CVE-2016-7428

Name of the Vulnerable Software and Affected Versions NTP versions prior to 4.2.8p9

Description The issue allows remote attackers to cause a denial of service, potentially by exploiting the poll interval in a broadcast packet or through a NULL pointer dereference when the trap service is enabled. This could be achieved by sending specially crafted packets. Multiple vulnerabilities in the NTP daemon package could allow an unauthenticated, remote attacker to cause a denial of service condition or modify the time being advertised by a device acting as an NTP server.

Recommendations For NTP versions prior to 4.2.8p9, update to version 4.2.8p9 or later to resolve the issue. As a temporary workaround, consider disabling the trap service to minimize the risk of exploitation. Restrict access to broadcast mode packets to prevent denial of service attacks. Avoid using the poll interval in broadcast packets until the issue is resolved.