Network Time Protocol Daemon (ntpd) 4.x < 4.2.8p12 / 4.3.x < 4.3.94 Multiple Vulnerabilities
High Nessus Plugin ID 111968
SynopsisThe remote NTP server is affected by multiple vulnerabilities.
DescriptionThe version of the remote NTP server is 4.x prior to 4.2.8p12, or is 4.3.x prior to 4.3.94. It is, therefore, affected by the following vulnerabilities:
- A race condition exists that is triggered during the handling of a saturation of ephemeral associations. An authenticated, remote attacker can exploit this to defeat NTP's clock selection algorithm and modify a user's clock. (CVE-2016-1549)
- A buffer overflow vulnerability exists within the openhost() function of the ntpq anmd ntpdc. A local attacker, using an excessively large hostname, could cause a stack overflow and potentially allow for remote code execution or privilege escalation. (CVE-2018-12327)
SolutionUpgrade to NTP version 4.2.8p12, 4.3.94 or later.