Vulnslist

Network Time Protocol Daemon Symmetric Mode Packet Processing Denial of Service Vulnerability

Cisco-SA-20150408-CVE-2015-1799 · Medium · Published 11 years ago · Updated 11 years ago

A vulnerability in ntpd could allow an unauthenticated, adjacent attacker to cause a denial of service (DoS) condition on an affected system. The vulnerability is due to improper processing of Network Time Protocol (NTP) packets when handling symmetric key authentication failures. An attacker could exploit this vulnerability by conducting a man-in-the-middle attack to periodically transmit crafted NTP packets with set NTP state variables. An exploit could allow the attacker to disrupt communication between NTP hosts, preventing synchronization and leading to a DoS condition for legitimate users. NTP.org has confirmed this vulnerability in a security advisory and released software updates. To exploit this vulnerability, an attacker may require access to trusted, internal networks to send crafted requests to the affected software. This access requirement could limit the likelihood of a successful exploit. An attacker may attempt to perform a man-in-the-middle attack to send crafted packets to the targeted device in an attempt to exploit this vulnerability. Reports indicate that systems that are configured to use the symmetric key authentication mechanism are affected.

Cisco advisory · CSAF JSON

Workarounds

Related Products