Home CVE Database CVE-2016-1547

CVE-2016-1547

Description

An off-path attacker can cause a preemptable client association to be demobilized by sending a crypto NAK packet to a victim client with a spoofed source address of an existing associated peer. This is true even if authentication is enabled. Furthermore, if the attacker keeps sending crypto NAK packets, for example every one second, the victim never has a chance to reestablish the association and synchronize time with the legitimate server.

Priority: MEDIUM
CVSS v3: 5.3
Publish Date: Jun 12, 2016
Related ID: --
CVSS v2: Medium
Modified Date: Jun 12, 2016

Find out more about CVE-2016-1547 from the MITRE-CVE dictionary and NIST NVD


Products Affected

Login may be required to access defects or downloads.

Related Products

Product Name Status Defect Fixed Downloads
Linux 7 SCP Not Vulnerable -- -- --
Linux 7 CGP Not Vulnerable -- -- --

Comments

ntp

Live chat
Online