ICMP Timestamp Request Remote Date Disclosure

This script is Copyright (C) 1999-2012 Tenable Network Security, Inc.


Synopsis :

It is possible to determine the exact time set on the remote host.

Description :

The remote host answers to an ICMP timestamp request. This allows an
attacker to know the date that is set on the targeted machine, which
may assist an unauthenticated, remote attacker in defeating time-based
authentication protocols.

Timestamps returned from machines running Windows Vista / 7 / 2008 /
2008 R2 are deliberately incorrect, but usually within 1000 seconds of
the actual system time.

Solution :

Filter out the ICMP timestamp requests (13), and the outgoing ICMP
timestamp replies (14).

Risk factor :

None

Family: General

Nessus Plugin ID: 10114 (icmp_timestamp.nasl)

Bugtraq ID:

CVE ID: CVE-1999-0524