CVE-2016-9311 log

Source
Severity Medium
Remote Yes
Type Denial of service
Description
ntpd does not enable trap service by default. If trap service has been explicitly enabled, an attacker can send a specially crafted packet to cause a null pointer dereference that will crash ntpd, resulting in a denial of service.
Group Package Affected Fixed Severity Status Ticket
AVG-80 ntp 4.2.8.p8-1 4.2.8.p9-1 High Fixed
AVG-79 ntp 4.2.8.p8-1 4.2.8.p9-1 High Fixed
Date Advisory Group Package Severity Description
26 Nov 2016 ASA-201611-28 AVG-79 ntp High multiple issues
References
http://support.ntp.org/bin/view/Main/NtpBug3119
Notes
Mitigation:
Use "restrict default noquery ..." in your ntp.conf file. Only allow mode 6 queries from trusted networks and hosts.