7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.4 High
AI Score
Confidence
Low
7.2 High
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
0.082 Low
EPSS
Percentile
94.3%
Aanchal Malhotra discovered that NTP incorrectly handled authenticated
broadcast mode. A remote attacker could use this issue to perform a replay
attack. (CVE-2015-7973)
Matt Street discovered that NTP incorrectly verified peer associations of
symmetric keys. A remote attacker could use this issue to perform an
impersonation attack. (CVE-2015-7974)
Jonathan Gardner discovered that the NTP ntpq utility incorrectly handled
memory. An attacker could possibly use this issue to cause ntpq to crash,
resulting in a denial of service. This issue only affected Ubuntu 16.04
LTS. (CVE-2015-7975)
Jonathan Gardner discovered that the NTP ntpq utility incorrectly handled
dangerous characters in filenames. An attacker could possibly use this
issue to overwrite arbitrary files. (CVE-2015-7976)
Stephen Gray discovered that NTP incorrectly handled large restrict lists.
An attacker could use this issue to cause NTP to crash, resulting in a
denial of service. (CVE-2015-7977, CVE-2015-7978)
Aanchal Malhotra discovered that NTP incorrectly handled authenticated
broadcast mode. A remote attacker could use this issue to cause NTP to
crash, resulting in a denial of service. (CVE-2015-7979)
Jonathan Gardner discovered that NTP incorrectly handled origin timestamp
checks. A remote attacker could use this issue to spoof peer servers.
(CVE-2015-8138)
Jonathan Gardner discovered that the NTP ntpq utility did not properly
handle certain incorrect values. An attacker could possibly use this issue
to cause ntpq to hang, resulting in a denial of service. (CVE-2015-8158)
It was discovered that the NTP cronjob incorrectly cleaned up the
statistics directory. A local attacker could possibly use this to escalate
privileges. (CVE-2016-0727)
Stephen Gray and Matthew Van Gundy discovered that NTP incorrectly
validated crypto-NAKs. A remote attacker could possibly use this issue to
prevent clients from synchronizing. (CVE-2016-1547)
Miroslav Lichvar and Jonathan Gardner discovered that NTP incorrectly
handled switching to interleaved symmetric mode. A remote attacker could
possibly use this issue to prevent clients from synchronizing.
(CVE-2016-1548)
Matthew Van Gundy, Stephen Gray and Loganaden Velvindron discovered that
NTP incorrectly handled message authentication. A remote attacker could
possibly use this issue to recover the message digest key. (CVE-2016-1550)
Yihan Lian discovered that NTP incorrectly handled duplicate IPs on
unconfig directives. An authenticated remote attacker could possibly use
this issue to cause NTP to crash, resulting in a denial of service.
(CVE-2016-2516)
Yihan Lian discovered that NTP incorrectly handled certail peer
associations. A remote attacker could possibly use this issue to cause NTP
to crash, resulting in a denial of service. (CVE-2016-2518)
Jakub Prokes discovered that NTP incorrectly handled certain spoofed
packets. A remote attacker could possibly use this issue to cause a denial
of service. (CVE-2016-4954)
Miroslav Lichvar discovered that NTP incorrectly handled certain packets
when autokey is enabled. A remote attacker could possibly use this issue to
cause a denial of service. (CVE-2016-4955)
Miroslav Lichvar discovered that NTP incorrectly handled certain spoofed
broadcast packets. A remote attacker could possibly use this issue to
cause a denial of service. (CVE-2016-4956)
In the default installation, attackers would be isolated by the NTP
AppArmor profile.
OS | Version | Architecture | Package | Version | Filename |
---|---|---|---|---|---|
Ubuntu | 16.04 | noarch | ntp | < 1:4.2.8p4+dfsg-3ubuntu5.3 | UNKNOWN |
Ubuntu | 16.04 | noarch | ntp-dbgsym | < 1:4.2.8p4+dfsg-3ubuntu5.3 | UNKNOWN |
Ubuntu | 16.04 | noarch | ntp-doc | < 1:4.2.8p4+dfsg-3ubuntu5.3 | UNKNOWN |
Ubuntu | 16.04 | noarch | ntpdate | < 1:4.2.8p4+dfsg-3ubuntu5.3 | UNKNOWN |
Ubuntu | 16.04 | noarch | ntpdate-dbgsym | < 1:4.2.8p4+dfsg-3ubuntu5.3 | UNKNOWN |
Ubuntu | 14.04 | noarch | ntp | < 1:4.2.6.p5+dfsg-3ubuntu2.14.04.10 | UNKNOWN |
Ubuntu | 14.04 | noarch | ntp-dbgsym | < 1:4.2.6.p5+dfsg-3ubuntu2.14.04.10 | UNKNOWN |
Ubuntu | 14.04 | noarch | ntpdate | < 1:4.2.6.p5+dfsg-3ubuntu2.14.04.10 | UNKNOWN |
Ubuntu | 14.04 | noarch | ntpdate-dbgsym | < 1:4.2.6.p5+dfsg-3ubuntu2.14.04.10 | UNKNOWN |
Ubuntu | 12.04 | noarch | ntp | < 1:4.2.6.p3+dfsg-1ubuntu3.11 | UNKNOWN |
ubuntu.com/security/CVE-2015-7973
ubuntu.com/security/CVE-2015-7974
ubuntu.com/security/CVE-2015-7975
ubuntu.com/security/CVE-2015-7976
ubuntu.com/security/CVE-2015-7977
ubuntu.com/security/CVE-2015-7978
ubuntu.com/security/CVE-2015-7979
ubuntu.com/security/CVE-2015-8138
ubuntu.com/security/CVE-2015-8158
ubuntu.com/security/CVE-2016-0727
ubuntu.com/security/CVE-2016-1547
ubuntu.com/security/CVE-2016-1548
ubuntu.com/security/CVE-2016-1550
ubuntu.com/security/CVE-2016-2516
ubuntu.com/security/CVE-2016-2518
ubuntu.com/security/CVE-2016-4954
ubuntu.com/security/CVE-2016-4955
ubuntu.com/security/CVE-2016-4956
7.8 High
CVSS3
Attack Vector
LOCAL
Attack Complexity
LOW
Privileges Required
LOW
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
7.4 High
AI Score
Confidence
Low
7.2 High
CVSS2
Access Vector
LOCAL
Access Complexity
LOW
Authentication
NONE
Confidentiality Impact
COMPLETE
Integrity Impact
COMPLETE
Availability Impact
COMPLETE
AV:L/AC:L/Au:N/C:C/I:C/A:C
0.082 Low
EPSS
Percentile
94.3%