CVE-2016-9042

An exploitable denial of service vulnerability exists in the origin timestamp check functionality of ntpd 4.2.8p9. A specially crafted unauthenticated network packet can be used to reset the expected origin timestamp for target peers. Legitimate replies from targeted peers will fail the origin timestamp check (TEST2) causing the reply to be dropped and creating a denial of service condition.
References
Link Resource
http://packetstormsecurity.com/files/142101/FreeBSD-Security-Advisory-FreeBSD-SA-17-03.ntp.html
http://packetstormsecurity.com/files/142284/Slackware-Security-Advisory-ntp-Updates.html
http://seclists.org/fulldisclosure/2017/Nov/7
http://seclists.org/fulldisclosure/2017/Sep/62
http://www.securityfocus.com/archive/1/540403/100/0/threaded
http://www.securityfocus.com/archive/1/archive/1/540403/100/0/threaded
http://www.securityfocus.com/archive/1/archive/1/540464/100/0/threaded
http://www.securityfocus.com/bid/97046 Permissions Required Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1038123 Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1039427 Third Party Advisory VDB Entry
http://www.ubuntu.com/usn/USN-3349-1
https://bto.bluecoat.com/security-advisory/sa147
https://cert-portal.siemens.com/productcert/pdf/ssa-211752.pdf Third Party Advisory
https://kc.mcafee.com/corporate/index?page=content&id=SB10201
https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7KVLFA3J43QFIP4I7HE7KQ5FXSMJEKC6/
https://security.FreeBSD.org/advisories/FreeBSD-SA-17:03.ntp.asc Third Party Advisory
https://support.apple.com/kb/HT208144
https://support.f5.com/csp/article/K39041624
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03962en_us Third Party Advisory
https://us-cert.cisa.gov/ics/advisories/icsa-21-159-11
https://www.talosintelligence.com/vulnerability_reports/TALOS-2016-0260 Exploit Mitigation Third Party Advisory
Configurations

Configuration 1 (hide)

cpe:2.3:a:ntp:ntp:4.2.8:p9:*:*:*:*:*:*

Configuration 2 (hide)

OR cpe:2.3:o:freebsd:freebsd:10.0:*:*:*:*:*:*:*
cpe:2.3:o:freebsd:freebsd:11.0:*:*:*:*:*:*:*

Configuration 3 (hide)

cpe:2.3:a:hpe:hpux-ntp:*:*:*:*:*:*:*:*

Configuration 4 (hide)

AND
cpe:2.3:o:siemens:simatic_net_cp_443-1_opc_ua_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:simatic_net_cp_443-1_opc_ua:-:*:*:*:*:*:*:*

History

07 Nov 2023, 02:36

Type Values Removed Values Added
References
  • {'url': 'https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7KVLFA3J43QFIP4I7HE7KQ5FXSMJEKC6/', 'name': 'FEDORA-2017-20d54b2782', 'tags': [], 'refsource': 'FEDORA'}
  • () https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7KVLFA3J43QFIP4I7HE7KQ5FXSMJEKC6/ -

19 Apr 2022, 20:15

Type Values Removed Values Added
References
  • (FULLDISC) http://seclists.org/fulldisclosure/2017/Nov/7 -
  • (UBUNTU) http://www.ubuntu.com/usn/USN-3349-1 -
  • (CONFIRM) https://kc.mcafee.com/corporate/index?page=content&id=SB10201 -
  • (BUGTRAQ) http://www.securityfocus.com/archive/1/archive/1/540464/100/0/threaded -
  • (CONFIRM) https://bto.bluecoat.com/security-advisory/sa147 -
  • (CONFIRM) https://support.f5.com/csp/article/K39041624 -
  • (CONFIRM) https://support.apple.com/kb/HT208144 -
  • (MISC) http://packetstormsecurity.com/files/142284/Slackware-Security-Advisory-ntp-Updates.html -
  • (FULLDISC) http://seclists.org/fulldisclosure/2017/Sep/62 -
  • (MISC) http://packetstormsecurity.com/files/142101/FreeBSD-Security-Advisory-FreeBSD-SA-17-03.ntp.html -
  • (MISC) https://us-cert.cisa.gov/ics/advisories/icsa-21-159-11 -
  • (BUGTRAQ) http://www.securityfocus.com/archive/1/540403/100/0/threaded -
  • (FEDORA) https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7KVLFA3J43QFIP4I7HE7KQ5FXSMJEKC6/ -
  • (BUGTRAQ) http://www.securityfocus.com/archive/1/archive/1/540403/100/0/threaded -

08 Jun 2021, 19:48

Type Values Removed Values Added
CPE cpe:2.3:h:siemens:simatic_net_cp_443-1_opc_ua:-:*:*:*:*:*:*:*
cpe:2.3:o:siemens:simatic_net_cp_443-1_opc_ua_firmware:*:*:*:*:*:*:*:*
cpe:2.3:a:hpe:hpux-ntp:*:*:*:*:*:*:*:*
References (CONFIRM) https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03962en_us - (CONFIRM) https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03962en_us - Third Party Advisory
References (CONFIRM) https://cert-portal.siemens.com/productcert/pdf/ssa-211752.pdf - (CONFIRM) https://cert-portal.siemens.com/productcert/pdf/ssa-211752.pdf - Third Party Advisory

08 Jun 2021, 12:15

Type Values Removed Values Added
References
  • (CONFIRM) https://cert-portal.siemens.com/productcert/pdf/ssa-211752.pdf -

Information

Published : 2018-06-04 20:29

Updated : 2023-12-10 12:30


NVD link : CVE-2016-9042

Mitre link : CVE-2016-9042

CVE.ORG link : CVE-2016-9042


JSON object : View

Products Affected

ntp

  • ntp

siemens

  • simatic_net_cp_443-1_opc_ua
  • simatic_net_cp_443-1_opc_ua_firmware

hpe

  • hpux-ntp

freebsd

  • freebsd
CWE
CWE-20

Improper Input Validation