CVE-2016-9310

Опубликовано: 13 янв. 2017

Источник: debian

EPSS Средний

Описание

The control mode (mode 6) functionality in ntpd in NTP before 4.2.8p9 allows remote attackers to set or unset traps via a crafted control mode packet.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
ntp	fixed	1:4.2.8p9+dfsg-1		package
ntp	no-dsa		jessie	package
ntp	no-dsa		wheezy	package

Примечания

http://support.ntp.org/bin/view/Main/NtpBug3118
http://www.talosintelligence.com/reports/TALOS-2016-0203/
Only affects configurations that do not have "restrict noquery", Debian's default config does have that restriction.

EPSS

Процентиль: 94%

0.14524

Средний

Связанные уязвимости

CVE-2016-9310

CVSS3: 6.5

ubuntu

почти 9 лет назад

The control mode (mode 6) functionality in ntpd in NTP before 4.2.8p9 allows remote attackers to set or unset traps via a crafted control mode packet.

CVE-2016-9310

CVSS3: 4.8

redhat

почти 9 лет назад

The control mode (mode 6) functionality in ntpd in NTP before 4.2.8p9 allows remote attackers to set or unset traps via a crafted control mode packet.

CVE-2016-9310

CVSS3: 6.5

nvd

почти 9 лет назад

The control mode (mode 6) functionality in ntpd in NTP before 4.2.8p9 allows remote attackers to set or unset traps via a crafted control mode packet.

GHSA-x99c-5hjh-5p3r

CVSS3: 6.5

github

больше 3 лет назад

The control mode (mode 6) functionality in ntpd in NTP before 4.2.8p9 allows remote attackers to set or unset traps via a crafted control mode packet.

ELSA-2017-0252

oracle-oval

почти 9 лет назад

ELSA-2017-0252: ntp security update (MODERATE)

EPSS

Процентиль: 94%

0.14524

Средний