Vulnerability Description
The MATCH_ASSOC function in NTP before version 4.2.8p9 and 4.3.x before 4.3.92 allows remote attackers to cause an out-of-bounds reference via an addpeer request with a large hmode value.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Ntp | Ntp | < 4.2.8 |
| Debian | Debian Linux | 8.0 |
| Netapp | Clustered Data Ontap | - |
| Netapp | Data Ontap | - |
| Netapp | Oncommand Balance | - |
| Netapp | Oncommand Performance Manager | - |
| Netapp | Oncommand Unified Manager For Clustered Data Ontap | - |
| Oracle | Communications User Data Repository | 10.0.0 |
| Oracle | Linux | 6 |
| Redhat | Enterprise Linux Desktop | 7.0 |
| Redhat | Enterprise Linux Server | 6.0 |
| Redhat | Enterprise Linux Server Aus | 7.2 |
| Redhat | Enterprise Linux Server Eus | 7.2 |
| Redhat | Enterprise Linux Server Tus | 7.2 |
| Redhat | Enterprise Linux Workstation | 6.0 |
| Freebsd | Freebsd | 9.3 |
| Siemens | Simatic Net Cp 443-1 Opc Ua Firmware | All versions |
| Siemens | Simatic Net Cp 443-1 Opc Ua | - |
Related Weaknesses (CWE)
References
- http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183647.html
- http://lists.fedoraproject.org/pipermail/package-announce/2016-May/184669.html
- http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00034.html
- http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00037.html
- http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00052.html
- http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00001.html
- http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00020.html
- http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00026.html
- http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00042.html
- http://lists.opensuse.org/opensuse-updates/2016-05/msg00114.html
- http://packetstormsecurity.com/files/136864/Slackware-Security-Advisory-ntp-Upda
- http://rhn.redhat.com/errata/RHSA-2016-1552.htmlBroken Link
- http://support.ntp.org/bin/view/Main/NtpBug3009Vendor Advisory
- http://support.ntp.org/bin/view/Main/SecurityNotice#April_2016_ntp_4_2_8p7_SecurVendor Advisory
- http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20
FAQ
What is CVE-2016-2518?
CVE-2016-2518 is a vulnerability with a CVSS score of 5.3 (MEDIUM). The MATCH_ASSOC function in NTP before version 4.2.8p9 and 4.3.x before 4.3.92 allows remote attackers to cause an out-of-bounds reference via an addpeer request with a large hmode value.
How severe is CVE-2016-2518?
CVE-2016-2518 has been rated MEDIUM with a CVSS base score of 5.3/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2016-2518?
Check the references section above for vendor advisories and patch information. Affected products include: Ntp Ntp, Debian Debian Linux, Netapp Clustered Data Ontap, Netapp Data Ontap, Netapp Oncommand Balance.