CVE-2016-4955
05.07.2016, 01:59
ntpd in NTP 4.x before 4.2.8p8, when autokey is enabled, allows remote attackers to cause a denial of service (peer-variable clearing and association outage) by sending (1) a spoofed crypto-NAK packet or (2) a packet with an incorrect MAC value at a certain time.
| Vendor | Product | Version |
|---|---|---|
| ntp | ntp | 4.2.0 ≤ 𝑥 < 4.2.8 |
| ntp | ntp | 4.3.0 ≤ 𝑥 < 4.3.93 |
| ntp | ntp | 4.2.8 |
| ntp | ntp | 4.2.8:p1 |
| ntp | ntp | 4.2.8:p1-beta1 |
| ntp | ntp | 4.2.8:p1-beta2 |
| ntp | ntp | 4.2.8:p1-beta3 |
| ntp | ntp | 4.2.8:p1-beta4 |
| ntp | ntp | 4.2.8:p1-beta5 |
| ntp | ntp | 4.2.8:p1-rc1 |
| ntp | ntp | 4.2.8:p1-rc2 |
| ntp | ntp | 4.2.8:p2 |
| ntp | ntp | 4.2.8:p2-rc1 |
| ntp | ntp | 4.2.8:p2-rc2 |
| ntp | ntp | 4.2.8:p2-rc3 |
| ntp | ntp | 4.2.8:p3 |
| ntp | ntp | 4.2.8:p3-rc1 |
| ntp | ntp | 4.2.8:p3-rc2 |
| ntp | ntp | 4.2.8:p3-rc3 |
| ntp | ntp | 4.2.8:p4 |
| ntp | ntp | 4.2.8:p5 |
| ntp | ntp | 4.2.8:p6 |
| ntp | ntp | 4.2.8:p7 |
| oracle | solaris | 11.3 |
| suse | manager_proxy | 2.1 |
| novell | suse_manager | 2.1 |
| opensuse | leap | 42.1 |
| opensuse | opensuse | 13.2 |
| siemens | simatic_net_cp_443-1_opc_ua_firmware | * |
𝑥
= Vulnerable software versions
Ubuntu Releases
References