### [CVE-2016-7434](https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7434)
![](https://img.shields.io/static/v1?label=Product&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Version&message=n%2Fa&color=blue)
![](https://img.shields.io/static/v1?label=Vulnerability&message=n%2Fa&color=brighgreen)

### Description

The read_mru_list function in NTP before 4.2.8p9 allows remote attackers to cause a denial of service (crash) via a crafted mrulist query.

### POC

#### Reference
- https://hackerone.com/reports/147310
- https://www.exploit-db.com/exploits/40806/
- https://www.kb.cert.org/vuls/id/633847

#### Github
- https://github.com/ARPSyndicate/cvemon
- https://github.com/NCSU-DANCE-Research-Group/CDL
- https://github.com/cved-sources/cve-2016-7434
- https://github.com/eb613819/CTF_CVE-2016-10033
- https://github.com/mrash/afl-cve
- https://github.com/opsxcq/exploit-CVE-2016-7434
- https://github.com/q40603/Continuous-Invivo-Fuzz
- https://github.com/shekkbuilder/CVE-2016-7434