Vulnerability Details : CVE-2016-9042
An exploitable denial of service vulnerability exists in the origin timestamp check functionality of ntpd 4.2.8p9. A specially crafted unauthenticated network packet can be used to reset the expected origin timestamp for target peers. Legitimate replies from targeted peers will fail the origin timestamp check (TEST2) causing the reply to be dropped and creating a denial of service condition.
Vulnerability category: Input validationDenial of service
Products affected by CVE-2016-9042
- cpe:2.3:o:freebsd:freebsd:10.0:*:*:*:*:*:*:*
- cpe:2.3:o:freebsd:freebsd:11.0:*:*:*:*:*:*:*
- cpe:2.3:o:siemens:simatic_net_cp_443-1_opc_ua_firmware:*:*:*:*:*:*:*:*
- cpe:2.3:a:ntp:ntp:4.2.8:p9:*:*:*:*:*:*
- cpe:2.3:a:hpe:hpux-ntp:*:*:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2016-9042
4.00%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 92 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2016-9042
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
4.3
|
MEDIUM | AV:N/AC:M/Au:N/C:N/I:N/A:P |
8.6
|
2.9
|
NIST | |
3.7
|
LOW | CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L |
2.2
|
1.4
|
Talos | |
5.9
|
MEDIUM | CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H |
2.2
|
3.6
|
NIST |
CWE ids for CVE-2016-9042
-
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.Assigned by: nvd@nist.gov (Primary)
References for CVE-2016-9042
-
http://www.ubuntu.com/usn/USN-3349-1
USN-3349-1: NTP vulnerabilities | Ubuntu security notices | Ubuntu
-
http://seclists.org/fulldisclosure/2017/Sep/62
Full Disclosure: APPLE-SA-2017-09-25-1 macOS High Sierra 10.13
-
http://www.securityfocus.com/archive/1/archive/1/540464/100/0/threaded
Bugtraq
-
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7KVLFA3J43QFIP4I7HE7KQ5FXSMJEKC6/
[SECURITY] Fedora 26 Update: ntp-4.2.8p10-1.fc26 - package-announce - Fedora Mailing-Lists
-
http://packetstormsecurity.com/files/142101/FreeBSD-Security-Advisory-FreeBSD-SA-17-03.ntp.html
FreeBSD Security Advisory - FreeBSD-SA-17:03.ntp ≈ Packet Storm
-
http://www.securitytracker.com/id/1039427
Apple macOS/OS X Multiple Flaws Let Remote and Local Users Bypass Security and Deny Service, Local Users Obtain Potentially Sensitive Information, and Applications Gain Elevated Privileges - SecurityTThird Party Advisory;VDB Entry
-
https://kc.mcafee.com/corporate/index?page=content&id=SB10201
-
http://www.securityfocus.com/archive/1/540403/100/0/threaded
Bugtraq
-
https://www.talosintelligence.com/vulnerability_reports/TALOS-2016-0260
TALOS-2016-0260 || Cisco Talos Intelligence Group - Comprehensive Threat IntelligenceExploit;Mitigation;Third Party Advisory
-
http://www.securityfocus.com/bid/97046
NTP CVE-2016-9042 Denial of Service VulnerabilityPermissions Required;Third Party Advisory;VDB Entry
-
http://packetstormsecurity.com/files/142284/Slackware-Security-Advisory-ntp-Updates.html
Slackware Security Advisory - ntp Updates ≈ Packet Storm
-
https://security.FreeBSD.org/advisories/FreeBSD-SA-17:03.ntp.asc
Third Party Advisory
-
http://www.securitytracker.com/id/1038123
ntp Multiple Bugs Let Remote or Local Users Cause the Target Service to Crash - SecurityTrackerThird Party Advisory;VDB Entry
-
https://bto.bluecoat.com/security-advisory/sa147
Broadcom Inc. (Customer) - Sign In
-
https://support.apple.com/kb/HT208144
About the security content of macOS High Sierra 10.13 - Apple Support
-
http://seclists.org/fulldisclosure/2017/Nov/7
Full Disclosure: APPLE-SA-2017-10-31-8 Additional information for APPLE-SA-2017-09-25-1 macOS High Sierra 10.13
-
https://cert-portal.siemens.com/productcert/pdf/ssa-211752.pdf
Third Party Advisory
-
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03962en_us
HPESBUX03962 rev.1 - HP-UX NTP service, multiple vulnerabilitiesThird Party Advisory
-
http://www.securityfocus.com/archive/1/archive/1/540403/100/0/threaded
Bugtraq
-
https://us-cert.cisa.gov/ics/advisories/icsa-21-159-11
Siemens SIMATIC NET CP 443-1 OPC UA | CISA
-
https://support.f5.com/csp/article/K39041624
NTP vulnerability CVE-2016-9042
Jump to