{"id":"CVE-2016-4957","details":"ntpd in NTP before 4.2.8p8 allows remote attackers to cause a denial of service (daemon crash) via a crypto-NAK packet.  NOTE: this vulnerability exists because of an incorrect fix for CVE-2016-1547.","modified":"2026-03-15T22:22:20.884389Z","published":"2016-07-05T01:59:04.283Z","related":["SUSE-SU-2016:1563-1","SUSE-SU-2016:1568-1","SUSE-SU-2016:1584-1","SUSE-SU-2016:1602-1","openSUSE-SU-2024:10181-1"],"references":[{"type":"ADVISORY","url":"https://security.FreeBSD.org/advisories/FreeBSD-SA-16:24.ntp.asc"},{"type":"ADVISORY","url":"http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00024.html"},{"type":"ADVISORY","url":"http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00028.html"},{"type":"ADVISORY","url":"http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00040.html"},{"type":"ADVISORY","url":"http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html"},{"type":"ADVISORY","url":"http://www.securitytracker.com/id/1036037"},{"type":"ADVISORY","url":"https://security.gentoo.org/glsa/201607-15"},{"type":"ADVISORY","url":"http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00018.html"},{"type":"ADVISORY","url":"http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00023.html"},{"type":"ADVISORY","url":"http://support.ntp.org/bin/view/Main/SecurityNotice"},{"type":"ADVISORY","url":"http://www.kb.cert.org/vuls/id/321640"},{"type":"REPORT","url":"http://bugs.ntp.org/3046"},{"type":"FIX","url":"http://support.ntp.org/bin/view/Main/NtpBug3046"}],"affected":[{"database_specific":{"source":"https://storage.googleapis.com/cve-osv-conversion/osv-output/CVE-2016-4957.json","unresolved_ranges":[{"events":[{"introduced":"0"},{"last_affected":"4.2.8-p7"}]},{"events":[{"introduced":"0"},{"last_affected":"4.3.92"}]},{"events":[{"introduced":"0"},{"last_affected":"10"}]},{"events":[{"introduced":"0"},{"last_affected":"11.3"}]},{"events":[{"introduced":"0"},{"last_affected":"2.1"}]},{"events":[{"introduced":"0"},{"last_affected":"5"}]},{"events":[{"introduced":"0"},{"last_affected":"2.1"}]},{"events":[{"introduced":"0"},{"last_affected":"42.1"}]},{"events":[{"introduced":"0"},{"last_affected":"13.2"}]},{"events":[{"introduced":"0"},{"last_affected":"12-sp1"}]},{"events":[{"introduced":"0"},{"last_affected":"11-sp2"}]},{"events":[{"introduced":"0"},{"last_affected":"11-sp3"}]},{"events":[{"introduced":"0"},{"last_affected":"11-sp4"}]},{"events":[{"introduced":"0"},{"last_affected":"12-sp1"}]}]}}],"schema_version":"1.7.5","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}]}