Mend.io Vulnerability Database

What is a CVE vulnerability ID? icon What is a WS vulnerability ID? icon What is an MSC vulnerability ID? icon
New vulnerability? Tell us about it!
icon

We found results for “

CVE-2016-1548

Good to know:

icon
icon

Date: January 6, 2017

An attacker can spoof a packet from a legitimate ntpd server with an origin timestamp that matches the peer->dst timestamp recorded for that server. After making this switch, the client in NTP 4.2.8p4 and earlier and NTPSec aa48d001683e5b791a743ec9c575aaf7d867a2b0c will reject all future legitimate server responses. It is possible to force the victim client to move time after the mode has been changed. ntpq gives no indication that the mode has been switched.

Language: C

Severity Score

Related Resources (39)

http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00020.html
http://www.talosintelligence.com/reports/TALOS-2016-0082/
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00052.html
http://www.debian.org/security/2016/dsa-3629
https://cert-portal.siemens.com/productcert/pdf/ssa-211752.pdf
http://lists.fedoraproject.org/pipermail/package-announce/2016-May/184669.html
https://www.debian.org/security/2016/dsa-3629
http://www.securityfocus.com/archive/1/538233/100/0/threaded
https://security.FreeBSD.org/advisories/FreeBSD-SA-16:16.ntp.asc
https://us-cert.cisa.gov/ics/advisories/icsa-21-103-11
http://www.securitytracker.com/id/1035705
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00001.html
https://www.talosintelligence.com/vulnerability_reports/TALOS-2016-0082
http://www.securityfocus.com/archive/1/archive/1/538233/100/0/threaded
https://cert-portal.siemens.com/productcert/pdf/ssa-497656.pdf
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00042.html
https://nvd.nist.gov/vuln/detail/CVE-2016-1548
http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html
http://www.securityfocus.com/bid/88264
https://www.arista.com/en/support/advisories-notices/security-advisories/1332-security-advisory-19
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160428-ntpd
https://security.netapp.com/advisory/ntap-20171004-0002/
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00034.html
https://access.redhat.com/errata/RHSA-2016:1141
http://rhn.redhat.com/errata/RHSA-2016-1552.html
https://access.redhat.com/security/cve/CVE-2016-1548
http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183647.html
https://security-tracker.debian.org/tracker/CVE-2016-1548
https://people.canonical.com/~ubuntu-security/cve/CVE-2016-1548
http://lists.opensuse.org/opensuse-updates/2016-05/msg00114.html
https://security.gentoo.org/glsa/201607-15
https://us-cert.cisa.gov/ics/advisories/icsa-21-159-11
http://www.ubuntu.com/usn/USN-3096-1
https://www.kb.cert.org/vuls/id/718152
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00026.html
http://packetstormsecurity.com/files/136864/Slackware-Security-Advisory-ntp-Updates.html
http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00037.html
https://www.mend.io/vulnerability-database/CVE-2016-1548

Severity Score

Weakness Type (CWE)

Data Handling

CWE-19

Top Fix

icon

Upgrade Version

Upgrade to version NTPsec_0_9_7

Learn More

CVSS v3.1

Base Score:
Attack Vector (AV): NETWORK
Attack Complexity (AC): LOW
Privileges Required (PR): NONE
User Interaction (UI): NONE
Scope (S): CHANGED
Confidentiality (C): NONE
Integrity (I): LOW
Availability (A): LOW

CVSS v2

Base Score:
Access Vector (AV): NETWORK
Access Complexity (AC): LOW
Authentication (AU): NONE
Confidentiality (C): NONE
Integrity (I): PARTIAL
Availability (A): PARTIAL
Additional information:

Do you need more information?

Contact Us