Input validation error in ntp and FreeBSD - CVE-2016-9042
Published: June 4, 2018 / Updated: August 8, 2020
Vulnerability identifier: #VU37084
CSH Severity: Medium
CVSS v4.0: CVSS:4.0/AV:N/AC:L/AT:P/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:U/U:Green
CVE-ID: CVE-2016-9042
CWE-ID: CWE-20
Exploitation vector: Remote access
Exploit availability:
No public exploit available
Vendor: ntp.org
FreeBSD Foundation
FreeBSD Foundation
Affected software:
ntp
FreeBSD
ntp
FreeBSD
Detailed vulnerability description
The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.
An exploitable denial of service vulnerability exists in the origin timestamp check functionality of ntpd 4.2.8p9. A specially crafted unauthenticated network packet can be used to reset the expected origin timestamp for target peers. Legitimate replies from targeted peers will fail the origin timestamp check (TEST2) causing the reply to be dropped and creating a denial of service condition.
How to mitigate CVE-2016-9042
Install update from vendor's website.
Sources
- http://www.securityfocus.com/bid/97046
- http://www.securitytracker.com/id/1038123
- http://www.securitytracker.com/id/1039427
- https://security.FreeBSD.org/advisories/FreeBSD-SA-17:03.ntp.asc
- https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03962en_us
- https://www.talosintelligence.com/vulnerability_reports/TALOS-2016-0260