CVE-2016-9310 - log back

CVE-2016-9310 created at 25 Sep 2019 19:31:40
Severity
+ High
Remote
+ Remote
Type
+ Denial of service
Description
+ An exploitable configuration modification vulnerability exists in the control mode (mode 6) functionality of ntpd. If, against long-standing BCP recommendations, "restrict default noquery ..." is not specified, a specially crafted control mode packet can set ntpd traps, providing information disclosure and DDoS amplification, and unset ntpd traps, disabling legitimate monitoring. A remote, unauthenticated, network attacker can trigger this vulnerability.
References
+ http://support.ntp.org/bin/view/Main/NtpBug3118
Notes
+ Mitigation:
+ Use "restrict default noquery ..." in your ntp.conf file.