CVE-2016-4956

Name of the Vulnerable Software and Affected Versions NTP versions prior to 4.2.8p8

Description The issue allows remote attackers to cause a denial of service or modify the time being advertised by a device acting as a Network Time Protocol server via a spoofed broadcast packet. This is due to an incomplete fix for a previous issue. Multiple vulnerabilities exist, including Network Time Protocol CRYPTO-NAK Denial of Service, Network Time Protocol Bad Authentication, Network Time Protocol Processing Spoofed Server Packets, Network Time Protocol Autokey Association Reset, and Network Time Protocol Broadcast Interleave.

Recommendations For versions prior to 4.2.8p8, update to version 4.2.8p8 or later to resolve the issue. As a temporary workaround, consider restricting access to the ntpd package to minimize the risk of exploitation. Additionally, workarounds may be available and documented in the Cisco bug for each affected product.