#VU10801 Security restrictions bypass in Network Time Protocol - CVE-2018-7170


Vulnerability identifier: #VU10801

Vulnerability risk: Low

CVSSv4.0: 1.3 [CVSS:4.0/AV:N/AC:L/AT:N/PR:L/UI:N/VC:L/VI:L/VA:L/SC:N/SI:N/SA:N/E:U/U:Clear]

CVE-ID: CVE-2018-7170

CWE-ID: CWE-264

Exploitation vector: Network

Exploit availability: No

Vulnerable software:
Network Time Protocol
Server applications / Other server solutions

Vendor: ntp.org

Description
The vulnerability allows a remote authenticated attacker to bypass security restrictions on the target system.

The weakness exists due to insufficient security restrictions. A remote attacker can create multiple crafted ephemeral associations to bypass security restrictions and modify the clock.

Mitigation
Update to version 4.2.8p11.

Vulnerable software versions

Network Time Protocol: 4.2.0a - 4.2.8p10

External links
https://www.ntp.org/downloads.html
https://www.freebsd.org/ports/master-index.html

Q & A

Can this vulnerability be exploited remotely?

Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.

Is there known malware, which exploits this vulnerability?

No. We are not aware of malware exploiting this vulnerability.


Latest bulletins with this vulnerability


Multiple vulnerabilities in IBM AIX
OpenSUSE Linux update for ntp
Amazon Linux AMI update for ntp
Multiple vulnerabilities in IBM AIX
Gentoo update for NTP
Amazon Linux AMI update for ntp
Multiple vulnerabilities in QLogic 8Gb Intelligent Pass-thru Module and SAN Switch Module for IBM BladeCenter and IBM Flex System FC3171 8Gb SAN Switch & SAN Pass-thru
Arch Linux update for ntp
FreeBSD update for ntpd
Slackware Linux update for ntp