#VU39825 Input validation error in ntp - CVE-2016-7434


| Updated: 2020-08-10

Vulnerability identifier: #VU39825

Vulnerability risk: Medium

CVSSv4.0: 7.7 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:N/VI:N/VA:H/SC:N/SI:N/SA:N/E:P/U:Green]

CVE-ID: CVE-2016-7434

CWE-ID: CWE-20

Exploitation vector: Network

Exploit availability: Yes

Vulnerable software:
ntp
Server applications / Other server solutions

Vendor: ntp.org

Description

The vulnerability allows a remote non-authenticated attacker to perform a denial of service (DoS) attack.

The read_mru_list function in NTP before 4.2.8p9 allows remote attackers to cause a denial of service (crash) via a crafted mrulist query.

Mitigation
Install update from vendor's website.

Vulnerable software versions

ntp: 4.3.0 - 4.3.93

External links
https://nwtime.org/ntp428p9_release/
https://support.ntp.org/bin/view/Main/NtpBug3082
https://support.ntp.org/bin/view/Main/SecurityNotice#Recent_Vulnerabilities
https://www.securityfocus.com/bid/94448
https://www.securitytracker.com/id/1037354
https://bto.bluecoat.com/security-advisory/sa139
https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03706en_us
https://security.FreeBSD.org/advisories/FreeBSD-SA-16:39.ntp.asc
https://www.exploit-db.com/exploits/40806/
https://www.kb.cert.org/vuls/id/633847

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.


Latest bulletins with this vulnerability


Input validation error in ntp
Arch Linux update for ntp