November 2016 NTP Security Vulnerability Announcement
Issue
NTP Vulnerability Announcement November 21st 2016
-
Red Hat Security Bugzillas Rated Moderate
CVE-2016-7426 - Bugzilla 1397345 ntp: Client rate limiting and server responses
CVE-2016-7427 - Bugzilla 1397329 ntp: Broadcast Mode Replay Prevention DoS
CVE-2016-7431 - Bugzilla 1397331 ntp: Zero Origin timestamp regression
CVE-2016-7433 - Bugzilla 1397347 ntp: Broken initial sync calculations regressionCVE-2016-9310 - Bugzilla 1397319 ntp: Mode 6 unauthenticated trap information disclosure and DDoS vector
CVE-2016-9311 - Bugzilla 1398350 ntp: Null pointer dereference when trap service is enabled -
Red Hat Security Bugzillas Rated Low
CVE-2016-7428 - Bugzilla 1397328 ntp: Broadcast Mode Poll Interval Enforcement DoS
CVE-2016-7429 - Bugzilla 1397341 ntp: Attack on interface selection
CVE-2016-7434 - Bugzilla 1397334 ntp: read_mru_list() does inadequate incoming packet checks
Environment
- Red Hat Enterprise Linux 7
- Red Hat Enterprise Linux 6
Subscriber exclusive content
A Red Hat subscription provides unlimited access to our knowledgebase of over 48,000 articles and solutions.
Welcome! Check out the Getting Started with Red Hat page for quick tours and guides for common tasks.
