Network Time Protocol Daemon (ntpd) Information Disclosure

Medium Nessus Plugin ID 84288

Synopsis

The remote NTP server is affected by an information disclosure vulnerability.

Description

The remote NTP server is affected by an information disclosure vulnerability due to improper validation of the 'vallen' value in extension fields in 'ntp_crypto.c'. This allows a remote attacker to disclose sensitive information.

Note that this plugin requires both the scanner IP and target IP to not go through Network Address Translation (NAT) when communicating with each other.

Solution

Upgrade to NTP version 4.2.8p1 or later.

See Also

http://support.ntp.org/bin/view/Main/SecurityNotice

Plugin Details

Severity: Medium

ID: 84288

File Name: ntp_cve-2014-9297.nbin

Version: 1.50

Type: remote

Family: Misc.

Published: 2015/06/19

Updated: 2020/09/14

Dependencies: 10884

Configuration: Enable paranoid mode

Risk Information

Risk Factor: Medium

CVSS v2.0

Base Score: 6.8

Temporal Score: 5

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P

Temporal Vector: CVSS2#E:U/RL:OF/RC:C

Vulnerability Information

CPE: cpe:/a:ntp:ntp

Required KB Items: NTP/Running, Settings/ParanoidReport

Exploit Ease: No known exploits are available

Patch Publication Date: 2015/02/04

Vulnerability Publication Date: 2014/12/19

Reference Information

CVE: CVE-2014-9297

BID: 72583

CERT: 852879