CVE-2016-4957

High

ntpd in NTP before 4.2.8p8 allows remote attackers to cause a denial of service (daemon crash) via a crypto-NAK packet. NOTE: this…

mitre·CWE-476·Published 2016-07-05

CVSS

7.5

EPSS

0.45

KEV

Exploits

Vendor statements (7)

cve.orgen

199 chars

ntpd in NTP before 4.2.8p8 allows remote attackers to cause a denial of service (daemon crash) via a crypto-NAK packet. NOTE: this vulnerability exists because of an incorrect fix for CVE-2016-1547.

NVDes

250 chars

ntpd en NTP en versiones anteriores a 4.2.8p8 permite a atacantes remotos provocar una denegación de servicio (caída del demonio) a través de un paquete crypto-NAK. NOTA: esta vulnerabilidad existe debido a una solución incorrecta para CVE-2016-1547.

CVSS metrics across sources

Version	Type	Source	Base	Exp	Impact	Vector
2.0	Primary	NVD	5.0	10.0	2.9	AV:N/AC:L/Au:N/C:N/I:N/A:P
3.1	Primary	NVD	7.5	3.9	3.6	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H