Lucene search

Talos IntelligenceTALOS-2015-0055

HistoryOct 21, 2015 - 12:00 a.m.

Network Time Protocol Remote Configuration Denial of Service Vulnerability

2015-10-2100:00:00

Talos Intelligence

www.talosintelligence.com

6.5 Medium

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

4 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

SINGLE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:S/C:N/I:N/A:P

0.009 Low

EPSS

Percentile

82.1%

JSON

Talos Vulnerability Report

TALOS-2015-0055

Network Time Protocol Remote Configuration Denial of Service Vulnerability

October 21, 2015

CVE Number

CVE-2015-7850

Description

An exploitable denial of service vulnerability exists in the remote configuration functionality of the Network Time Protocol. A specially crafted configuration file could cause an endless loop resulting in a denial of service. An attacker could provide a the malicious configuration file to trigger this vulnerability.

Tested Versions

ntp 4.2.8p2

Product URLs

<http://www.ntp.org>

Details

When sending a remote configuration file, an attacker can enable extended logging via the logconfig=allall setting. An attacker can also set the keys file when specifying this remote configuration. If the attacker sets the keys file to be the log file, the key parsing will go into an endless loop. NTP will log an invalid key in parsing, and will then subsequently parse that line as a key and again log the error, continuing in an infinite loop.