PT-2016-4856 · Ntpsec+7 · Ntpsec+7

Jonathan Gardner

Publicado

2016-04-28

Atualizado

2025-04-20

CVE-2016-1548

CVSS v3.1

7.2

Alta

Vetor

AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:L

Name of the Vulnerable Software and Affected Versions NTP versions 4.2.8p4 and earlier NTPSec version aa48d001683e5b791a743ec9c575aaf7d867a2b0c

Description An attacker can spoof a packet from a legitimate ntpd server with an origin timestamp that matches the peer->dst timestamp recorded for that server. This allows the attacker to change the time of an ntpd client or deny service to an ntpd client by forcing it to change from basic client/server mode to interleaved symmetric mode. After making this switch, the client will reject all future legitimate server responses. It is possible to force the victim client to move time after the mode has been changed.

Recommendations For NTP versions 4.2.8p4 and earlier, consider updating to a newer version to mitigate the risk. For NTPSec version aa48d001683e5b791a743ec9c575aaf7d867a2b0c, consider updating to a newer version to mitigate the risk. As a temporary workaround, consider restricting access to the ntpd server to minimize the risk of exploitation.

Exploit

Correção

DoS

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-19

Identificadores relacionados

CESA-2016_1141

CVE-2016-1548

DLA-559-1

DSA-3629-1

MGASA-2016-0174

OPENSUSE-SU-2016_1329-1

OPENSUSE-SU-2024:10181-1

RHSA-2016:1141

RHSA-2016:1552

RHSA-2016_1141

SUSE-SU-2016:1278-1

SUSE-SU-2016:1291-1

SUSE-SU-2016:1471-1

SUSE-SU-2016:1568-1

USN-3096-1

Produtos afetados

Centos

Cisco Nexus

Freebsd

Ntp

Ntpsec

Red Hat

Suse

Ubuntu

PT-2016-4856 · Ntpsec+7 · Ntpsec+7

CVE-2016-1548

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 161