Denial of service in Network Time Protocol

#VU10799 Denial of service in Network Time Protocol

Published: 2018-03-01

Vulnerability identifier: #VU10799

Vulnerability risk: Low

CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-7184

CWE-ID: CWE-264

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
Network Time Protocol
Server applications / Other server solutions

Vendor: ntp.org

Description
The vulnerability allows a remote attacker to cause DoS condition on the target system.

The weakness exists due to insufficient security restrictions. A remote attacker can cause interleaved symmetric mode to crash.

Mitigation
Update to version 4.2.8p11 or later.

Vulnerable software versions

Network Time Protocol: 4.2.8p6 - 4.2.8p10

External links
http://support.ntp.org/bin/view/Main/SecurityNotice#February_2018_ntp_4_2_8p11_NTP_S
http://support.ntp.org/bin/view/Main/NtpBug3453

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Multiple vulnerabilities in IBM AIX

Gentoo update for NTP

Amazon Linux AMI update for ntp

Arch Linux update for ntp

FreeBSD update for ntpd

Slackware Linux update for ntp

Multiple vulnerabilities in Network Time Protocol