← back
CVE-2016-2518

CVE-2016-2518

EPSS 15.2%
The MATCH_ASSOC function in NTP before version 4.2.8p9 and 4.3.x before 4.3.92 allows remote attackers to cause an out-of-bounds reference via an addpeer request with a large hmode value.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183647.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2016-May/184669.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-05/msg00034.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-05/msg00037.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-05/msg00052.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-06/msg00001.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-06/msg00020.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-07/msg00026.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-08/msg00042.htmlhttp://lists.opensuse.org/opensuse-updates/2016-05/msg00114.htmlhttp://packetstormsecurity.com/files/136864/Slackware-Security-Advisory-ntp-Updates.htmlhttp://rhn.redhat.com/errata/RHSA-2016-1552.html