NTP Daemon CRYPTO_NAK Denial Of Service Vulnerability (CVE-2016-4957)
Publish Date: 11 Januar 2017
Schweregrad:: Hoch
Beschreibung
A denial of service vulnerability exists in the Network Time Protocol daemon (NTPD). The vulnerability is due to a null pointer dereference when handling crypto-NAK packets. A remote attacker can exploit this vulnerability by sending an unsolicited crypto-NAK packet to the target service. Successful exploitation may result in denial-of-service conditions.
Trend Micro Lösungen
Apply associated Trend Micro DPI Rules.
Lösungen
Trend Micro Deep Security DPI Rule Number: 1008086