Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

redhat логотип

CVE-2016-1548

Опубликовано: 26 апр. 2016
Источник: redhat
CVSS2: 6.4
EPSS Низкий

Описание

An attacker can spoof a packet from a legitimate ntpd server with an origin timestamp that matches the peer->dst timestamp recorded for that server. After making this switch, the client in NTP 4.2.8p4 and earlier and NTPSec aa48d001683e5b791a743ec9c575aaf7d867a2b0c will reject all future legitimate server responses. It is possible to force the victim client to move time after the mode has been changed. ntpq gives no indication that the mode has been switched.

It was found that an ntpd client could be forced to change from basic client/server mode to the interleaved symmetric mode. A remote attacker could use a spoofed packet that, when processed by an ntpd client, would cause that client to reject all future legitimate server responses, effectively disabling time synchronization on that client.

Затронутые пакеты

ПлатформаПакетСостояниеРекомендацияРелиз
Red Hat Enterprise Linux 5ntpNot affected
Red Hat Enterprise Linux 6ntpFixedRHSA-2016:114131.05.2016
Red Hat Enterprise Linux 6.7 Extended Update SupportntpFixedRHSA-2016:155203.08.2016
Red Hat Enterprise Linux 7ntpFixedRHSA-2016:114131.05.2016

Показывать по

Ссылки на источники

Дополнительная информация

Статус:

Moderate
https://bugzilla.redhat.com/show_bug.cgi?id=1331462ntp: ntpd switching to interleaved mode with spoofed packets

EPSS

Процентиль: 81%
0.01653
Низкий

6.4 Medium

CVSS2

Связанные уязвимости

ubuntu логотип

CVE-2016-1548

CVSS3: 7.2
ubuntu
больше 8 лет назад

An attacker can spoof a packet from a legitimate ntpd server with an origin timestamp that matches the peer->dst timestamp recorded for that server. After making this switch, the client in NTP 4.2.8p4 and earlier and NTPSec aa48d001683e5b791a743ec9c575aaf7d867a2b0c will reject all future legitimate server responses. It is possible to force the victim client to move time after the mode has been changed. ntpq gives no indication that the mode has been switched.

nvd логотип

CVE-2016-1548

CVSS3: 7.2
nvd
больше 8 лет назад

An attacker can spoof a packet from a legitimate ntpd server with an origin timestamp that matches the peer->dst timestamp recorded for that server. After making this switch, the client in NTP 4.2.8p4 and earlier and NTPSec aa48d001683e5b791a743ec9c575aaf7d867a2b0c will reject all future legitimate server responses. It is possible to force the victim client to move time after the mode has been changed. ntpq gives no indication that the mode has been switched.

debian логотип

CVE-2016-1548

CVSS3: 7.2
debian
больше 8 лет назад

An attacker can spoof a packet from a legitimate ntpd server with an o ...

github логотип

GHSA-fp4r-m88r-wmm8

CVSS3: 7.2
github
больше 3 лет назад

An attacker can spoof a packet from a legitimate ntpd server with an origin timestamp that matches the peer->dst timestamp recorded for that server. After making this switch, the client in NTP 4.2.8p4 and earlier and NTPSec aa48d001683e5b791a743ec9c575aaf7d867a2b0c will reject all future legitimate server responses. It is possible to force the victim client to move time after the mode has been changed. ntpq gives no indication that the mode has been switched.

oracle-oval логотип

ELSA-2016-1141

oracle-oval
около 9 лет назад

ELSA-2016-1141: ntp security update (MODERATE)

EPSS

Процентиль: 81%
0.01653
Низкий

6.4 Medium

CVSS2

Уязвимость CVE-2016-1548