CVE-2016-1549

Summary

A malicious authenticated peer can create arbitrarily-many ephemeral associations in order to win the clock selection algorithm in ntpd in NTP 4.2.8p4 and earlier and NTPsec 3e160db8dc248a0bcb053b56a80167dc742d2b74 and a5fb34b9cc89b92a8fef2f459004865c93bb7f92 and modify a victim's clock.

Affected Software

VendorProductVersion RangeStatus
NTP ProjectNTP4.2.8p3affected
NTP ProjectNTP4.2.8p4affected
NTPsec ProjectNTPSec3e160db8dc248a0bcb053b56a80167dc742d2b74affected
NTPsec ProjectNTPSeca5fb34b9cc89b92a8fef2f459004865c93bb7f92affected

Weaknesses

  • unspecified

ADP Enrichment

CVE Program Container

Additional References

References