NTPD read_mru_list() DoS Layman Analysis

Background: NTP stands for Network Time Protocol, which is a UDP based protocol designed to synchronize clocks of devices over a network with Coordinated Universal Time (UTC). In it’s fourth version, it is one of the oldest networking protocols. NTP.org implemented this as a daemon. Many vendors use this implementation in their products. In it’s … Continue reading “NTPD read_mru_list() DoS Layman Analysis”

NTP CVE-2016-7434 Vulnerability Analysis

Last week, the Network Time Foundation’s NTP Project released a new version, NTP 4.2.8p9,  to fix 10 security vulnerabilities. We noticed that after the new release came out, the original research published a POC for exploiting CVE-2016-7434. This blog is about the verifying the exploit published and a deep analysis about this vulnerability. NTP MRU … Continue reading “NTP CVE-2016-7434 Vulnerability Analysis”