FKIE_CVE-2016-2518

Vulnerability from fkie_nvd - Published: 2017-01-30 21:59 - Updated: 2025-04-20 01:37
Severity ?
5.3 (Medium) - CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L
Summary
The MATCH_ASSOC function in NTP before version 4.2.8p9 and 4.3.x before 4.3.92 allows remote attackers to cause an out-of-bounds reference via an addpeer request with a large hmode value.
References
cve@mitre.orghttp://lists.fedoraproject.org/pipermail/package-announce/2016-May/183647.html
cve@mitre.orghttp://lists.fedoraproject.org/pipermail/package-announce/2016-May/184669.html
cve@mitre.orghttp://lists.opensuse.org/opensuse-security-announce/2016-05/msg00034.html
cve@mitre.orghttp://lists.opensuse.org/opensuse-security-announce/2016-05/msg00037.html
cve@mitre.orghttp://lists.opensuse.org/opensuse-security-announce/2016-05/msg00052.html
cve@mitre.orghttp://lists.opensuse.org/opensuse-security-announce/2016-06/msg00001.html
cve@mitre.orghttp://lists.opensuse.org/opensuse-security-announce/2016-06/msg00020.html
cve@mitre.orghttp://lists.opensuse.org/opensuse-security-announce/2016-07/msg00026.html
cve@mitre.orghttp://lists.opensuse.org/opensuse-security-announce/2016-08/msg00042.html
cve@mitre.orghttp://lists.opensuse.org/opensuse-updates/2016-05/msg00114.html
cve@mitre.orghttp://packetstormsecurity.com/files/136864/Slackware-Security-Advisory-ntp-Updates.html
cve@mitre.orghttp://rhn.redhat.com/errata/RHSA-2016-1552.htmlBroken Link
cve@mitre.orghttp://support.ntp.org/bin/view/Main/NtpBug3009Vendor Advisory
cve@mitre.orghttp://support.ntp.org/bin/view/Main/SecurityNotice#April_2016_ntp_4_2_8p7_SecurityVendor Advisory
cve@mitre.orghttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160428-ntpd
cve@mitre.orghttp://www.debian.org/security/2016/dsa-3629Third Party Advisory
cve@mitre.orghttp://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.htmlPatch, Third Party Advisory
cve@mitre.orghttp://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.htmlThird Party Advisory
cve@mitre.orghttp://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.htmlThird Party Advisory
cve@mitre.orghttp://www.securityfocus.com/archive/1/538233/100/0/threaded
cve@mitre.orghttp://www.securityfocus.com/archive/1/archive/1/538233/100/0/threaded
cve@mitre.orghttp://www.securityfocus.com/bid/88226Third Party Advisory, VDB Entry
cve@mitre.orghttp://www.securitytracker.com/id/1035705Third Party Advisory, VDB Entry
cve@mitre.orghttp://www.ubuntu.com/usn/USN-3096-1
cve@mitre.orghttps://access.redhat.com/errata/RHSA-2016:1141Third Party Advisory
cve@mitre.orghttps://cert-portal.siemens.com/productcert/pdf/ssa-211752.pdfThird Party Advisory
cve@mitre.orghttps://security.FreeBSD.org/advisories/FreeBSD-SA-16:16.ntp.ascThird Party Advisory
cve@mitre.orghttps://security.gentoo.org/glsa/201607-15Third Party Advisory
cve@mitre.orghttps://security.netapp.com/advisory/ntap-20171004-0002/Third Party Advisory
cve@mitre.orghttps://support.f5.com/csp/article/K20804323
cve@mitre.orghttps://us-cert.cisa.gov/ics/advisories/icsa-21-159-11
cve@mitre.orghttps://www.debian.org/security/2016/dsa-3629
cve@mitre.orghttps://www.kb.cert.org/vuls/id/718152Third Party Advisory, US Government Resource
af854a3a-2127-422b-91ae-364da2661108http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183647.html
af854a3a-2127-422b-91ae-364da2661108http://lists.fedoraproject.org/pipermail/package-announce/2016-May/184669.html
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00034.html
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00037.html
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00052.html
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00001.html
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00020.html
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00026.html
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00042.html
af854a3a-2127-422b-91ae-364da2661108http://lists.opensuse.org/opensuse-updates/2016-05/msg00114.html
af854a3a-2127-422b-91ae-364da2661108http://packetstormsecurity.com/files/136864/Slackware-Security-Advisory-ntp-Updates.html
af854a3a-2127-422b-91ae-364da2661108http://rhn.redhat.com/errata/RHSA-2016-1552.htmlBroken Link
af854a3a-2127-422b-91ae-364da2661108http://support.ntp.org/bin/view/Main/NtpBug3009Vendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://support.ntp.org/bin/view/Main/SecurityNotice#April_2016_ntp_4_2_8p7_SecurityVendor Advisory
af854a3a-2127-422b-91ae-364da2661108http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160428-ntpd
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2016/dsa-3629Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.htmlPatch, Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.htmlThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.htmlThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/538233/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/archive/1/archive/1/538233/100/0/threaded
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/88226Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://www.securitytracker.com/id/1035705Third Party Advisory, VDB Entry
af854a3a-2127-422b-91ae-364da2661108http://www.ubuntu.com/usn/USN-3096-1
af854a3a-2127-422b-91ae-364da2661108https://access.redhat.com/errata/RHSA-2016:1141Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://cert-portal.siemens.com/productcert/pdf/ssa-211752.pdfThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://security.FreeBSD.org/advisories/FreeBSD-SA-16:16.ntp.ascThird Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://security.gentoo.org/glsa/201607-15Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://security.netapp.com/advisory/ntap-20171004-0002/Third Party Advisory
af854a3a-2127-422b-91ae-364da2661108https://support.f5.com/csp/article/K20804323
af854a3a-2127-422b-91ae-364da2661108https://us-cert.cisa.gov/ics/advisories/icsa-21-159-11
af854a3a-2127-422b-91ae-364da2661108https://www.debian.org/security/2016/dsa-3629
af854a3a-2127-422b-91ae-364da2661108https://www.kb.cert.org/vuls/id/718152Third Party Advisory, US Government Resource
Impacted products
Vendor Product Version
ntp ntp *
ntp ntp *
ntp ntp 4.2.8
ntp ntp 4.2.8
ntp ntp 4.2.8
ntp ntp 4.2.8
ntp ntp 4.2.8
ntp ntp 4.2.8
ntp ntp 4.2.8
ntp ntp 4.2.8
ntp ntp 4.2.8
ntp ntp 4.2.8
ntp ntp 4.2.8
ntp ntp 4.2.8
ntp ntp 4.2.8
ntp ntp 4.2.8
ntp ntp 4.2.8
ntp ntp 4.2.8
ntp ntp 4.2.8
ntp ntp 4.2.8
ntp ntp 4.2.8
ntp ntp 4.2.8
ntp ntp 4.2.8
ntp ntp 4.2.8
debian debian_linux 8.0
debian debian_linux 9.0
debian debian_linux 10.0
netapp clustered_data_ontap -
netapp data_ontap -
netapp oncommand_balance -
netapp oncommand_performance_manager -
netapp oncommand_unified_manager_for_clustered_data_ontap -
oracle communications_user_data_repository 10.0.0
oracle communications_user_data_repository 10.0.1
oracle communications_user_data_repository 12.0.0
oracle linux 6
oracle linux 7
redhat enterprise_linux_desktop 7.0
redhat enterprise_linux_server 6.0
redhat enterprise_linux_server 7.0
redhat enterprise_linux_server_aus 7.2
redhat enterprise_linux_server_aus 7.4
redhat enterprise_linux_server_aus 7.6
redhat enterprise_linux_server_eus 7.2
redhat enterprise_linux_server_eus 7.3
redhat enterprise_linux_server_eus 7.4
redhat enterprise_linux_server_eus 7.5
redhat enterprise_linux_server_eus 7.6
redhat enterprise_linux_server_eus 7.7
redhat enterprise_linux_server_tus 7.2
redhat enterprise_linux_server_tus 7.3
redhat enterprise_linux_server_tus 7.6
redhat enterprise_linux_server_tus 7.7
redhat enterprise_linux_workstation 6.0
freebsd freebsd 9.3
freebsd freebsd 9.3
freebsd freebsd 9.3
freebsd freebsd 9.3
freebsd freebsd 9.3
freebsd freebsd 9.3
freebsd freebsd 9.3
freebsd freebsd 9.3
freebsd freebsd 9.3
freebsd freebsd 9.3
freebsd freebsd 9.3
freebsd freebsd 9.3
freebsd freebsd 9.3
freebsd freebsd 9.3
freebsd freebsd 9.3
freebsd freebsd 9.3
freebsd freebsd 9.3
freebsd freebsd 9.3
freebsd freebsd 9.3
freebsd freebsd 9.3
freebsd freebsd 9.3
freebsd freebsd 9.3
freebsd freebsd 9.3
freebsd freebsd 9.3
freebsd freebsd 9.3
freebsd freebsd 9.3
freebsd freebsd 9.3
freebsd freebsd 9.3
freebsd freebsd 9.3
freebsd freebsd 9.3
freebsd freebsd 10.1
freebsd freebsd 10.1
freebsd freebsd 10.1
freebsd freebsd 10.1
freebsd freebsd 10.1
freebsd freebsd 10.1
freebsd freebsd 10.1
freebsd freebsd 10.1
freebsd freebsd 10.1
freebsd freebsd 10.1
freebsd freebsd 10.1
freebsd freebsd 10.1
freebsd freebsd 10.1
freebsd freebsd 10.1
freebsd freebsd 10.1
freebsd freebsd 10.1
freebsd freebsd 10.1
freebsd freebsd 10.1
freebsd freebsd 10.1
freebsd freebsd 10.1
freebsd freebsd 10.1
freebsd freebsd 10.1
freebsd freebsd 10.1
freebsd freebsd 10.1
freebsd freebsd 10.1
freebsd freebsd 10.1
freebsd freebsd 10.2
freebsd freebsd 10.2
freebsd freebsd 10.2
freebsd freebsd 10.2
freebsd freebsd 10.2
freebsd freebsd 10.2
freebsd freebsd 10.2
freebsd freebsd 10.2
freebsd freebsd 10.2
freebsd freebsd 10.2
freebsd freebsd 10.2
freebsd freebsd 10.2
freebsd freebsd 10.3
siemens simatic_net_cp_443-1_opc_ua_firmware *
siemens simatic_net_cp_443-1_opc_ua -
To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ntp:ntp:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "CED3C1F7-6FFA-44D1-BC56-2BB1963F3B9F",
              "versionEndExcluding": "4.2.8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ntp:ntp:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "2A5D4FE7-07FC-4869-84F2-4FA767490A73",
              "versionEndExcluding": "4.3.92",
              "versionStartIncluding": "4.3.0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ntp:ntp:4.2.8:-:*:*:*:*:*:*",
              "matchCriteriaId": "EEA51D83-5841-4335-AF07-7A43C118CAAE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ntp:ntp:4.2.8:p1:*:*:*:*:*:*",
              "matchCriteriaId": "C855BBD2-2B38-4EFF-9DBE-CA61CCACD0DE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ntp:ntp:4.2.8:p1-beta1:*:*:*:*:*:*",
              "matchCriteriaId": "49ADE0C3-F75C-4EC0-8805-56013F0EB92C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ntp:ntp:4.2.8:p1-beta2:*:*:*:*:*:*",
              "matchCriteriaId": "D8FF625A-EFA3-43D1-8698-4A37AE31A07C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ntp:ntp:4.2.8:p1-beta3:*:*:*:*:*:*",
              "matchCriteriaId": "E3B99BBD-97FE-4615-905A-A614592226F8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ntp:ntp:4.2.8:p1-beta4:*:*:*:*:*:*",
              "matchCriteriaId": "E7A9AD3A-F030-4331-B52A-518BD963AB8A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ntp:ntp:4.2.8:p1-beta5:*:*:*:*:*:*",
              "matchCriteriaId": "C293B8BE-6691-4944-BCD6-25EB98CABC73",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ntp:ntp:4.2.8:p1-rc1:*:*:*:*:*:*",
              "matchCriteriaId": "CEA650F8-2576-494A-A861-61572CA319D0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ntp:ntp:4.2.8:p1-rc2:*:*:*:*:*:*",
              "matchCriteriaId": "4ED21EE8-7CBF-4BC5-BFC3-185D41296238",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ntp:ntp:4.2.8:p2:*:*:*:*:*:*",
              "matchCriteriaId": "C76A0B44-13DE-4173-8D05-DA54F6A71759",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ntp:ntp:4.2.8:p2-rc1:*:*:*:*:*:*",
              "matchCriteriaId": "1450241C-2F6D-4122-B33C-D78D065BA403",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ntp:ntp:4.2.8:p2-rc2:*:*:*:*:*:*",
              "matchCriteriaId": "721AFD22-91D3-488E-A5E6-DD84C86E412B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ntp:ntp:4.2.8:p2-rc3:*:*:*:*:*:*",
              "matchCriteriaId": "8D6ADDB1-2E96-4FF6-AE95-4B06654D38B0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ntp:ntp:4.2.8:p3:*:*:*:*:*:*",
              "matchCriteriaId": "41E44E9F-6383-4E12-AEDC-B653FEA77A48",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ntp:ntp:4.2.8:p3-rc1:*:*:*:*:*:*",
              "matchCriteriaId": "466D9A37-2658-4695-9429-0C6BF4A631C2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ntp:ntp:4.2.8:p3-rc2:*:*:*:*:*:*",
              "matchCriteriaId": "99774181-5F12-446C-AC2C-DB1C52295EED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ntp:ntp:4.2.8:p3-rc3:*:*:*:*:*:*",
              "matchCriteriaId": "4427EE6D-3F79-4FF5-B3EC-EE6BD01562CE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ntp:ntp:4.2.8:p4:*:*:*:*:*:*",
              "matchCriteriaId": "99C71C00-7222-483B-AEFB-159337BD3C92",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ntp:ntp:4.2.8:p5:*:*:*:*:*:*",
              "matchCriteriaId": "75A9AA28-1B20-44BB-815C-7294A53E910E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ntp:ntp:4.2.8:p6:*:*:*:*:*:*",
              "matchCriteriaId": "8C213794-111D-41F3-916C-AD97F731D600",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ntp:ntp:4.2.8:p7:*:*:*:*:*:*",
              "matchCriteriaId": "50811A7B-0379-4437-8737-B4C1ACBC9EFD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ntp:ntp:4.2.8:p8:*:*:*:*:*:*",
              "matchCriteriaId": "F12E4CF5-536C-416B-AD8D-6AE7CBE22C71",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "C11E6FB0-C8C0-4527-9AA0-CB9B316F8F43",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "DEECE5FC-CACF-4496-A3E7-164736409252",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:debian:debian_linux:10.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "07B237A9-69A3-4A9C-9DA0-4E06BD37AE73",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:netapp:clustered_data_ontap:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "1FE996B1-6951-4F85-AA58-B99A379D2163",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:netapp:data_ontap:-:*:*:*:*:7-mode:*:*",
              "matchCriteriaId": "6C2ACC32-5147-4EA5-95BE-B6B4EAB3D82B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:netapp:oncommand_balance:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7DCBCC5D-C396-47A8-ADF4-D3A2C4377FB1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:netapp:oncommand_performance_manager:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "212E1878-1B9A-4CB4-A1CE-EAD60B867161",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:netapp:oncommand_unified_manager_for_clustered_data_ontap:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "392D82A3-21BC-4CE1-A0AC-62A90468F0A5",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:oracle:communications_user_data_repository:10.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "D6D2C3F5-73E2-4988-9416-940C3C09F25F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:communications_user_data_repository:10.0.1:*:*:*:*:*:*:*",
              "matchCriteriaId": "0473C6C9-B0C5-43F0-AC8C-C0DAD30DACF8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:oracle:communications_user_data_repository:12.0.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "0E94636C-58E3-4B5C-9B18-E5129F6B4A11",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:oracle:linux:6:-:*:*:*:*:*:*",
              "matchCriteriaId": "D7B037A8-72A6-4DFF-94B2-D688A5F6F876",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:oracle:linux:7:-:*:*:*:*:*:*",
              "matchCriteriaId": "44B8FEDF-6CB0-46E9-9AD7-4445B001C158",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "33C068A4-3780-4EAB-A937-6082DF847564",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "9BBCD86A-E6C7-4444-9D74-F861084090F0",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "51EF4996-72F4-4FA4-814F-F5991E7A8318",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "1C8D871B-AEA1-4407-AEE3-47EC782250FF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "D99A687E-EAE6-417E-A88E-D0082BC194CD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_aus:7.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "B353CE99-D57C-465B-AAB0-73EF581127D1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "44B067C7-735E-43C9-9188-7E1522A02491",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "A8442C20-41F9-47FD-9A12-E724D3A31FD7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.4:*:*:*:*:*:*:*",
              "matchCriteriaId": "9EC0D196-F7B8-4BDD-9050-779F7A7FBEE4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "A4E9DD8A-A68B-4A69-8B01-BFF92A2020A8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "BF77CDCF-B9C9-427D-B2BF-36650FB2148C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_eus:7.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "21690BAC-2129-4A33-9B48-1F3BF30072A9",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "6755B6AD-0422-467B-8115-34A60B1D1A40",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.3:*:*:*:*:*:*:*",
              "matchCriteriaId": "24C0F4E1-C52C-41E0-9F14-F83ADD5CC7ED",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.6:*:*:*:*:*:*:*",
              "matchCriteriaId": "B76AA310-FEC7-497F-AF04-C3EC1E76C4CC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_server_tus:7.7:*:*:*:*:*:*:*",
              "matchCriteriaId": "17F256A9-D3B9-4C72-B013-4EFD878BFEA8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "E5ED5807-55B7-47C5-97A6-03233F4FBC3A",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:freebsd:freebsd:9.3:-:*:*:*:*:*:*",
              "matchCriteriaId": "A308448F-7FAD-4CAA-B204-94979A0055EC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:freebsd:freebsd:9.3:p1:*:*:*:*:*:*",
              "matchCriteriaId": "9D942069-86FD-4777-B144-27F68845510F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:freebsd:freebsd:9.3:p10:*:*:*:*:*:*",
              "matchCriteriaId": "8BCB79FA-CF26-4DA9-BE6B-DB38F4BD76DE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:freebsd:freebsd:9.3:p12:*:*:*:*:*:*",
              "matchCriteriaId": "6937683B-ADC8-452E-BCD7-34ED8656D75E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:freebsd:freebsd:9.3:p13:*:*:*:*:*:*",
              "matchCriteriaId": "0B50A898-C510-4582-8931-2820D2FFB646",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:freebsd:freebsd:9.3:p16:*:*:*:*:*:*",
              "matchCriteriaId": "5016E4BB-D905-49BF-8B23-40DD9F9BC133",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:freebsd:freebsd:9.3:p19:*:*:*:*:*:*",
              "matchCriteriaId": "C4009691-42D4-4E04-BA72-EAC9E30C30E1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:freebsd:freebsd:9.3:p2:*:*:*:*:*:*",
              "matchCriteriaId": "AC531D8E-31B3-48B1-8B79-85B9FB67CF0E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:freebsd:freebsd:9.3:p20:*:*:*:*:*:*",
              "matchCriteriaId": "4B161FA9-E1A8-407B-80A9-9F57DF4E6932",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:freebsd:freebsd:9.3:p21:*:*:*:*:*:*",
              "matchCriteriaId": "C608B9D9-28DD-4470-A5A2-96B030E8EA0D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:freebsd:freebsd:9.3:p22:*:*:*:*:*:*",
              "matchCriteriaId": "50702FA4-624E-4C47-B672-8479ED7EB00C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:freebsd:freebsd:9.3:p23:*:*:*:*:*:*",
              "matchCriteriaId": "A05DE064-17DC-4BC3-BFA7-1FF31324BB5A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:freebsd:freebsd:9.3:p24:*:*:*:*:*:*",
              "matchCriteriaId": "3785D821-D809-4948-92E0-CD6F93D06D56",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:freebsd:freebsd:9.3:p25:*:*:*:*:*:*",
              "matchCriteriaId": "4F309C4D-DBE9-4FDC-9F71-670FE84E8859",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:freebsd:freebsd:9.3:p28:*:*:*:*:*:*",
              "matchCriteriaId": "F6DF73AA-4270-46C1-BD19-EE0EAE39B6EF",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:freebsd:freebsd:9.3:p3:*:*:*:*:*:*",
              "matchCriteriaId": "B9D919A6-BBEC-416C-8FC0-5CA7B0191E82",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:freebsd:freebsd:9.3:p30:*:*:*:*:*:*",
              "matchCriteriaId": "BC7FC9A7-46A4-4BEC-AD3D-4E986BBB4B1A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:freebsd:freebsd:9.3:p31:*:*:*:*:*:*",
              "matchCriteriaId": "6C1380CA-757C-442D-A15E-7C1EEF309BC2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:freebsd:freebsd:9.3:p32:*:*:*:*:*:*",
              "matchCriteriaId": "B4E26747-28E7-46C6-B9D2-949E7D2B9076",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:freebsd:freebsd:9.3:p33:*:*:*:*:*:*",
              "matchCriteriaId": "0D16FE35-E17F-4520-B2AA-916F586DE052",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:freebsd:freebsd:9.3:p34:*:*:*:*:*:*",
              "matchCriteriaId": "02A6E6C3-1DBF-41C5-8377-A3058AF1A1A1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:freebsd:freebsd:9.3:p35:*:*:*:*:*:*",
              "matchCriteriaId": "168BEEE1-3401-4831-B32A-19874B1C185E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:freebsd:freebsd:9.3:p36:*:*:*:*:*:*",
              "matchCriteriaId": "FE660FBA-AD88-485E-B77B-94513E9CC660",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:freebsd:freebsd:9.3:p38:*:*:*:*:*:*",
              "matchCriteriaId": "04E25F11-56B2-4F49-913A-57FC58EBD87E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:freebsd:freebsd:9.3:p39:*:*:*:*:*:*",
              "matchCriteriaId": "B144DAC7-1B42-4DC2-AE46-6D3AD3296A43",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:freebsd:freebsd:9.3:p5:*:*:*:*:*:*",
              "matchCriteriaId": "22A2F317-2F1A-4D3F-8E31-B5ABFCEE2AAD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:freebsd:freebsd:9.3:p6:*:*:*:*:*:*",
              "matchCriteriaId": "179468E8-0FB7-4E1A-9002-AFC8753027AA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:freebsd:freebsd:9.3:p7:*:*:*:*:*:*",
              "matchCriteriaId": "CF8563F3-DD91-4272-B72D-08F66E2E44C7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:freebsd:freebsd:9.3:p8:*:*:*:*:*:*",
              "matchCriteriaId": "642BCA8F-6432-43D2-9E74-565CC71A9DD1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:freebsd:freebsd:9.3:p9:*:*:*:*:*:*",
              "matchCriteriaId": "09003BFB-72FB-4F89-B62C-4A2505E60630",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:freebsd:freebsd:10.1:-:*:*:*:*:*:*",
              "matchCriteriaId": "794DB6C2-514F-4353-AC31-025D53FFC3FB",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:freebsd:freebsd:10.1:p1:*:*:*:*:*:*",
              "matchCriteriaId": "55448583-DD8E-44FA-9033-CEB8E63FC2C1",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:freebsd:freebsd:10.1:p10:*:*:*:*:*:*",
              "matchCriteriaId": "A238C1FE-D4D3-4EEC-ACBE-341B112123EC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:freebsd:freebsd:10.1:p12:*:*:*:*:*:*",
              "matchCriteriaId": "BABAD599-782F-4BFE-9EE2-0668ECAAC349",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:freebsd:freebsd:10.1:p15:*:*:*:*:*:*",
              "matchCriteriaId": "C263C188-EA00-4110-B9A5-16C0CD0F1DE4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:freebsd:freebsd:10.1:p16:*:*:*:*:*:*",
              "matchCriteriaId": "75F93217-BCD4-4AD4-9621-49C83BA3FFD7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:freebsd:freebsd:10.1:p17:*:*:*:*:*:*",
              "matchCriteriaId": "1860A2E7-8E58-4082-9C71-E4F383244953",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:freebsd:freebsd:10.1:p18:*:*:*:*:*:*",
              "matchCriteriaId": "B07FABAF-00CF-4284-AAC2-F3D6DA3D3841",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:freebsd:freebsd:10.1:p19:*:*:*:*:*:*",
              "matchCriteriaId": "87440763-A4AF-44E9-AB26-155313A64269",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:freebsd:freebsd:10.1:p2:*:*:*:*:*:*",
              "matchCriteriaId": "5F2A6E84-E37B-4E21-BBD9-FDB878D53D58",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:freebsd:freebsd:10.1:p22:*:*:*:*:*:*",
              "matchCriteriaId": "2D5B97BE-4A7F-4482-8A7F-A7DB5314CEA6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:freebsd:freebsd:10.1:p24:*:*:*:*:*:*",
              "matchCriteriaId": "256FDB00-0427-4B72-B9FA-1FE4AD56EC28",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:freebsd:freebsd:10.1:p25:*:*:*:*:*:*",
              "matchCriteriaId": "5EC0C4BA-089F-44B1-A49B-2CDDEC86997B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:freebsd:freebsd:10.1:p26:*:*:*:*:*:*",
              "matchCriteriaId": "F7713F76-A9C7-498B-BEEC-B022D13268A2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:freebsd:freebsd:10.1:p27:*:*:*:*:*:*",
              "matchCriteriaId": "E51647B0-B346-4FCB-97BE-22D43D002B17",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:freebsd:freebsd:10.1:p28:*:*:*:*:*:*",
              "matchCriteriaId": "AD84262A-7EBA-4E69-84C0-401D2FF33145",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:freebsd:freebsd:10.1:p29:*:*:*:*:*:*",
              "matchCriteriaId": "40325D25-ECE7-486E-B654-EAEA69E3D97D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:freebsd:freebsd:10.1:p3:*:*:*:*:*:*",
              "matchCriteriaId": "D5F7A00A-5A6B-46FA-8527-14917C50555A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:freebsd:freebsd:10.1:p30:*:*:*:*:*:*",
              "matchCriteriaId": "CBD1A05A-5BBF-4C18-A5E0-E3A938D0D44C",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:freebsd:freebsd:10.1:p31:*:*:*:*:*:*",
              "matchCriteriaId": "8A8EDDD7-9BE0-4C11-B3E2-6BC63984DA23",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:freebsd:freebsd:10.1:p4:*:*:*:*:*:*",
              "matchCriteriaId": "466EA7B2-FBAF-4325-AD99-F5F4B0E5C0AD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:freebsd:freebsd:10.1:p5:*:*:*:*:*:*",
              "matchCriteriaId": "EAD3F82B-E13C-40CE-BF65-4DA204FCDE93",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:freebsd:freebsd:10.1:p6:*:*:*:*:*:*",
              "matchCriteriaId": "23E2935E-7159-45A2-9164-978453F24BDD",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:freebsd:freebsd:10.1:p7:*:*:*:*:*:*",
              "matchCriteriaId": "1B7F75CF-F808-4BD6-9A46-AA5C1989F740",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:freebsd:freebsd:10.1:p8:*:*:*:*:*:*",
              "matchCriteriaId": "3EC40899-2775-45B9-96C1-8A9E7FAB7A64",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:freebsd:freebsd:10.1:p9:*:*:*:*:*:*",
              "matchCriteriaId": "A22BC7A2-BA8D-4C1D-A51A-7DF7EDEDDCC3",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:freebsd:freebsd:10.2:-:*:*:*:*:*:*",
              "matchCriteriaId": "C1C1DA92-2184-4FB0-8392-AF80E7D6EB2E",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:freebsd:freebsd:10.2:p1:*:*:*:*:*:*",
              "matchCriteriaId": "C59FCA1F-C2F9-4E11-A457-7979C94ECD3D",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:freebsd:freebsd:10.2:p10:*:*:*:*:*:*",
              "matchCriteriaId": "13BA0876-9EFB-474E-83BB-9A53F38ADD4B",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:freebsd:freebsd:10.2:p11:*:*:*:*:*:*",
              "matchCriteriaId": "B757D006-B0C5-4992-A1D7-2EB26C9A36D8",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:freebsd:freebsd:10.2:p12:*:*:*:*:*:*",
              "matchCriteriaId": "D07D5215-F475-42BA-B9B0-395628646C41",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:freebsd:freebsd:10.2:p13:*:*:*:*:*:*",
              "matchCriteriaId": "F0EED80F-53F4-46AA-B76E-FBF158D16544",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:freebsd:freebsd:10.2:p14:*:*:*:*:*:*",
              "matchCriteriaId": "375EAFDB-9E71-4EE8-9BDA-77FF831F2E06",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:freebsd:freebsd:10.2:p2:*:*:*:*:*:*",
              "matchCriteriaId": "041C28B8-8EA6-461D-B6CB-13E3B9FF8411",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:freebsd:freebsd:10.2:p5:*:*:*:*:*:*",
              "matchCriteriaId": "91362F1A-CB09-4505-A724-332C743D9624",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:freebsd:freebsd:10.2:p7:*:*:*:*:*:*",
              "matchCriteriaId": "D7F738CA-C3F4-4A30-9FF6-F0BD1DC1CC84",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:freebsd:freebsd:10.2:p8:*:*:*:*:*:*",
              "matchCriteriaId": "44685E95-3139-4A82-9A8B-EB5379DF0558",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:freebsd:freebsd:10.2:p9:*:*:*:*:*:*",
              "matchCriteriaId": "8F92482C-F8B9-47A7-B5F1-ACBAC2A91646",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:o:freebsd:freebsd:10.3:-:*:*:*:*:*:*",
              "matchCriteriaId": "E30CCEF8-E86A-482F-A77B-175F106D354E",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    },
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:o:siemens:simatic_net_cp_443-1_opc_ua_firmware:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "22EFD09A-3D77-47B0-93FB-50F6C13A2F9A",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        },
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:h:siemens:simatic_net_cp_443-1_opc_ua:-:*:*:*:*:*:*:*",
              "matchCriteriaId": "7F488810-73E3-4475-975A-C2FCA037E78B",
              "vulnerable": false
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ],
      "operator": "AND"
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "The MATCH_ASSOC function in NTP before version 4.2.8p9 and 4.3.x before 4.3.92 allows remote attackers to cause an out-of-bounds reference via an addpeer request with a large hmode value."
    },
    {
      "lang": "es",
      "value": "La funci\u00f3n MATCH_ASSOC en NTP en versiones anteriores 4.2.8p9 y 4.3.x en versiones anteriores a 4.3.92 permite a atacantes remotos provocar una referencia fuera de los l\u00edmites a trav\u00e9s de una solicitud addpeer con un valor hmode grande."
    }
  ],
  "id": "CVE-2016-2518",
  "lastModified": "2025-04-20T01:37:25.860",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 5.0,
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 2.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ],
    "cvssMetricV31": [
      {
        "cvssData": {
          "attackComplexity": "LOW",
          "attackVector": "NETWORK",
          "availabilityImpact": "LOW",
          "baseScore": 5.3,
          "baseSeverity": "MEDIUM",
          "confidentialityImpact": "NONE",
          "integrityImpact": "NONE",
          "privilegesRequired": "NONE",
          "scope": "UNCHANGED",
          "userInteraction": "NONE",
          "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
          "version": "3.1"
        },
        "exploitabilityScore": 3.9,
        "impactScore": 1.4,
        "source": "nvd@nist.gov",
        "type": "Primary"
      }
    ]
  },
  "published": "2017-01-30T21:59:01.080",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183647.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/184669.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00034.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00037.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00052.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00001.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00020.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00026.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00042.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://lists.opensuse.org/opensuse-updates/2016-05/msg00114.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://packetstormsecurity.com/files/136864/Slackware-Security-Advisory-ntp-Updates.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Broken Link"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2016-1552.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://support.ntp.org/bin/view/Main/NtpBug3009"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://support.ntp.org/bin/view/Main/SecurityNotice#April_2016_ntp_4_2_8p7_Security"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160428-ntpd"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.debian.org/security/2016/dsa-3629"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/538233/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.securityfocus.com/archive/1/archive/1/538233/100/0/threaded"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/88226"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1035705"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.ubuntu.com/usn/USN-3096-1"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2016:1141"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-211752.pdf"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-16:16.ntp.asc"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://security.gentoo.org/glsa/201607-15"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://security.netapp.com/advisory/ntap-20171004-0002/"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://support.f5.com/csp/article/K20804323"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-159-11"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://www.debian.org/security/2016/dsa-3629"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://www.kb.cert.org/vuls/id/718152"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183647.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/184669.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00034.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00037.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00052.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00001.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00020.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00026.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00042.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.opensuse.org/opensuse-updates/2016-05/msg00114.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://packetstormsecurity.com/files/136864/Slackware-Security-Advisory-ntp-Updates.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Broken Link"
      ],
      "url": "http://rhn.redhat.com/errata/RHSA-2016-1552.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://support.ntp.org/bin/view/Main/NtpBug3009"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Vendor Advisory"
      ],
      "url": "http://support.ntp.org/bin/view/Main/SecurityNotice#April_2016_ntp_4_2_8p7_Security"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160428-ntpd"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.debian.org/security/2016/dsa-3629"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "Third Party Advisory"
      ],
      "url": "http://www.oracle.com/technetwork/security-advisory/cpujan2018-3236628.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/538233/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.securityfocus.com/archive/1/archive/1/538233/100/0/threaded"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securityfocus.com/bid/88226"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "VDB Entry"
      ],
      "url": "http://www.securitytracker.com/id/1035705"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.ubuntu.com/usn/USN-3096-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://access.redhat.com/errata/RHSA-2016:1141"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-211752.pdf"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-16:16.ntp.asc"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://security.gentoo.org/glsa/201607-15"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory"
      ],
      "url": "https://security.netapp.com/advisory/ntap-20171004-0002/"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://support.f5.com/csp/article/K20804323"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-159-11"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.debian.org/security/2016/dsa-3629"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Third Party Advisory",
        "US Government Resource"
      ],
      "url": "https://www.kb.cert.org/vuls/id/718152"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Deferred",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "CWE-125"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.



Detection rules are retrieved from Rulezet.