CVE-2016-7433
Summary
| CVE | CVE-2016-7433 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2017-01-13 16:59:00 UTC |
| Updated | 2023-11-07 02:34:00 UTC |
| Description | NTP before 4.2.8p9 does not properly perform the initial sync calculations, which allows remote attackers to unspecified impact via unknown vectors, related to a "root distance that did not include the peer dispersion." |
Risk And Classification
Problem Types: CWE-682
NVD Known Affected Configurations (CPE 2.3)
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| FreeBSD-SA-16:39 | FREEBSD | security.FreeBSD.org | |
| Siemens SIMATIC NET CP 443-1 OPC UA | CISA | MISC | us-cert.cisa.gov | |
| NTP CVE-2016-7433 Local Denial of Service Vulnerability | BID | www.securityfocus.com | |
| [SECURITY] Fedora 23 Update: ntp-4.2.6p5-43.fc23 - package-announce - Fedora Mailing-Lists | lists.fedoraproject.org | ||
| [SECURITY] Fedora 25 Update: ntp-4.2.6p5-43.fc25 - package-announce - Fedora Mailing-Lists | FEDORA | lists.fedoraproject.org | |
| support.ntp.org/bin/view/Main/SecurityNotice | CONFIRM | support.ntp.org | Vendor Advisory |
| ntp Multiple Bugs Let Remote Users Cause the Target Service to Crash - SecurityTracker | SECTRACK | www.securitytracker.com | |
| BSA-2017-227 | CONFIRM | www.broadcom.com | |
| Red Hat Customer Portal | REDHAT | rhn.redhat.com | |
| cert-portal.siemens.com/productcert/pdf/ssa-211752.pdf | CONFIRM | cert-portal.siemens.com | |
| [SECURITY] Fedora 25 Update: ntp-4.2.6p5-43.fc25 - package-announce - Fedora Mailing-Lists | lists.fedoraproject.org | ||
| Document Display | HPE Support Center | CONFIRM | h20566.www2.hpe.com | |
| BSA-2017-227 | CONFIRM | www.broadcom.com | |
| support.ntp.org/bin/view/Main/NtpBug3067 | CONFIRM | support.ntp.org | Issue Tracking, Mitigation, Vendor Advisory |
| USN-3349-1: NTP vulnerabilities | Ubuntu | UBUNTU | www.ubuntu.com | |
| SecurityFocus | BUGTRAQ | www.securityfocus.com | |
| SecurityFocus | BUGTRAQ | www.securityfocus.com | |
| [SECURITY] Fedora 23 Update: ntp-4.2.6p5-43.fc23 - package-announce - Fedora Mailing-Lists | FEDORA | lists.fedoraproject.org | |
| SecurityFocus | BUGTRAQ | www.securityfocus.com | |
| Broadcom Support Portal | CONFIRM | bto.bluecoat.com | |
| [SECURITY] Fedora 24 Update: ntp-4.2.6p5-43.fc24 - package-announce - Fedora Mailing-Lists | lists.fedoraproject.org | ||
| Network Time Foundation Publishes NTP 4.2.8p9 Security Release | CONFIRM | nwtime.org | Release Notes, Vendor Advisory |
| openSUSE-SU-2016:3280-1: moderate: Security update for ntp | SUSE | lists.opensuse.org | |
| SecurityFocus | BUGTRAQ | www.securityfocus.com | |
| Oracle Critical Patch Update - October 2017 | CONFIRM | www.oracle.com | |
| [SECURITY] Fedora 24 Update: ntp-4.2.6p5-43.fc24 - package-announce - Fedora Mailing-Lists | FEDORA | lists.fedoraproject.org | |
| Vulnerability Note VU#633847 - NTP.org ntpd contains multiple denial of service vulnerabilities | CERT-VN | www.kb.cert.org | Third Party Advisory, US Government Resource |
| Security Advisory - Multiple NTPd Vulnerabilities in Huawei Products | CONFIRM | www.huawei.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.