#VU10806 Security restrictions bypass in Network Time Protocol


Published: 2018-03-01

Vulnerability identifier: #VU10806

Vulnerability risk: Low

CVSSv3.1: 6.4 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L/E:U/RL:O/RC:C]

CVE-ID: CVE-2016-1549

CWE-ID: CWE-264

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
Network Time Protocol
Server applications / Other server solutions

Vendor: ntp.org

Description
The vulnerability allows a remote attacker to bypass security restrictions on the target system.

The weakness exists due to insufficient security restrictions. A remote attacker can create multiple crafted ephemeral associations to bypass security restrictions and modify the clock.

Mitigation
Install update from vendor's website.

Vulnerable software versions

Network Time Protocol: 4.2.0a - 4.3.70

External links
http://support.ntp.org/bin/view/Main/NtpBug3012

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.


Latest bulletins with this vulnerability


Amazon Linux AMI update for ntp
Slackware Linux update for ntp
Multiple vulnerabilities in IBM AIX
Amazon Linux AMI update for ntp
Arch Linux update for ntp
Slackware Linux update for ntp
Multiple vulnerabilities in Network Time Protocol