CVE-2016-1550 : An exploitable vulnerability exists in the message authentication functionality of libntp in ntp 4.2.8p4 and NTPSec a5fb

An exploitable vulnerability exists in the message authentication functionality of libntp in ntp 4.2.8p4 and NTPSec a5fb34b9cc89b92a8fef2f459004865c93bb7f92. An attacker can send a series of crafted messages to attempt to recover the message digest key.

Published 2017-01-06 21:59:00

Updated 2021-11-17 22:15:48

Source CERT/CC

View at NVD, CVE.org

Vulnerability category: Information leak

Exploit prediction scoring system (EPSS) score for CVE-2016-1550

Probability of exploitation activity in the next 30 days: 0.49%

Percentile, the proportion of vulnerabilities that are scored at or less: ~ 76 % EPSS Score History EPSS FAQ

CVSS scores for CVE-2016-1550

Base Score	Base Severity	CVSS Vector	Exploitability Score	Impact Score	Score Source
5.0	MEDIUM	AV:N/AC:L/Au:N/C:P/I:N/A:N	10.0	2.9	NIST
Access Vector: Network Access Complexity: Low Authentication: None Confidentiality Impact: Partial Integrity Impact: None Availability Impact: None
5.3	MEDIUM	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N	3.9	1.4	NIST
Attack Vector: Network Attack Complexity: Low Privileges Required: None User Interaction: None Scope: Unchanged Confidentiality: Low Integrity: None Availability: None

CWE ids for CVE-2016-1550

CWE-200 Exposure of Sensitive Information to an Unauthorized Actor

The product exposes sensitive information to an actor that is not explicitly authorized to have access to that information.

Assigned by: nvd@nist.gov (Primary)

References for CVE-2016-1550

http://packetstormsecurity.com/files/136864/Slackware-Security-Advisory-ntp-Updates.html

Slackware Security Advisory - ntp Updates ≈ Packet Storm

CVEs referencing this url
http://www.securityfocus.com/bid/88261

NTP CVE-2016-1550 Local Security Bypass Vulnerability
https://www.talosintelligence.com/vulnerability_reports/TALOS-2016-0084

TALOS-2016-0084 || Cisco Talos Intelligence Group - Comprehensive Threat Intelligence
https://cert-portal.siemens.com/productcert/pdf/ssa-497656.pdf

CVEs referencing this url
https://security.netapp.com/advisory/ntap-20171004-0002/

April 2016 Network Time Protocol Daemon (ntpd) Vulnerabilities in Multiple NetApp Products | NetApp Product Security

CVEs referencing this url
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00001.html

[security-announce] SUSE-SU-2016:1471-1: important: Security update for ntp - openSUSE Security Announce - openSUSE Mailing Lists

CVEs referencing this url
http://www.talosintelligence.com/reports/TALOS-2016-0084/

TALOS-2016-0084 || Cisco Talos Intelligence Group - Comprehensive Threat Intelligence
Technical Description;Third Party Advisory
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160428-ntpd

Multiple Vulnerabilities in Network Time Protocol Daemon Affecting Cisco Products: April 2016

CVEs referencing this url
http://rhn.redhat.com/errata/RHSA-2016-1552.html

RHSA-2016:1552 - Security Advisory - Red Hat Customer Portal

CVEs referencing this url
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00052.html

[security-announce] openSUSE-SU-2016:1329-1: important: Security update for ntp - openSUSE Security Announce - openSUSE Mailing Lists

CVEs referencing this url
https://security.gentoo.org/glsa/201607-15

NTP: Multiple vulnerabilities (GLSA 201607-15) — Gentoo security

CVEs referencing this url
http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html

Oracle Solaris Bulletin - April 2016

CVEs referencing this url
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00034.html

[security-announce] SUSE-SU-2016:1278-1: important: Security update for ntp - openSUSE Security Announce - openSUSE Mailing Lists

CVEs referencing this url
http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183647.html

[SECURITY] Fedora 24 Update: ntp-4.2.6p5-40.fc24

CVEs referencing this url
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00020.html

[security-announce] SUSE-SU-2016:1568-1: important: Security update for ntp - openSUSE Security Announce - openSUSE Mailing Lists

CVEs referencing this url
https://us-cert.cisa.gov/ics/advisories/icsa-21-103-11

Siemens TIM 4R-IE Devices | CISA

CVEs referencing this url
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00037.html

[security-announce] SUSE-SU-2016:1291-1: important: Security update for ntp - openSUSE Security Announce - openSUSE Mailing Lists

CVEs referencing this url
https://access.redhat.com/errata/RHSA-2016:1141

RHSA-2016:1141 - Security Advisory - Red Hat Customer Portal

CVEs referencing this url
http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html

Oracle Linux Bulletin - April 2016

CVEs referencing this url
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00026.html

[security-announce] SUSE-SU-2016:1912-1: important: Security update for

CVEs referencing this url
https://security.FreeBSD.org/advisories/FreeBSD-SA-16:16.ntp.asc

CVEs referencing this url
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00042.html

[security-announce] SUSE-SU-2016:2094-1: important: Security update for

CVEs referencing this url
https://www.debian.org/security/2016/dsa-3629

Debian -- Security Information -- DSA-3629-1 ntp

CVEs referencing this url
https://cert-portal.siemens.com/productcert/pdf/ssa-211752.pdf

CVEs referencing this url
http://www.securityfocus.com/archive/1/archive/1/538233/100/0/threaded

SecurityFocus

CVEs referencing this url
https://www.kb.cert.org/vuls/id/718152

VU#718152 - NTP.org ntpd contains multiple vulnerabilities

CVEs referencing this url
http://lists.fedoraproject.org/pipermail/package-announce/2016-May/184669.html

[SECURITY] Fedora 23 Update: ntp-4.2.6p5-40.fc23

CVEs referencing this url
http://www.ubuntu.com/usn/USN-3096-1

USN-3096-1: NTP vulnerabilities | Ubuntu security notices

CVEs referencing this url
https://www.arista.com/en/support/advisories-notices/security-advisories/1332-security-advisory-19

Security Advisory 0019 - Arista

CVEs referencing this url
http://www.securitytracker.com/id/1035705

ntp Multiple Bugs Let Remote Users Spoof Messages, Obtain Potentially Sensitive Information, Modify Time, and Deny Service - SecurityTracker

CVEs referencing this url
http://www.securityfocus.com/archive/1/538233/100/0/threaded

SecurityFocus

CVEs referencing this url
http://lists.opensuse.org/opensuse-updates/2016-05/msg00114.html

openSUSE-SU-2016:1423-1: moderate: Security update for ntp

CVEs referencing this url
https://us-cert.cisa.gov/ics/advisories/icsa-21-159-11

Siemens SIMATIC NET CP 443-1 OPC UA | CISA

CVEs referencing this url
http://www.debian.org/security/2016/dsa-3629

Debian -- Security Information -- DSA-3629-1 ntp

CVEs referencing this url

Products affected by CVE-2016-1550

NTP » NTP » Version: 4.2.8 Update P4
cpe:2.3:a:ntp:ntp:4.2.8:p4:*:*:*:*:*:*
Matching versions

Vulnerability Details : CVE-2016-1550

Exploit prediction scoring system (EPSS) score for CVE-2016-1550

CVSS scores for CVE-2016-1550

CWE ids for CVE-2016-1550

References for CVE-2016-1550

Products affected by CVE-2016-1550