#VU10798 Information disclosure in Network Time Protocol - CVE-2018-7182

Cybersecurity Help s.r.o.

Published: 2018-03-01 | Updated: 2021-06-17

Vulnerability identifier: #VU10798

Vulnerability risk: Low

CVSSv4.0: 5.5 [CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:L/VI:N/VA:N/SC:N/SI:N/SA:N/E:P/U:Clear]

CVE-ID: CVE-2018-7182

CWE-ID: CWE-200

Exploitation vector: Network

Exploit availability: Yes

Vulnerable software:
Network Time Protocol
Server applications / Other server solutions

Vendor: ntp.org

Description

The vulnerability allows a remote unautheticated attacker to obtain potentially sensitive information.

The weakness exists due to insufficient validation user-supplied input. A remote attacker can submit a specially crafted mode 6 packet and gain access to potentially sensitive information.

Mitigation

Update to version ntp-4.2.8p11.

Vulnerable software versions

Network Time Protocol: 4.2.8p6 - 4.2.8p10

External links
https://support.ntp.org/bin/view/Main/SecurityNotice#February_2018_ntp_4_2_8p11_NTP_S
https://www.ntp.org/downloads.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote non-authenticated attacker via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability. However, proof of concept for this vulnerability is available.

Latest bulletins with this vulnerability

Ubuntu update for ntp

Multiple vulnerabilities in IBM AIX

Gentoo update for NTP

Amazon Linux AMI update for ntp

Multiple vulnerabilities in QLogic 8Gb Intelligent Pass-thru Module and SAN Switch Module for IBM BladeCenter and IBM Flex System FC3171 8Gb SAN Switch & SAN Pass-thru

Multiple vulnerabilities in IBM Flex System Chassis Management Module (CMM)

Multiple vulnerabilities in IBM Integrated Management Module II (IMM2) for System x, Flex and BladeCenter Systems

Arch Linux update for ntp

FreeBSD update for ntpd