NTP BUG 3044: Processing spoofed server packets (original) (raw)
Last update: April 22, 2024 18:49 UTC (7e7bd5857)
Summary
| Resolved | 4.2.8p8 | 02 June 2016 |
|---|---|---|
| References | Bug 3044 | CVE-2016-4954 |
| Affects | ntp-4, up to but not including ntp-4.2.8p8, and ntp-4.3.0 up to, but not including ntp-4.3.93. | Resolved in 4.2.8p8 |
| CVSS2 Score | LOW 2.6 | AV:N/AC:H/Au:N/C:N/I:N/A:P |
| CVSS3 Score | LOW 3.7 | CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L |
Description
An attacker who is able to spoof packets with correct origin timestamps from enough servers before the expected response packets arrive at the target machine can affect some peer variables and, for example, cause a false leap indication to be set.
Mitigation
- Implement BCP-38.
- Upgrade to 4.2.8p8 or later.
- Properly monitor your
ntpdinstances, and auto-restartntpd(without-g) if it stops running.
Credit
This weakness was discovered by Jakub Prokes of Red Hat.
Timeline
- 2016 Jun 02: Public release
- 2016 May 24: Early Access Program Release: Premier and Partner Institutional Members
- : Notification to Institutional Members
- : Report received