#VU10801 Security restrictions bypass in Network Time Protocol


Published: 2018-03-01

Vulnerability identifier: #VU10801

Vulnerability risk: Low

CVSSv3.1: 5.5 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-7170

CWE-ID: CWE-264

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
Network Time Protocol
Server applications / Other server solutions

Vendor: ntp.org

Description
The vulnerability allows a remote authenticated attacker to bypass security restrictions on the target system.

The weakness exists due to insufficient security restrictions. A remote attacker can create multiple crafted ephemeral associations to bypass security restrictions and modify the clock.

Mitigation
Update to version 4.2.8p11.

Vulnerable software versions

Network Time Protocol: 4.2.0a - 4.2.8p10

External links
http://www.ntp.org/downloads.html
http://www.freebsd.org/ports/master-index.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.


Latest bulletins with this vulnerability


Multiple vulnerabilities in IBM AIX
OpenSUSE Linux update for ntp
Amazon Linux AMI update for ntp
Multiple vulnerabilities in IBM AIX
Gentoo update for NTP
Amazon Linux AMI update for ntp
Arch Linux update for ntp
FreeBSD update for ntpd
Slackware Linux update for ntp
Multiple vulnerabilities in Network Time Protocol