cve/CVE-2016-6301.md at 7909e50b64548be2689e5ad0bc37714dc0608a96

admin/cve

mirror of https://github.com/0xMarcio/cve.git synced 2025-06-19 17:30:12 +00:00

0xMarcio 49bdc782b3 Update Sun May 26 14:27:04 CEST 2024

2024-05-26 14:27:05 +02:00

Description

The recv_and_process_client_pkt function in networking/ntpd.c in busybox allows remote attackers to cause a denial of service (CPU and bandwidth consumption) via a forged NTP packet, which triggers a communication loop.

POC

Reference

http://packetstormsecurity.com/files/153278/WAGO-852-Industrial-Managed-Switch-Series-Code-Execution-Hardcoded-Credentials.html
http://packetstormsecurity.com/files/154361/Cisco-Device-Hardcoded-Credentials-GNU-glibc-BusyBox.html
http://seclists.org/fulldisclosure/2019/Jun/18
http://seclists.org/fulldisclosure/2019/Sep/7
http://seclists.org/fulldisclosure/2020/Aug/20
http://seclists.org/fulldisclosure/2020/Mar/15
https://seclists.org/bugtraq/2019/Jun/14
https://seclists.org/bugtraq/2019/Sep/7

Github

https://github.com/ARPSyndicate/cvemon

1.1 KiB Raw Blame History

CVE-2016-6301

Description

POC

Reference

Github

1.1 KiB

Raw Blame History