ICMP Timestamp Request Remote Date Disclosure

This script is Copyright (C) 1999-2012 Tenable Network Security, Inc.

Synopsis :

It is possible to determine the exact time set on the remote host.

Description :

The remote host answers to an ICMP timestamp request. This allows an
attacker to know the date that is set on the targeted machine, which
may assist an unauthenticated, remote attacker in defeating time-based
authentication protocols.

Timestamps returned from machines running Windows Vista / 7 / 2008 /
2008 R2 are deliberately incorrect, but usually within 1000 seconds of
the actual system time.

Solution :

Filter out the ICMP timestamp requests (13), and the outgoing ICMP
timestamp replies (14).

Risk factor :


Family: General

Nessus Plugin ID: 10114 (icmp_timestamp.nasl)

Bugtraq ID:

CVE ID: CVE-1999-0524

Ready to Scan Unlimited IPs & Run Compliance Checks?

Upgrade to Nessus Professional today!

Buy Now

Combine the Power of Nessus with the Ease of Cloud

Start your free Nessus Cloud trial now!

Begin Free Trial