Improper input validation in Network Time Protocol

#VU10803 Improper input validation in Network Time Protocol

Published: 2018-03-01

Vulnerability identifier: #VU10803

Vulnerability risk: Low

CVSSv3.1: 2.7 [CVSS:3.1/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2018-7185

CWE-ID: CWE-20

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
Network Time Protocol
Server applications / Other server solutions

Vendor: ntp.org

Description
The vulnerability allows a remote authenticated attacker to cause DoS condition on the target system.

The weakness exists due to insufficient validation of user-supplied input. A remote attacker can submit continuous crafted packets and cause the service to crash.

Mitigation
Update to version ntp-4.2.8p11 or later.

Vulnerable software versions

Network Time Protocol: 4.2.6 - 4.2.8p10

External links
http://www.ntp.org/downloads.html
http://www.freebsd.org/ports/master-index.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.

Latest bulletins with this vulnerability

Multiple vulnerabilities in IBM AIX

Gentoo update for NTP

Amazon Linux AMI update for ntp

Arch Linux update for ntp

FreeBSD update for ntpd

Slackware Linux update for ntp

Multiple vulnerabilities in Network Time Protocol