CVE-2016-7428

Loading...

General

Score:3.3/10.0
Severity:Low
Category:Resource Management Error

Impact Metrics

Confidentiality:None
Integrity:None
Availability:Partial

Exploitability Metrics

Access Vector:Adjacent Network
Access Complexity:Low
Authentication:None

Relative vulnerabilities

CVE-2015-5219, CVE-2015-8139, CVE-2015-8140, CVE-2016-2519, CVE-2016-7426, CVE-2016-7427, CVE-2016-7429, CVE-2016-7431, CVE-2016-7433, CVE-2016-7434, CVE-2016-9042, CVE-2016-9310, CVE-2016-9311, CVE-2017-6458, CVE-2017-6460, CVE-2017-6462, CVE-2017-6463, CVE-2017-6464

Published on 13/01/17 - Updated on 08/11/18

Description

ntpd in NTP before 4.2.8p9 allows remote attackers to cause a denial of service (reject broadcast mode packets) via the poll interval in a broadcast packet.

Category: Resource Management Error

CWE-400 (Uncontrolled Resource Consumption ('Resource Exhaustion'))
The software does not properly restrict the size or amount of resources that are requested or influenced by an actor, which can be used to consume more resources than intended.

Security Notices

US National Vulnerability DatabaseCVE-2016-7428
Agence Nationale de la Sécurité des Systèmes d'Information CERTFR-2017-AVI-090, CERTFR-2017-AVI-212
Arch Linux ASA-201611-28
SUSE SUSE-SU-2016:3193, SUSE-SU-2016:3195, SUSE-SU-2016:3196, SUSE-SU-2017:0255
Ubuntu USN-3349-1

Exploits

No exploits available for this CVE in our database.

Relative technologies

VendorProduct
ntpntp

Share this vulnerability with:

Twitter Facebook LinkedIn Mail