NTP before 4.2.8p9 rate limits responses received from the configured sources when rate limiting for all associations is enabled, which allows remote attackers to cause a denial of service (prevent responses from the sources) by sending responses with a spoofed source address.
CVSS Score
7.5
EPSS Score
0.389
Published
2017-01-13
The read_mru_list function in NTP before 4.2.8p9 allows remote attackers to cause a denial of service (crash) via a crafted mrulist query.
CVSS Score
7.5
EPSS Score
0.635
Published
2017-01-13
Page 2