CVE-2016-2516

Priority
Description
NTP before 4.2.8p7 and 4.3.x before 4.3.92, when mode7 is enabled, allows
remote attackers to cause a denial of service (ntpd abort) by using the
same IP address multiple times in an unconfig directive.
Package
Source: ntp (LP Ubuntu Debian)
Upstream:released (1:4.2.8p7+dfsg-1)
Ubuntu 12.04 ESM (Precise Pangolin):released (1:4.2.6.p3+dfsg-1ubuntu3.11)
Ubuntu 14.04 LTS (Trusty Tahr):released (1:4.2.6.p5+dfsg-3ubuntu2.14.04.10)
Ubuntu 16.04 LTS (Xenial Xerus):released (1:4.2.8p4+dfsg-3ubuntu5.3)
Patches:
Upstream:http://bk1.ntp.org/ntp-stable/?PAGE=patch&REV=56bb8b59YMEsaddCqjR8OVyYkVFaaQ
Vendor:http://pkgs.fedoraproject.org/cgit/rpms/ntp.git/tree/ntp-4.2.6p5-cve-2016-2516.patch
More Information

Updated: 2018-10-31 21:22:56 UTC (commit cfa7cf69d76449ccff972ac22f40976a08d908c2)