CVE-2016-7431

Name of the Vulnerable Software and Affected Versions NTP versions prior to 4.2.8p9

Description The issue allows remote attackers to bypass the origin timestamp protection mechanism via an origin timestamp of zero. This is due to a regression of a previous issue. Multiple vulnerabilities could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition or modify the time being advertised by a device acting as a Network Time Protocol (NTP) server. These vulnerabilities include issues with the Network Time Protocol Trap Service, Broadcast Mode, Insufficient Resource Pool, Configuration Modification, mrulist Query Requests, Multiple Binds to the Same Port, and Rate Limiting.

Recommendations For NTP versions prior to 4.2.8p9, update to version 4.2.8p9 or later to resolve the issue. As a temporary workaround, consider restricting access to the NTP service to minimize the risk of exploitation. Additionally, workarounds may be available and are documented in the Cisco bug for each affected product.