CVE ID:	CVE-2016-1548
Description:	An attacker can spoof a packet from a legitimate ntpd server with an origin timestamp that matches the peer->dst timestamp recorded for that server. After making this switch, the client in NTP 4.2.8p4 and earlier and NTPSec aa48d001683e5b791a743ec9c575aaf7d867a2b0c will reject all future legitimate server responses. It is possible to force the victim client to move time after the mode has been changed. ntpq gives no indication that the mode has been switched.
Test IDs:	1.3.6.1.4.1.25623.1.1.10.2016.0219   1.3.6.1.4.1.25623.1.0.871622   1.3.6.1.4.1.25623.1.0.703629   1.3.6.1.4.1.25623.1.1.4.2016.2094.1   1.3.6.1.4.1.25623.1.0.882495   1.3.6.1.4.1.25623.1.1.1.2.2016.559   1.3.6.1.4.1.25623.1.0.882500
Cross References:	Common Vulnerability Exposure (CVE) ID: CVE-2016-1548 BugTraq ID: 88264 http://www.securityfocus.com/bid/88264 Bugtraq: 20160429 [slackware-security] ntp (SSA:2016-120-01) (Google Search) http://www.securityfocus.com/archive/1/538233/100/0/threaded Bugtraq: 20160429 [slackware-security] ntp (SSA:2016-120-01) (Google Search) http://www.securityfocus.com/archive/1/archive/1/538233/100/0/threaded CERT/CC vulnerability note: VU#718152 https://www.kb.cert.org/vuls/id/718152 Cisco Security Advisory: 20160428 Multiple Vulnerabilities in Network Time Protocol Daemon Affecting Cisco Products: April 2016 http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160428-ntpd Debian Security Information: DSA-3629 (Google Search) http://www.debian.org/security/2016/dsa-3629 Debian Security Information: DSA-3629 (Google Search) https://www.debian.org/security/2016/dsa-3629 http://lists.fedoraproject.org/pipermail/package-announce/2016-May/184669.html http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183647.html FreeBSD Security Advisory: FreeBSD-SA-16:16 https://security.FreeBSD.org/advisories/FreeBSD-SA-16:16.ntp.asc https://security.gentoo.org/glsa/201607-15 http://packetstormsecurity.com/files/136864/Slackware-Security-Advisory-ntp-Updates.html http://www.talosintelligence.com/reports/TALOS-2016-0082/ https://us-cert.cisa.gov/ics/advisories/icsa-21-103-11 https://us-cert.cisa.gov/ics/advisories/icsa-21-159-11 https://www.arista.com/en/support/advisories-notices/security-advisories/1332-security-advisory-19 https://www.talosintelligence.com/vulnerability_reports/TALOS-2016-0082 RedHat Security Advisories: RHSA-2016:1141 https://access.redhat.com/errata/RHSA-2016:1141 RedHat Security Advisories: RHSA-2016:1552 http://rhn.redhat.com/errata/RHSA-2016-1552.html http://www.securitytracker.com/id/1035705 SuSE Security Announcement: SUSE-SU-2016:1278 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00034.html SuSE Security Announcement: SUSE-SU-2016:1291 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00037.html SuSE Security Announcement: SUSE-SU-2016:1471 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00001.html SuSE Security Announcement: SUSE-SU-2016:1568 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00020.html SuSE Security Announcement: SUSE-SU-2016:1912 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00026.html SuSE Security Announcement: SUSE-SU-2016:2094 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00042.html SuSE Security Announcement: openSUSE-SU-2016:1329 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00052.html SuSE Security Announcement: openSUSE-SU-2016:1423 (Google Search) http://lists.opensuse.org/opensuse-updates/2016-05/msg00114.html http://www.ubuntu.com/usn/USN-3096-1