CVE-2016-7426

Related Files

Ubuntu Security Notice USN-3707-2

Posted Jan 23, 2019

Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3707-2 - USN-3707-1 and USN-3349-1 fixed several vulnerabilities in NTP. This update provides the corresponding update for Ubuntu 12.04 ESM. Miroslav Lichvar discovered that NTP incorrectly handled certain spoofed addresses when performing rate limiting. A remote attacker could possibly use this issue to perform a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service, spoof, vulnerability

systems | linux, ubuntu

advisories | CVE-2016-7426, CVE-2016-9310, CVE-2016-9311, CVE-2017-6462, CVE-2017-6463, CVE-2018-7183, CVE-2018-7185

MD5 | 2f54f1b535f2b9e7d16c597307f59f6d

Download | Favorite | View

Ubuntu Security Notice USN-3349-1

Posted Jul 6, 2017

Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 3349-1 - Yihan Lian discovered that NTP incorrectly handled certain large request data values. A remote attacker could possibly use this issue to cause NTP to crash, resulting in a denial of service. This issue only affected Ubuntu 16.04 LTS. Miroslav Lichvar discovered that NTP incorrectly handled certain spoofed addresses when performing rate limiting. A remote attacker could possibly use this issue to perform a denial of service. This issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, and Ubuntu 16.10. Various other issues were also addressed.

tags | advisory, remote, denial of service, spoof

systems | linux, ubuntu

advisories | CVE-2016-2519, CVE-2016-7426, CVE-2016-7427, CVE-2016-7428, CVE-2016-7429, CVE-2016-7431, CVE-2016-7433, CVE-2016-7434, CVE-2016-9042, CVE-2016-9310, CVE-2016-9311, CVE-2017-6458, CVE-2017-6460, CVE-2017-6462, CVE-2017-6463, CVE-2017-6464

MD5 | f7f3fa44faf862974b40f78bbb8b5cbc

Download | Favorite | View

HPE Security Bulletin HPESBUX03706 1

Posted Mar 12, 2017

Authored by Hewlett Packard Enterprise | Site hpe.com

HPE Security Bulletin HPESBUX03706 1 - Potential security vulnerabilities have been identified in the HP-UX-NTP service running ntpd. These vulnerabilities could be exploited remotely to allow a denial of service (DoS), unauthorized modification, and access restriction bypass. Revision 1 of this advisory.

tags | advisory, denial of service, vulnerability

systems | hpux

advisories | CVE-2016-7426, CVE-2016-7427, CVE-2016-7428, CVE-2016-7429, CVE-2016-7431, CVE-2016-7433, CVE-2016-7434, CVE-2016-9310, CVE-2016-9311

MD5 | 306b728da60c9fcd8841d044fe0cd334

Download | Favorite | View

Red Hat Security Advisory 2017-0252-01

Posted Feb 6, 2017

Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2017-0252-01 - The Network Time Protocol is used to synchronize a computer's time with another referenced time source. These packages include the ntpd service which continuously adjusts system time and utilities used to query and configure the ntpd service. Security Fix: It was found that when ntp is configured with rate limiting for all associations the limits are also applied to responses received from its configured sources. A remote attacker who knows the sources can cause a denial of service by preventing ntpd from accepting valid responses from its sources.

tags | advisory, remote, denial of service, protocol

systems | linux, redhat

advisories | CVE-2016-7426, CVE-2016-7429, CVE-2016-7433, CVE-2016-9310, CVE-2016-9311

MD5 | d27eb248d654333b1e45ed56dfbc614a

Download | Favorite | View

FreeBSD Security Advisory - FreeBSD-SA-16.39.ntp

Posted Dec 21, 2016

Authored by Network Time Foundation | Site security.freebsd.org

FreeBSD Security Advisory - Multiple vulnerabilities have been discovered in the NTP suite.

tags | advisory, vulnerability

systems | freebsd, bsd

advisories | CVE-2016-7426, CVE-2016-7427, CVE-2016-7428, CVE-2016-7431

MD5 | 758701c6c332f8937e8764717b895f4a

Download | Favorite | View