability of exploitation activity in the next 30 days EPSS Score History

~ 94 %

Percentile, the proportion of vulnerabilities that are scored at or less

CVSS scores for CVE-2016-7431

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
5.0	MEDIUM	AV:N/AC:L/Au:N/C:N/I:P/A:N	10.0	2.9	NIST
Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: None Integrity Impact: Partial Availability Impact: None
5.3	MEDIUM	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N	3.9	1.4	NIST
Attack Vector: Network Attack Complexity: Low Privileges Required: None User Interaction: None Scope: Unchanged Confidentiality: None Integrity: Low Availability: None

CWE ids for CVE-2016-7431

CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

Assigned by: nvd@nist.gov (Primary)

References for CVE-2016-7431

http://www.ubuntu.com/usn/USN-3349-1

USN-3349-1: NTP vulnerabilities | Ubuntu security notices | Ubuntu

CVEs referencing this url
http://www.securityfocus.com/bid/94454

NTP CVE-2016-7431 Denial of Service Vulnerability
http://lists.opensuse.org/opensuse-updates/2016-12/msg00153.html

openSUSE-SU-2016:3280-1: moderate: Security update for ntp

CVEs referencing this url
http://nwtime.org/ntp428p9_release/

Network Time Foundation Publishes NTP 4.2.8p9 Security Release
Release Notes;Vendor Advisory

CVEs referencing this url
http://www.securityfocus.com/archive/1/539955/100/0/threaded

CVEs referencing this url
http://www.securityfocus.com/archive/1/archive/1/539955/100/0/threaded

CVEs referencing this url
https://security.FreeBSD.org/advisories/FreeBSD-SA-16:39.ntp.asc

CVEs referencing this url
http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html

Oracle Critical Patch Update - October 2017

CVEs referencing this url
https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03706en_us

HPESBUX03706 rev.1 - HP-UX NTP service running ntpd, Multiple Vulnerabilities

CVEs referencing this url
https://bto.bluecoat.com/security-advisory/sa139

SA139 : November 2016 NTP Security Vulnerabilities

CVEs referencing this url
https://support.hpe.com/hpsc/doc/public/display?docLocale=en&docId=emr_na-hpesbhf03883en_us

HPESBHF03883 rev.1 - HPE Comware 5 and Comware 7 Products using NTP, Remote Denial of Service
https://support.hpe.com/hpsc/doc/public/display?docLocale=en&docId=emr_na-hpesbhf03899en_us

HPESBHF03899 rev.1 - HPE Converged System 700 Virtual Services Router (VSR) using NTP
http://support.ntp.org/bin/view/Main/NtpBug3102

NtpBug3102 < Main < NTP
Issue Tracking;Mitigation;Vendor Advisory
http://www.securityfocus.com/archive/1/archive/1/540254/100/0/threaded

CVEs referencing this url
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03883en_us

HPESBHF03883 rev.1 - HPE Comware 5 and Comware 7 Products using NTP, Remote Denial of Service

CVEs referencing this url
https://cert-portal.siemens.com/productcert/pdf/ssa-211752.pdf

CVEs referencing this url
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03899en_us

HPESBHF03899 rev.1 - HPE Converged System 700 Virtual Services Router (VSR) using NTP

CVEs referencing this url
https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2017-223/

Support Content Notification - Support Portal - Broadcom support portal
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20171129-01-ntpd-en

Security Advisory - Multiple NTPd Vulnerabilities in Huawei Products

CVEs referencing this url
https://www.kb.cert.org/vuls/id/633847

VU#633847 - NTP.org ntpd contains multiple denial of service vulnerabilities
Third Party Advisory;US Government Resource

CVEs referencing this url
http://www.securityfocus.com/archive/1/540254/100/0/threaded

CVEs referencing this url
http://support.ntp.org/bin/view/Main/SecurityNotice#Recent_Vulnerabilities

SecurityNotice < Main < NTP
Vendor Advisory

CVEs referencing this url
http://packetstormsecurity.com/files/140240/FreeBSD-Security-Advisory-FreeBSD-SA-16.39.ntp.html

FreeBSD Security Advisory - FreeBSD-SA-16.39.ntp ≈ Packet Storm
https://us-cert.cisa.gov/ics/advisories/icsa-21-159-11

Siemens SIMATIC NET CP 443-1 OPC UA | CISA

CVEs referencing this url
http://www.securitytracker.com/id/1037354

ntp Multiple Bugs Let Remote Users Cause the Target Service to Crash - SecurityTracker

CVEs referencing this url

Jump to

Vulnerability Details : CVE-2016-7431

Products affected by CVE-2016-7431

Exploit prediction scoring system (EPSS) score for CVE-2016-7431

CVSS scores for CVE-2016-7431

CWE ids for CVE-2016-7431

References for CVE-2016-7431