F5 Networks BIG-IP : NTP vulnerability (K17114)
Low Nessus Plugin ID 105510
SynopsisThe remote device is missing a vendor-supplied security patch.
Descriptionntpd in ntp before 4.2.8p3 with remote configuration enabled allows remote authenticated users with knowledge of the configuration password and access to a computer entrusted to perform remote configuration to cause a denial of service (service crash) via a NULL byte in a crafted configuration directive packet. (CVE-2015-5146)
An attacker can use a specially crafted package to cause ntpd to become unresponsive when all of the following conditions are met :
The ntpd configuration has enabled remote configuration.
The attacker has knowledge of the configuration password.
The attacker has access to a computer entrusted to perform remote configurations.
For BIG-IP systems using a default network time protocol (NTP) configuration, there is no impact. However, BIG-IP systems with an NTP configuration that is customized in line with the requirements of the advisory may be vulnerable.
SolutionUpgrade to one of the non-vulnerable versions listed in the F5 Solution K17114.