CVE-2018-12327

Name of the Vulnerable Software and Affected Versions NTP version 4.2.8p11 Eltex ESR-200 (affected versions not specified) NTP (affected versions not specified)

Description The issue is related to the implementation of the NTP protocol, which can lead to security restrictions being bypassed. An attacker could exploit this by creating many ephemeral associations to win the clock selection of ntpd and modify a victim's clock. Additionally, there is a stack-based buffer overflow in ntpq and ntpdc, allowing an attacker to achieve code execution or escalate to higher privileges via a long string as the argument for an IPv4 or IPv6 command-line parameter.

Recommendations For NTP version 4.2.8p11, consider updating to a newer version that addresses the stack-based buffer overflow issue. For Eltex ESR-200, restrict access to the NTP protocol implementation to minimize the risk of exploitation due to the uncontrolled resource consumption vulnerability. For NTP, to mitigate the Sybil attack vulnerability, consider implementing restrictions on the creation of ephemeral associations to prevent an attacker from winning the clock selection of ntpd. At the moment, there is no information about a newer version that contains a fix for this vulnerability in all cases.