Endpoint Vulnerability

CVE-2015-7704ntp: disabling synchronization via crafted KoD packet

Description

It was discovered that ntpd as a client did not correctly check timestamps in Kiss-of-Death packets. A remote attacker could use this flaw to send a crafted Kiss-of-Death packet to an ntpd client that would increase the client's polling interval value, and effectively disable synchronization with the server.

Affected Products

ntp

References

CVE-2015-7704,