Lucene search

Redhat.comRH:CVE-2016-7431

HistoryNov 22, 2016 - 10:47 a.m.

CVE-2016-7431

2016-11-2210:47:56

redhat.com

access.redhat.com

0.012 Low

EPSS

Percentile

85.2%

JSON

NTP before 4.2.8p9 allows remote attackers to bypass the origin timestamp protection mechanism via an origin timestamp of zero. NOTE: this vulnerability exists because of a CVE-2015-8138 regression.

References

support.ntp.org/bin/view/Main/NtpBug3102

bugzilla.redhat.com/show_bug.cgi?id=1397331

cve

CVE-2016-7431

2017-01-13 16:59:00

CVE-2015-8138

2017-01-30 21:59:00

cvelist

CVE-2016-7431

2017-01-13 16:00:00

CVE-2015-8138

2017-01-30 21:00:00

prion

Design/Logic Flaw

2017-01-13 16:59:00

Design/Logic Flaw

2017-01-30 21:59:00

nvd

CVE-2016-7431

2017-01-13 16:59:00

CVE-2015-8138

2017-01-30 21:59:00

ubuntucve

CVE-2016-7431

2017-01-13 00:00:00

CVE-2016-9042

2016-12-31 00:00:00

CVE-2015-8138

2015-12-31 00:00:00

debiancve

CVE-2016-7431

2017-01-13 16:59:00

CVE-2015-8138

2017-01-30 21:59:00

talos

Network Time Protocol Origin Timestamp Check Denial of Service Vulnerability

2017-03-29 00:00:00

Network Time Protocol Origin Timestamp Check Impersonation Vulnerability

2016-01-19 00:00:00

Network Time Protocol ntpq and ntpdc Origin Timestamp Disclosure Vulnerability

2016-01-19 00:00:00

seebug

Network Time Protocol Origin Timestamp Check Denial of Service Vulnerability(CVE-2016-9042)

2017-09-20 00:00:00

Network Time Protocol Control Mode Unauthenticated Trap Information Disclosure and DDoS Amplification Vulnerability(CVE-2016-9310)

2017-10-11 00:00:00

openvas

NTP.org 'ntpd' Zero Origin Timestamp Regression Vulnerability (Nov 2016)

2016-06-03 00:00:00

Oracle: Security Advisory (ELSA-2016-0063)

2016-01-26 00:00:00

RedHat Update for ntp RHSA-2016:0063-01

2016-01-26 00:00:00

K71245322 : NTP vulnerability CVE-2015-8138

2016-02-22 00:00:00

SOL71245322 - NTP vulnerability CVE-2015-8138

2016-02-22 00:00:00

K80996302 : Multiple NTP vulnerabilities

2016-12-16 00:00:00

nessus

RHEL 6 / 7 : ntp (RHSA-2016:0063)

2016-01-26 00:00:00

OracleVM 3.3 : ntp (OVMSA-2016-0006)

2016-01-26 00:00:00

Scientific Linux Security Update : ntp on SL6.x, SL7.x i386/x86_64 (20160125)

2016-01-26 00:00:00

veracode

Validation Bypass

2019-01-15 09:09:42

centos

ntp, ntpdate, sntp security update

2016-01-25 14:27:37

oraclelinux

ntp security update

2016-01-25 00:00:00

ntp security and bug fix update

2016-05-12 00:00:00

ntp security and bug fix update

2016-11-09 00:00:00

redhat

(RHSA-2016:0063) Important: ntp security update

2016-01-25 00:00:00

ibm

Security Bulletin: Vulnerability in NTP affects IBM Flex System EN6131 40Gb Ethernet / IB6131 40Gb Infiniband Switch firmware (CVE-2015-8138)

2019-01-31 02:25:02

Security Bulletin: Vulnerabilities in NTP affect IBM Integrated Management Module II (IMM2) for System x, Flex and BladeCenter systems

2023-04-14 14:32:25

Security Bulletin: Vulnerabilities in ntp affect IBM Integrated Management Module II (IMM2) for System x, Flex and BladeCenter systems (CVE-2015-8138 CVE-2015-5300)

2023-04-14 14:32:25

cisco

Multiple Vulnerabilities in Network Time Protocol Daemon Affecting Cisco Products: November 2016

2016-11-23 16:00:00

Multiple Vulnerabilities in Network Time Protocol Daemon Affecting Cisco Products: April 2016

2016-04-28 09:00:00

Multiple Vulnerabilities in Network Time Protocol Daemon Affecting Cisco Products: January 2016

2016-01-27 20:00:00

fedora

[SECURITY] Fedora 23 Update: ntp-4.2.6p5-36.fc23

2016-01-30 18:28:19

[SECURITY] Fedora 22 Update: ntp-4.2.6p5-36.fc22

2016-02-21 02:33:52

ics

Siemens SIMATIC NET CP 443-1 OPC UA

2021-06-08 12:00:00

Siemens TIM 4R-IE Devices

2021-04-13 12:00:00

freebsd

FreeBSD -- Multiple vulnerabilities of ntp

2016-12-22 00:00:00

ntp -- multiple vulnerabilities

2016-11-21 00:00:00

ntp -- multiple vulnerabilities

2016-01-20 00:00:00

freebsd_advisory

FreeBSD-SA-16:39.ntp

2016-12-22 00:00:00

FreeBSD-SA-16:09.ntp

2016-01-27 00:00:00

amazon

Important: ntp

2016-02-09 13:30:00

huawei

Security Advisory - Multiple NTPd Vulnerabilities in Huawei Products

2017-11-29 00:00:00

slackware

[slackware-security] ntp

2016-11-21 19:25:10

[slackware-security] ntp

2016-02-23 19:51:20

[slackware-security] ntp

2016-04-29 21:57:25

archlinux

[ASA-201611-28] ntp: multiple issues

2016-11-26 00:00:00

cert

NTP.org ntpd contains multiple denial of service vulnerabilities

2016-11-21 00:00:00

NTP.org ntpd contains multiple vulnerabilities

2016-04-27 00:00:00

symantec

SA139 : November 2016 NTP Security Vulnerabilities

2017-01-12 08:00:00

SA113 : January 2016 NTP Security Vulnerabilities

2016-03-03 08:00:00

paloalto

NTP Vulnerabilities

2016-08-15 00:00:00

debian

[SECURITY] [DSA 3629-1] ntp security update

2016-07-25 21:15:32

[SECURITY] [DLA 559-1] ntp security update

2016-07-25 21:37:14

mageia

Updated ntp packages fix security vulnerability

2016-01-29 14:02:50

suse

Security update for ntp (important)

2016-04-28 19:09:34

Security update for ntp (important)

2016-05-12 21:07:47

Security update for ntp (important)

2016-04-28 19:13:09

arista

Security Advisory 0019

2018-04-25 00:00:00

osv

ntp - security update

2016-07-25 00:00:00

ntp - security update

2016-07-25 00:00:00

fortinet

ntp-4.2.8p7 Security Vulnerability Announcement April 2016

2017-04-03 00:00:00

ubuntu

NTP vulnerabilities

2017-07-05 00:00:00

NTP vulnerabilities

2016-10-05 00:00:00

cloudfoundry

USN-3349-1: NTP vulnerabilities | Cloud Foundry

2017-08-04 00:00:00

USN-3096-1: NTP vulnerabilities | Cloud Foundry

2016-12-21 00:00:00

gentoo

NTP: Multiple vulnerabilities

2016-07-20 00:00:00

oracle

Oracle Critical Patch Update - July 2016

2016-07-19 00:00:00

Oracle Critical Patch Update - October 2017

2017-10-17 00:00:00

0.012 Low

EPSS

Percentile

85.2%

JSON

CVE-2016-7431

References

Related