#VU54022 Input validation error


Published: 2021-06-10

Vulnerability identifier: #VU54022

Vulnerability risk: Medium

CVSSv3.1: 4.6 [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N/E:U/RL:O/RC:C]

CVE-ID: CVE-2015-8138

CWE-ID: CWE-20

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
ntp
Server applications / Other server solutions

Vendor: ntp.org

Description

The vulnerability allows a remote attacker to compromise the target system.

The vulnerability exists due to insufficient validation of user-supplied input. A remote attacker can bypass the origin timestamp validation via a packet with an origin timestamp set to zero.

Mitigation
Install updates from vendor's website.

Vulnerable software versions

ntp: 4.2.8p1, 4.2.8p2, 4.2.8p3, 4.2.8p4, 4.2.8p5, 4.3.0, 4.3.1, 4.3.2, 4.3.3, 4.3.4, 4.3.5, 4.3.6, 4.3.7, 4.3.8, 4.3.9, 4.3.10, 4.3.11, 4.3.12, 4.3.13, 4.3.14, 4.3.15, 4.3.16, 4.3.17, 4.3.18, 4.3.19, 4.3.20, 4.3.21, 4.3.22, 4.3.23, 4.3.24, 4.3.25, 4.3.26, 4.3.27, 4.3.28, 4.3.29, 4.3.30, 4.3.31, 4.3.32, 4.3.33, 4.3.34, 4.3.35, 4.3.36, 4.3.37, 4.3.38, 4.3.39, 4.3.40, 4.3.41, 4.3.42, 4.3.43, 4.3.44, 4.3.45, 4.3.46, 4.3.47, 4.3.48, 4.3.49, 4.3.50, 4.3.51, 4.3.52, 4.3.53, 4.3.54, 4.3.55, 4.3.56, 4.3.57, 4.3.58, 4.3.59, 4.3.60, 4.3.61, 4.3.62, 4.3.63, 4.3.64, 4.3.65, 4.3.66, 4.3.67, 4.3.68, 4.3.69, 4.3.70, 4.3.71, 4.3.72, 4.3.73, 4.3.74, 4.3.75, 4.3.76, 4.3.77, 4.3.78, 4.3.79, 4.3.80, 4.3.81, 4.3.82, 4.3.83, 4.3.84, 4.3.85, 4.3.86, 4.3.87, 4.3.88, 4.3.89

CPE

External links
https://www.kb.cert.org/vuls/id/718152
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161123-ntpd
https://security.gentoo.org/glsa/201607-15
https://bto.bluecoat.com/security-advisory/sa113
http://www.ubuntu.com/usn/USN-3096-1
http://www.securitytracker.com/id/1034782
http://www.securityfocus.com/bid/81811
http://www.debian.org/security/2016/dsa-3629
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160428-ntpd
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160127-ntpd
http://support.ntp.org/bin/view/Main/SecurityNotice#April_2016_NTP_4_2_8p7_Security
http://rhn.redhat.com/errata/RHSA-2016-0063.html
http://lists.opensuse.org/opensuse-updates/2016-05/msg00114.html
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00042.html
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00026.html
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00048.html
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00038.html
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00020.html
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00060.html
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00059.html
http://lists.fedoraproject.org/pipermail/package-announce/2016-January/176434.html
http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177507.html
http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html
https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03750en_us
https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03766en_us
https://security.netapp.com/advisory/ntap-20171031-0001/
https://security.netapp.com/advisory/ntap-20171004-0002/
https://security.FreeBSD.org/advisories/FreeBSD-SA-16:09.ntp.asc
https://cert-portal.siemens.com/productcert/pdf/ssa-497656.pdf
https://us-cert.cisa.gov/ics/advisories/icsa-21-103-11
https://cert-portal.siemens.com/productcert/pdf/ssa-211752.pdf


Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.


Latest bulletins with this vulnerability