vulnerability
Oracle Linux: CVE-2016-7433: ELSA-2017-0252: ntp security update (MODERATE)
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 5 | (AV:N/AC:L/Au:N/C:N/I:N/A:P) | Nov 21, 2016 | Feb 7, 2017 | Dec 3, 2025 |
Severity
5
CVSS
(AV:N/AC:L/Au:N/C:N/I:N/A:P)
Published
Nov 21, 2016
Added
Feb 7, 2017
Modified
Dec 3, 2025
Description
NTP before 4.2.8p9 does not properly perform the initial sync calculations, which allows remote attackers to unspecified impact via unknown vectors, related to a "root distance that did not include the peer dispersion."
A flaw was found in the way ntpd calculated the root delay. A remote attacker could send a specially-crafted spoofed packet to cause denial of service or in some special cases even crash.
A flaw was found in the way ntpd calculated the root delay. A remote attacker could send a specially-crafted spoofed packet to cause denial of service or in some special cases even crash.
Solutions
oracle-linux-upgrade-ntporacle-linux-upgrade-ntpdateoracle-linux-upgrade-ntp-docoracle-linux-upgrade-ntp-perloracle-linux-upgrade-sntp
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.