SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Generic)  >   ntp Vendors:   ntp.org
ntpd Flaw Lets Remote Users Modify Time on the Target ntp Service in Certain Cases
SecurityTracker Alert ID:  1034670
SecurityTracker URL:  http://securitytracker.com/id/1034670
CVE Reference:   CVE-2015-5300   (Links to External Site)
Date:  Jan 14 2016
Impact:   Modification of user information
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): 4.0 to 4.2.8p5, 4.3.0 to 4.3.78
Description:   A vulnerability was reported in ntp. A remote user that can conduct a man-in-the-middle attack can modify time on the target ntp service.

When ntpd is started with the '-g' option, a remote user that can conduct a man-in-the-middle attack can exploit a threshold limitation flaw to cause the target ntp client to make multiple steps larger than the panic threshold. This can be exploited to set the time to an arbitrary value.

The original advisory is available at:

https://www.cs.bu.edu/~goldbe/NTPattack.html

Aanchal Malhotra, Isaac E. Cohen, Erik Brakke, and Sharon Goldberg of Boston University reported this vulnerability.

Impact:   A remote user that can conduct a man-in-the-middle attack can modify time on the target ntp service.
Solution:   The vendor has issued a fix (4.2.8p5).

[Editor's note: The vulnerability was also fixed in development version 4.3.78 (in November 2015)].

The vendor's advisory is available at:

http://support.ntp.org/bin/view/Main/SecurityNotice#January_2016_NTP_4_2_8p5_Securit [nofetch]

Vendor URL:  support.ntp.org/bin/view/Main/SecurityNotice#January_2016_NTP_4_2_8p5_Securit (Links to External Site)
Cause:   Access control error
Underlying OS:  Linux (Any), UNIX (Any)

Message History:   This archive entry has one or more follow-up message(s) listed below.
Jan 14 2016 (FreeBSD Issues Fix) ntpd Flaw Lets Remote Users Modify Time on the Target ntp Service in Certain Cases
FreeBSD has issued a fix for FreeBSD 9.3, 10.1, and 10.2.
Feb 23 2016 (IBM Issues Fix for IBM AIX) ntpd Flaw Lets Remote Users Modify Time on the Target ntp Service in Certain Cases
IBM has issued a fix for IBM AIX 6.1, 7.1, and 7.2.
Mar 22 2016 (IBM Issues Fix for IBM Security Network Protection) ntpd Flaw Lets Remote Users Modify Time on the Target ntp Service in Certain Cases
IBM has issued a fix for IBM Security Network Protection 5.3.1 and 5.3.2.
Jan 27 2017 (Citrix Issues Fix for Citrix XenServer) ntpd Flaw Lets Remote Users Modify Time on the Target ntp Service in Certain Cases
Citrix has issued a fix for Citrix XenServer.



 Source Message Contents



[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2019, SecurityGlobal.net LLC