ID

VAR-201701-0421


CVE

CVE-2016-1549


TITLE

NTP.org ntpd contains multiple vulnerabilities

Trust: 0.8

sources: CERT/CC: VU#718152

DESCRIPTION

A malicious authenticated peer can create arbitrarily-many ephemeral associations in order to win the clock selection algorithm in ntpd in NTP 4.2.8p4 and earlier and NTPsec 3e160db8dc248a0bcb053b56a80167dc742d2b74 and a5fb34b9cc89b92a8fef2f459004865c93bb7f92 and modify a victim's clock. The NTP.org reference implementation of ntpd contains multiple vulnerabilities. NTP is prone to a remote security vulnerability. Successful exploits will allow attackers to bypass certain security restrictions and perform some unauthorized actions to the application. This may aid in further attacks. Versions prior to NTP 4.2.8p7 and 4.3.x versions prior to 4.3.92 are vulnerable. - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Gentoo Linux Security Advisory GLSA 201607-15 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - https://security.gentoo.org/ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Severity: Normal Title: NTP: Multiple vulnerabilities Date: July 20, 2016 Bugs: #563774, #572452, #581528, #584954 ID: 201607-15 - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - Synopsis ======== Multiple vulnerabilities have been found in NTP, the worst of which could lead to Denial of Service. Background ========== NTP contains software for the Network Time Protocol. Affected packages ================= ------------------------------------------------------------------- Package / Vulnerable / Unaffected ------------------------------------------------------------------- 1 net-misc/ntp < 4.2.8_p8 >= 4.2.8_p8 Description =========== Multiple vulnerabilities have been discovered in NTP. Please review the CVE identifiers referenced below for details. Impact ====== A remote attacker could possibly cause a Denial of Service condition. Workaround ========== There is no known workaround at this time. Resolution ========== All NTP users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose ">=net-misc/ntp-4.2.8_p8" References ========== [ 1 ] CVE-2015-7691 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7691 [ 2 ] CVE-2015-7692 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7692 [ 3 ] CVE-2015-7701 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7701 [ 4 ] CVE-2015-7702 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7702 [ 5 ] CVE-2015-7703 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7703 [ 6 ] CVE-2015-7704 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7704 [ 7 ] CVE-2015-7705 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7705 [ 8 ] CVE-2015-7848 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7848 [ 9 ] CVE-2015-7849 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7849 [ 10 ] CVE-2015-7850 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7850 [ 11 ] CVE-2015-7851 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7851 [ 12 ] CVE-2015-7852 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7852 [ 13 ] CVE-2015-7853 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7853 [ 14 ] CVE-2015-7854 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7854 [ 15 ] CVE-2015-7855 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7855 [ 16 ] CVE-2015-7871 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7871 [ 17 ] CVE-2015-7973 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7973 [ 18 ] CVE-2015-7974 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7974 [ 19 ] CVE-2015-7975 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7975 [ 20 ] CVE-2015-7976 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7976 [ 21 ] CVE-2015-7977 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7977 [ 22 ] CVE-2015-7978 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7978 [ 23 ] CVE-2015-7979 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-7979 [ 24 ] CVE-2015-8138 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8138 [ 25 ] CVE-2015-8139 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8139 [ 26 ] CVE-2015-8140 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8140 [ 27 ] CVE-2015-8158 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-8158 [ 28 ] CVE-2016-1547 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1547 [ 29 ] CVE-2016-1548 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1548 [ 30 ] CVE-2016-1549 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1549 [ 31 ] CVE-2016-1550 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1550 [ 32 ] CVE-2016-1551 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-1551 [ 33 ] CVE-2016-2516 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2516 [ 34 ] CVE-2016-2517 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2517 [ 35 ] CVE-2016-2518 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2518 [ 36 ] CVE-2016-2519 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-2519 [ 37 ] CVE-2016-4953 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4953 [ 38 ] CVE-2016-4954 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4954 [ 39 ] CVE-2016-4955 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4955 [ 40 ] CVE-2016-4956 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4956 [ 41 ] CVE-2016-4957 http://nvd.nist.gov/nvd.cfm?cvename=CVE-2016-4957 Availability ============ This GLSA and any updates to it are available for viewing at the Gentoo Security Website: https://security.gentoo.org/glsa/201607-15 Concerns? ========= Security is a primary focus of Gentoo Linux and ensuring the confidentiality and security of our users' machines is of utmost importance to us. Any security concerns should be addressed to security@gentoo.org or alternatively, you may file a bug at https://bugs.gentoo.org. License ======= Copyright 2016 Gentoo Foundation, Inc; referenced text belongs to its owner(s). The contents of this document are licensed under the Creative Commons - Attribution / Share Alike license. http://creativecommons.org/licenses/by-sa/2.5 . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] ntp (SSA:2018-060-02) New ntp packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: +--------------------------+ patches/packages/ntp-4.2.8p11-i586-1_slack14.2.txz: Upgraded. This release addresses five security issues in ntpd: * LOW/MEDIUM: Sec 3012 / CVE-2016-1549 / VU#961909: Sybil vulnerability: ephemeral association attack. While fixed in ntp-4.2.8p7, there are significant additional protections for this issue in 4.2.8p11. Reported by Matt Van Gundy of Cisco. * INFO/MEDIUM: Sec 3412 / CVE-2018-7182 / VU#961909: ctl_getitem(): buffer read overrun leads to undefined behavior and information leak. Reported by Yihan Lian of Qihoo 360. * LOW: Sec 3415 / CVE-2018-7170 / VU#961909: Multiple authenticated ephemeral associations. Reported on the questions@ list. * LOW: Sec 3453 / CVE-2018-7184 / VU#961909: Interleaved symmetric mode cannot recover from bad state. Reported by Miroslav Lichvar of Red Hat. * LOW/MEDIUM: Sec 3454 / CVE-2018-7185 / VU#961909: Unauthenticated packet can reset authenticated interleaved association. Reported by Miroslav Lichvar of Red Hat. For more information, see: http://support.ntp.org/bin/view/Main/SecurityNotice#February_2018_ntp_4_2_8p11_NTP_S https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1549 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7182 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7170 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7184 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7185 (* Security fix *) +--------------------------+ Where to find the new packages: +-----------------------------+ Thanks to the friendly folks at the OSU Open Source Lab (http://osuosl.org) for donating FTP and rsync hosting to the Slackware project! :-) Also see the "Get Slack" section on http://slackware.com for additional mirror sites near you. Updated package for Slackware 14.0: ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/ntp-4.2.8p11-i486-1_slack14.0.txz Updated package for Slackware x86_64 14.0: ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/ntp-4.2.8p11-x86_64-1_slack14.0.txz Updated package for Slackware 14.1: ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/ntp-4.2.8p11-i486-1_slack14.1.txz Updated package for Slackware x86_64 14.1: ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/ntp-4.2.8p11-x86_64-1_slack14.1.txz Updated package for Slackware 14.2: ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/ntp-4.2.8p11-i586-1_slack14.2.txz Updated package for Slackware x86_64 14.2: ftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/ntp-4.2.8p11-x86_64-1_slack14.2.txz Updated package for Slackware -current: ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/ntp-4.2.8p11-i586-1.txz Updated package for Slackware x86_64 -current: ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/ntp-4.2.8p11-x86_64-1.txz MD5 signatures: +-------------+ Slackware 14.0 package: 01c86ddfabec68d52877336258d064c7 ntp-4.2.8p11-i486-1_slack14.0.txz Slackware x86_64 14.0 package: b2d36d96f9a4d84df3586d38b8b47389 ntp-4.2.8p11-x86_64-1_slack14.0.txz Slackware 14.1 package: 78b4e9221e725dcb45160950bfc926d0 ntp-4.2.8p11-i486-1_slack14.1.txz Slackware x86_64 14.1 package: e0d32ed484e02ad28c59838e6407d549 ntp-4.2.8p11-x86_64-1_slack14.1.txz Slackware 14.2 package: 81690d8e511b403f0fe89c1d120f5049 ntp-4.2.8p11-i586-1_slack14.2.txz Slackware x86_64 14.2 package: d2c877e3d1b9c7ce003ef090c7610c74 ntp-4.2.8p11-x86_64-1_slack14.2.txz Slackware -current package: c3ee95d3944b09c2e891883dc5411a6f n/ntp-4.2.8p11-i586-1.txz Slackware x86_64 -current package: fa9c7a8aca0c769791e34a8e48e6d260 n/ntp-4.2.8p11-x86_64-1.txz Installation instructions: +------------------------+ Upgrade the package as root: # upgradepkg ntp-4.2.8p11-i586-1_slack14.2.txz Then, restart the NTP daemon: # sh /etc/rc.d/rc.ntpd restart +-----+ Slackware Linux Security Team http://slackware.com/gpg-key security@slackware.com +------------------------------------------------------------------------+ | To leave the slackware-security mailing list: | +------------------------------------------------------------------------+ | Send an email to majordomo@slackware.com with this text in the body of | | the email message: | | | | unsubscribe slackware-security | | | | You will get a confirmation message back containing instructions to | | complete the process. Please do not reply to this email address. | +------------------------------------------------------------------------+ -----BEGIN PGP SIGNATURE----- iEYEARECAAYFAlqYjI8ACgkQakRjwEAQIjM5rACfdDAWRxL2nQATj8HFDPgCVInK 13MAnR04OluKfiEsJVgO6uWJKXy2HOGq =FRx7 -----END PGP SIGNATURE----- . Edge-case hole reported by Martin Burnicki of Meinberg. And fixes another security issue in ntpq and ntpdc: LOW: Sec 3505: The openhost() function used during command-line hostname processing by ntpq and ntpdc can write beyond its buffer limit, which could allow an attacker to achieve code execution or escalate to higher privileges via a long string as the argument for an IPv4 or IPv6 command-line parameter. NOTE: It is unclear whether there are any common situations in which ntpq or ntpdc is used with a command line from an untrusted source

Trust: 3.06

sources: NVD: CVE-2016-1549 // CERT/CC: VU#718152 // JVNDB: JVNDB-2016-006650 // BID: 88200 // VULMON: CVE-2016-1549 // PACKETSTORM: 137992 // PACKETSTORM: 146631 // PACKETSTORM: 136864 // PACKETSTORM: 148988

AFFECTED PRODUCTS

vendor:ntpmodel:ntpscope:eqversion:4.2.8

Trust: 1.9

vendor:ntpmodel: - scope: - version: -

Trust: 0.8

vendor:ntpmodel:ntpscope:lteversion:4.2.8p4

Trust: 0.8

vendor:slackwaremodel:linuxscope:eqversion:14.1

Trust: 0.3

vendor:slackwaremodel:linux x86 64 -currentscope: - version: -

Trust: 0.3

vendor:slackwaremodel:linux x86 64scope:eqversion:14.1

Trust: 0.3

vendor:slackwaremodel:linux x86 64scope:eqversion:14.0

Trust: 0.3

vendor:slackwaremodel:linuxscope:eqversion:14.0

Trust: 0.3

vendor:slackwaremodel:linux x86 64scope:eqversion:13.37

Trust: 0.3

vendor:slackwaremodel:linuxscope:eqversion:13.37

Trust: 0.3

vendor:slackwaremodel:linux x86 64scope:eqversion:13.1

Trust: 0.3

vendor:slackwaremodel:linuxscope:eqversion:13.1

Trust: 0.3

vendor:slackwaremodel:linux x86 64scope:eqversion:13.0

Trust: 0.3

vendor:slackwaremodel:linuxscope:eqversion:13.0

Trust: 0.3

vendor:slackwaremodel:linux -currentscope: - version: -

Trust: 0.3

vendor:ntpmodel:ntpscope:eqversion:4.3.90

Trust: 0.3

vendor:ntpmodel:ntpscope:eqversion:4.3.25

Trust: 0.3

vendor:ntpmodel:ntpscope:eqversion:4.3

Trust: 0.3

vendor:ntpmodel:ntpscope:eqversion:4.2.6

Trust: 0.3

vendor:ntpmodel:p74scope:eqversion:4.2.5

Trust: 0.3

vendor:ntpmodel:p153scope:eqversion:4.2.5

Trust: 0.3

vendor:ntpmodel:p150scope:eqversion:4.2.5

Trust: 0.3

vendor:ntpmodel:p8scope:eqversion:4.2.4

Trust: 0.3

vendor:ntpmodel:p7scope:eqversion:4.2.4

Trust: 0.3

vendor:ntpmodel:p6scope:eqversion:4.2.4

Trust: 0.3

vendor:ntpmodel:p5scope:eqversion:4.2.4

Trust: 0.3

vendor:ntpmodel:p4scope:eqversion:4.2.4

Trust: 0.3

vendor:ntpmodel:p4scope:eqversion:4.2.2

Trust: 0.3

vendor:ntpmodel:p1scope:eqversion:4.2.2

Trust: 0.3

vendor:ntpmodel:ntpscope:eqversion:4.1.2

Trust: 0.3

vendor:ntpmodel:ntpscope:eqversion:4.3.77

Trust: 0.3

vendor:ntpmodel:ntpscope:eqversion:4.3.70

Trust: 0.3

vendor:ntpmodel:4.2.8p6scope: - version: -

Trust: 0.3

vendor:ntpmodel:4.2.8p5scope: - version: -

Trust: 0.3

vendor:ntpmodel:4.2.8p4scope: - version: -

Trust: 0.3

vendor:ntpmodel:4.2.8p3scope: - version: -

Trust: 0.3

vendor:ntpmodel:4.2.8p2scope: - version: -

Trust: 0.3

vendor:ntpmodel:4.2.8p1scope: - version: -

Trust: 0.3

vendor:ntpmodel:4.2.7p366scope: - version: -

Trust: 0.3

vendor:ntpmodel:4.2.7p111scope: - version: -

Trust: 0.3

vendor:ntpmodel:4.2.7p11scope: - version: -

Trust: 0.3

vendor:ntpmodel:ntpscope:eqversion:4.2.7

Trust: 0.3

vendor:ntpmodel:4.2.5p3scope: - version: -

Trust: 0.3

vendor:ntpmodel:4.2.5p186scope: - version: -

Trust: 0.3

vendor:ntpmodel:4.2.0.ascope: - version: -

Trust: 0.3

vendor:ibmmodel:lotus protector for mail securityscope:eqversion:2.80

Trust: 0.3

vendor:ibmmodel:lotus protector for mail securityscope:eqversion:2.8.1.0

Trust: 0.3

vendor:ibmmodel:flex system managerscope:eqversion:1.3.20

Trust: 0.3

vendor:ibmmodel:flex system managerscope:eqversion:1.3.4.0

Trust: 0.3

vendor:ciscomodel:wap371 wireless access pointscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:visual quality experience tools serverscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:visual quality experience serverscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:virtual security gateway for microsoft hyper-vscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:videoscape control suitescope:eqversion:0

Trust: 0.3

vendor:ciscomodel:video distribution suite for internet streamingscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:video delivery system recorderscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:unity expressscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:unified computing system e-series blade serverscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:unified communications manager session management editionscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:unified communications managerscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:ucs directorscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:ucs centralscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:telepresence video communication serverscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:telepresence sx seriesscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:telepresence profile seriesscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:telepresence mx seriesscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:telepresence isdn linkscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:telepresence integrator c seriesscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:telepresence exchange systemscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:telepresence ex seriesscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:telepresence conductorscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:support centralscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:standalone rack server cimcscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:small business series wireless access pointsscope:eqversion:5000

Trust: 0.3

vendor:ciscomodel:small business series wireless access pointsscope:eqversion:3210

Trust: 0.3

vendor:ciscomodel:small business series wireless access pointsscope:eqversion:1210

Trust: 0.3

vendor:ciscomodel:show and sharescope:eqversion:0

Trust: 0.3

vendor:ciscomodel:sentinelscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:scosscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:prime service catalog virtual appliancescope:eqversion:0

Trust: 0.3

vendor:ciscomodel:prime license managerscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:prime infrastructure standalone plug and play gatewayscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:prime infrastructurescope:eqversion: -

Trust: 0.3

vendor:ciscomodel:prime collaboration assurancescope:eqversion:0

Trust: 0.3

vendor:ciscomodel:prime access registrar appliancescope:eqversion:0

Trust: 0.3

vendor:ciscomodel:prime access registrarscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:physical access managerscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:onepk all-in-one vmscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:nexus series switchesscope:eqversion:90000

Trust: 0.3

vendor:ciscomodel:network device security assessmentscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:network analysis modulescope:eqversion:0

Trust: 0.3

vendor:ciscomodel:nac serverscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:nac guest serverscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:nac appliancescope:eqversion:0

Trust: 0.3

vendor:ciscomodel:meetingplacescope:eqversion:0

Trust: 0.3

vendor:ciscomodel:mediasensescope:eqversion:0

Trust: 0.3

vendor:ciscomodel:media experience enginesscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:management heartbeat serverscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:jabber guestscope:eqversion:10.0(2)

Trust: 0.3

vendor:ciscomodel:intrusion prevention system solutionsscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:im and presence servicescope:eqversion:0

Trust: 0.3

vendor:ciscomodel:identity services enginescope:eqversion:0

Trust: 0.3

vendor:ciscomodel:hosted collaboration mediation fulfillmentscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:expressway seriesscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:enterprise content delivery systemscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:emergency responderscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:edge digital media playerscope:eqversion:3400

Trust: 0.3

vendor:ciscomodel:edge digital media playerscope:eqversion:3000

Trust: 0.3

vendor:ciscomodel:digital media managerscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:dcm series 9900-digital content managerscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:content security appliance updater serversscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:connected grid routersscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:common services platform collectorscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:cloud object storescope:eqversion:0

Trust: 0.3

vendor:ciscomodel:clean access managerscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:application policy infrastructure controllerscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:asa cx and cisco prime security managerscope:eqversion:0

Trust: 0.3

vendor:ciscomodel:access registrar appliancescope:eqversion:0

Trust: 0.3

vendor:ciscomodel:industrial routerscope:eqversion:9100

Trust: 0.3

vendor:ciscomodel:series ip phones vpn featurescope:eqversion:8800-0

Trust: 0.3

vendor:ntpmodel:ntpscope:neversion:4.3.92

Trust: 0.3

vendor:ntpmodel:4.2.8p7scope:neversion: -

Trust: 0.3

vendor:ntpmodel:4.2.8p11scope:neversion: -

Trust: 0.3

sources: CERT/CC: VU#718152 // BID: 88200 // JVNDB: JVNDB-2016-006650 // CNNVD: CNNVD-201604-604 // NVD: CVE-2016-1549

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2016-1549
value: MEDIUM

Trust: 1.0

NVD: CVE-2016-1549
value: MEDIUM

Trust: 0.8

CNNVD: CNNVD-201604-604
value: MEDIUM

Trust: 0.6

VULMON: CVE-2016-1549
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2016-1549
severity: MEDIUM
baseScore: 4.0
vectorString: AV:N/AC:L/AU:S/C:N/I:P/A:N
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: NONE
integrityImpact: PARTIAL
availabilityImpact: NONE
exploitabilityScore: 8.0
impactScore: 2.9
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

nvd@nist.gov: CVE-2016-1549
baseSeverity: MEDIUM
baseScore: 6.5
vectorString: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: NONE
integrityImpact: HIGH
availabilityImpact: NONE
exploitabilityScore: 2.8
impactScore: 3.6
version: 3.0

Trust: 1.8

sources: VULMON: CVE-2016-1549 // JVNDB: JVNDB-2016-006650 // CNNVD: CNNVD-201604-604 // NVD: CVE-2016-1549

PROBLEMTYPE DATA

problemtype:CWE-19

Trust: 1.8

problemtype:CWE-362

Trust: 0.8

sources: JVNDB: JVNDB-2016-006650 // NVD: CVE-2016-1549

THREAT TYPE

remote

Trust: 0.6

sources: CNNVD: CNNVD-201604-604

TYPE

lack of information

Trust: 0.6

sources: CNNVD: CNNVD-201604-604

CONFIGURATIONS

sources: JVNDB: JVNDB-2016-006650

PATCH

title:Oracle Solaris Third Party Bulletin - April 2016url:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html

Trust: 0.8

title:April 2016 ntp-4.2.8p7 Security Vulnerability Announcement (Medium)url:http://support.ntp.org/bin/view/Main/SecurityNotice#April_2016_NTP_4_2_8p7_Security

Trust: 0.8

title:TALOS-2016-0083url:http://www.talosintelligence.com/reports/TALOS-2016-0083/

Trust: 0.8

title:ntpd Security vulnerabilitiesurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=61287

Trust: 0.6

title:Red Hat: CVE-2016-1549url:https://vulmon.com/vendoradvisory?qidtp=red_hat_cve_database&qid=CVE-2016-1549

Trust: 0.1

title:Arch Linux Issues: url:https://vulmon.com/vendoradvisory?qidtp=arch_linux_issues&qid=CVE-2016-1549

Trust: 0.1

title:Arch Linux Advisories: [ASA-201803-11] ntp: multiple issuesurl:https://vulmon.com/vendoradvisory?qidtp=arch_linux_advisories&qid=ASA-201803-11

Trust: 0.1

title:Amazon Linux AMI: ALAS-2018-1009url:https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami&qid=ALAS-2018-1009

Trust: 0.1

title:Oracle Solaris Third Party Bulletins: Oracle Solaris Third Party Bulletin - April 2019url:https://vulmon.com/vendoradvisory?qidtp=oracle_solaris_third_party_bulletins&qid=4ee609eeae78bbbd0d0c827f33a7f87f

Trust: 0.1

title:Oracle Solaris Third Party Bulletins: Oracle Solaris Third Party Bulletin - April 2016url:https://vulmon.com/vendoradvisory?qidtp=oracle_solaris_third_party_bulletins&qid=976a4da35d55283870dbb31b88a6c655

Trust: 0.1

title:The Registerurl:https://www.theregister.co.uk/2016/04/28/time_for_a_patch_six_vulns_fixed_in_ntp_daemon/

Trust: 0.1

sources: VULMON: CVE-2016-1549 // JVNDB: JVNDB-2016-006650 // CNNVD: CNNVD-201604-604

EXTERNAL IDS

db:NVDid:CVE-2016-1549

Trust: 3.2

db:CERT/CCid:VU#718152

Trust: 2.6

db:TALOSid:TALOS-2016-0083

Trust: 1.7

db:BIDid:88200

Trust: 1.4

db:SECTRACKid:1035705

Trust: 1.1

db:JVNid:JVNVU91176422

Trust: 0.8

db:JVNDBid:JVNDB-2016-006650

Trust: 0.8

db:CNNVDid:CNNVD-201604-604

Trust: 0.6

db:VULMONid:CVE-2016-1549

Trust: 0.1

db:PACKETSTORMid:137992

Trust: 0.1

db:PACKETSTORMid:146631

Trust: 0.1

db:PACKETSTORMid:136864

Trust: 0.1

db:PACKETSTORMid:148988

Trust: 0.1

sources: CERT/CC: VU#718152 // VULMON: CVE-2016-1549 // BID: 88200 // JVNDB: JVNDB-2016-006650 // PACKETSTORM: 137992 // PACKETSTORM: 146631 // PACKETSTORM: 136864 // PACKETSTORM: 148988 // CNNVD: CNNVD-201604-604 // NVD: CVE-2016-1549

REFERENCES

url:https://www.kb.cert.org/vuls/id/718152

Trust: 1.8

url:http://www.talosintelligence.com/reports/talos-2016-0083/

Trust: 1.7

url:http://support.ntp.org/bin/view/main/securitynotice#april_2016_ntp_4_2_8p7_security

Trust: 1.4

url:https://security.gentoo.org/glsa/201607-15

Trust: 1.2

url:http://www.securityfocus.com/bid/88200

Trust: 1.1

url:http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html

Trust: 1.1

url:http://www.securitytracker.com/id/1035705

Trust: 1.1

url:https://security.netapp.com/advisory/ntap-20171004-0002/

Trust: 1.1

url:https://security.freebsd.org/advisories/freebsd-sa-16:16.ntp.asc

Trust: 1.1

url:https://www.synology.com/support/security/synology_sa_18_13

Trust: 1.1

url:https://support.hpe.com/hpsc/doc/public/display?doclocale=en_us&docid=emr_na-hpesbux03962en_us

Trust: 1.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-1549

Trust: 1.1

url:http://support.ntp.org/bin/view/main/ntpbug3012

Trust: 0.9

url:http://support.ntp.org/bin/view/main/securitynotice#january_2016_ntp_4_2_8p6_securit

Trust: 0.8

url:http://jvn.jp/vu/jvnvu91176422/

Trust: 0.8

url:http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2016-1549

Trust: 0.8

url:http://www.ntp.org/

Trust: 0.3

url:https://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20160428-ntpd

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=isg3t1024073

Trust: 0.3

url:http://support.ntp.org/bin/view/main/ntpbug3012p12

Trust: 0.3

url:http://www-01.ibm.com/support/docview.wss?uid=swg21983803

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2016-1549

Trust: 0.3

url:http://slackware.com

Trust: 0.3

url:http://osuosl.org)

Trust: 0.3

url:http://slackware.com/gpg-key

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2015-8138

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2015-7704

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2016-1547

Trust: 0.2

url:https://cwe.mitre.org/data/definitions/19.html

Trust: 0.1

url:https://tools.cisco.com/security/center/viewalert.x?alertid=56951

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2015-7871

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7702

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2015-7705

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1549

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2015-7702

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7849

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7852

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7978

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2015-8140

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2015-7855

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2015-7978

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2015-7852

Trust: 0.1

url:https://security.gentoo.org/

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1551

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2516

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7975

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2015-7848

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2015-7973

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2015-7979

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2015-8139

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-8158

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-4954

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-4956

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7973

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7853

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2015-7701

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7704

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-8140

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2015-7974

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7691

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-8139

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-4957

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7703

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7855

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-4955

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2015-7849

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2015-7854

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2015-7703

Trust: 0.1

url:http://creativecommons.org/licenses/by-sa/2.5

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7705

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2517

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1548

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2015-7691

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1547

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2015-8158

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7854

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2015-7853

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2519

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-2518

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7851

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2015-7692

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7871

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7977

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7848

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2015-7977

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-1550

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2015-7850

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7850

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7701

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7692

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-8138

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7979

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7974

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2015-7851

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2016-4953

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2015-7975

Trust: 0.1

url:https://bugs.gentoo.org.

Trust: 0.1

url:http://nvd.nist.gov/nvd.cfm?cvename=cve-2015-7976

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2015-7976

Trust: 0.1

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-7182

Trust: 0.1

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-7185

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2018-7170

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2018-7185

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2018-7184

Trust: 0.1

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-7184

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2018-7182

Trust: 0.1

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-7170

Trust: 0.1

url:http://support.ntp.org/bin/view/main/securitynotice#february_2018_ntp_4_2_8p11_ntp_s

Trust: 0.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-2516

Trust: 0.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-7704

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2016-1551

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2016-1548

Trust: 0.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-2519

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2016-2516

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2016-2517

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2016-2519

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2016-1550

Trust: 0.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-1547

Trust: 0.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2015-8138

Trust: 0.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-2518

Trust: 0.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-1551

Trust: 0.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-1550

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2016-2518

Trust: 0.1

url:http://support.ntp.org/bin/view/main/securitynotice#recent_vulnerabilities

Trust: 0.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-2517

Trust: 0.1

url:http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-1548

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2018-12327

Trust: 0.1

url:http://support.ntp.org/bin/view/main/securitynotice#august_2018_ntp_4_2_8p12_ntp_rel

Trust: 0.1

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2018-12327

Trust: 0.1

sources: CERT/CC: VU#718152 // VULMON: CVE-2016-1549 // BID: 88200 // JVNDB: JVNDB-2016-006650 // PACKETSTORM: 137992 // PACKETSTORM: 146631 // PACKETSTORM: 136864 // PACKETSTORM: 148988 // CNNVD: CNNVD-201604-604 // NVD: CVE-2016-1549

CREDITS

Matthew Van Gundy of Cisco ASIG

Trust: 0.6

sources: CNNVD: CNNVD-201604-604

SOURCES

db:CERT/CCid:VU#718152
db:VULMONid:CVE-2016-1549
db:BIDid:88200
db:JVNDBid:JVNDB-2016-006650
db:PACKETSTORMid:137992
db:PACKETSTORMid:146631
db:PACKETSTORMid:136864
db:PACKETSTORMid:148988
db:CNNVDid:CNNVD-201604-604
db:NVDid:CVE-2016-1549

LAST UPDATE DATE

2024-11-23T21:07:52.841000+00:00


SOURCES UPDATE DATE

db:CERT/CCid:VU#718152date:2016-04-28T00:00:00
db:VULMONid:CVE-2016-1549date:2018-03-28T00:00:00
db:BIDid:88200date:2018-08-15T07:00:00
db:JVNDBid:JVNDB-2016-006650date:2017-01-19T00:00:00
db:CNNVDid:CNNVD-201604-604date:2017-01-11T00:00:00
db:NVDid:CVE-2016-1549date:2024-11-21T02:46:37.430

SOURCES RELEASE DATE

db:CERT/CCid:VU#718152date:2016-04-27T00:00:00
db:VULMONid:CVE-2016-1549date:2017-01-06T00:00:00
db:BIDid:88200date:2016-04-26T00:00:00
db:JVNDBid:JVNDB-2016-006650date:2017-01-19T00:00:00
db:PACKETSTORMid:137992date:2016-07-21T15:56:23
db:PACKETSTORMid:146631date:2018-03-01T23:35:00
db:PACKETSTORMid:136864date:2016-05-02T21:38:58
db:PACKETSTORMid:148988date:2018-08-18T23:23:00
db:CNNVDid:CNNVD-201604-604date:2016-04-28T00:00:00
db:NVDid:CVE-2016-1549date:2017-01-06T21:59:00.383