Last update: April 22, 2024 18:49 UTC (7e7bd5857)
| Resolved | 4.2.8p7 | 26 Apr 2016 |
|---|---|---|
| References | Bug 2879 | CVE-2016-1550 |
| Affects | All ntp-4 releases up to, but not including 4.2.8p7, and 4.3.0 up to, but not including 4.3.92. |
Resolved in 4.2.8p7. |
| CVSS2 Score | LOW 2.6 | AV:L/AC:H/Au:N/C:P/I:P/A:N |
| CVSS3 Score | MED 4.0 | CVSS:3.0/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:L/A:N |
Packet authentication tests have been performed using memcmp() or possibly bcmp(), and it is potentially possible for a local or perhaps LAN-based attacker to send a packet with an authentication payload and indirectly observe how much of the digest has matched.
ntpd instances.This weakness was discovered independently by Loganaden Velvindron, and Matthew Van Gundy and Stephen Gray of Cisco ASIG.