cvedb.io
CVE-2016-9042
MEDIUM · CVSS 5.9
EPSS exploitation probability: 0%
Published 2018-06-04T20:29:00.417 · Last modified 2026-06-17T00:55:20.353

Summary

An exploitable denial of service vulnerability exists in the origin timestamp check functionality of ntpd 4.2.8p9. A specially crafted unauthenticated network packet can be used to reset the expected origin timestamp for target peers. Legitimate replies from targeted peers will fail the origin timestamp check (TEST2) causing the reply to be dropped and creating a denial of service condition.

Affected products

ntp — ntp

Does this affect you?

Add your gear to cvedb and we'll alert you only when ntp ships something exploited.

Check my exposure →

References

This product uses data from the NVD API but is not endorsed or certified by the NVD. Informational only; not professional security advice.