CVE-2016-1548

An attacker can spoof a packet from a legitimate ntpd server with an origin timestamp that matches the peer->dst timestamp recorded for that server. After making this switch, the client in NTP 4.2.8p4 and earlier and NTPSec aa48d001683e5b791a743ec9c575aaf7d867a2b0c will reject all future legitimate server responses. It is possible to force the victim client to move time after the mode has been changed. ntpq gives no indication that the mode has been switched.
References
Link Resource
http://www.talosintelligence.com/reports/TALOS-2016-0082/ Exploit Third Party Advisory
http://www.securityfocus.com/bid/88264
http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html
http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html
https://security.gentoo.org/glsa/201607-15
http://www.securitytracker.com/id/1035705
http://www.debian.org/security/2016/dsa-3629
https://security.netapp.com/advisory/ntap-20171004-0002/
https://security.FreeBSD.org/advisories/FreeBSD-SA-16:16.ntp.asc
https://access.redhat.com/errata/RHSA-2016:1141
http://rhn.redhat.com/errata/RHSA-2016-1552.html
https://cert-portal.siemens.com/productcert/pdf/ssa-497656.pdf
https://us-cert.cisa.gov/ics/advisories/icsa-21-103-11
https://cert-portal.siemens.com/productcert/pdf/ssa-211752.pdf
http://packetstormsecurity.com/files/136864/Slackware-Security-Advisory-ntp-Updates.html
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00020.html
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00052.html
http://www.securityfocus.com/archive/1/538233/100/0/threaded
http://lists.opensuse.org/opensuse-updates/2016-05/msg00114.html
https://www.debian.org/security/2016/dsa-3629
https://www.kb.cert.org/vuls/id/718152
http://lists.fedoraproject.org/pipermail/package-announce/2016-May/184669.html
http://www.ubuntu.com/usn/USN-3096-1
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00034.html
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00037.html
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00026.html
https://us-cert.cisa.gov/ics/advisories/icsa-21-159-11
http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183647.html
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00001.html
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00042.html
https://www.talosintelligence.com/vulnerability_reports/TALOS-2016-0082
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160428-ntpd
http://www.securityfocus.com/archive/1/archive/1/538233/100/0/threaded
https://www.arista.com/en/support/advisories-notices/security-advisories/1332-security-advisory-19
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

cpe:2.3:a:ntp:ntp:4.2.8:p4:*:*:*:*:*:*

Information

Published : 2017-01-06 13:59

Updated : 2021-11-17 14:15


NVD link : CVE-2016-1548

Mitre link : CVE-2016-1548


JSON object : View

CWE
CWE-19

Data Processing Errors

Advertisement

dedicated server usa

Products Affected

ntp

  • ntp