NTP Holes Plugged

Monday, November 28, 2016 @ 05:11 PM gHale


Network Time Foundation released NTP 4.2.8p9, which has 40 security patches, bug fixes and improvements.

The latest version of the Network Time Protocol daemon (ntpd) addresses ten holes.

RELATED STORIES
4 HDF5 Library Flaws Fixed
Twitter Hacked, Popular Accounts Targeted
Palo Alto Networks Fixes Flaws
Cisco Fixes Email Security Appliance

The most serious issue, CVE-2016-9312 and rated “high severity,” is an oversized UDP packet denial-of-service (DoS) issue that only affects Windows.

“If a vulnerable instance of ntpd on Windows receives a crafted malicious packet that is ‘too big’, ntpd will stop working,” according to the CERT Coordination Center.

NTP 4.2.8p9 also patches two medium, two medium-low, and five low severity vulnerabilities. One of the medium severity flaws (CVE-2016-9310) affects the control mode (mode 6) functionality of ntpd and it can be exploited by a remote, unauthenticated attacker.

“If, against long-standing BCP recommendations, ‘restrict default noquery’ is not specified, a specially crafted control mode packet can set ntpd traps, providing information disclosure and DDoS amplification, and unset ntpd traps, disabling legitimate monitoring,” reads a description of the vulnerability.

The second medium severity flaw (CVE-2016-7431) is a regression in the handling of some Zero Origin timestamp checks.

Matthew Van Gundy of Cisco, Magnus Stubman, Miroslav Lichvar of Red Hat, Brian Utterback of Oracle, Robert Pajak of ABB, and Sharon Goldberg and Aanchal Malhotra of Boston University have been credited for reporting these issues.



Leave a Reply

You must be logged in to post a comment.