CVE-2017-6463: Input Validation
First published: Mon Mar 20 2017(Updated: )
A vulnerability found in the NTP server allows an authenticated remote attacker to crash the daemon by sending an invalid setting via the :config directive. The unpeer option expects a number or an address as an argument. In case the value is "0", a segmentation fault occurs. Affects: All versions of ntp, up to but not including ntp-4.2.8p10, and ntp-4.3.0 up to, but not including ntp-4.3.94. Mitigation: Properly monitor your ntpd instances, and auto-restart ntpd (without -g) if it stops running.
Credit: cve@mitre.org cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| NTP ntp | =4.2.8-p9 | |
| NTP ntp | =4.3.0 | |
| NTP ntp | =4.3.1 | |
| NTP ntp | =4.3.2 | |
| NTP ntp | =4.3.3 | |
| NTP ntp | =4.3.4 | |
| NTP ntp | =4.3.5 | |
| NTP ntp | =4.3.6 | |
| NTP ntp | =4.3.7 | |
| NTP ntp | =4.3.8 | |
| NTP ntp | =4.3.9 | |
| NTP ntp | =4.3.10 | |
| NTP ntp | =4.3.11 | |
| NTP ntp | =4.3.12 | |
| NTP ntp | =4.3.13 | |
| NTP ntp | =4.3.14 | |
| NTP ntp | =4.3.15 | |
| NTP ntp | =4.3.16 | |
| NTP ntp | =4.3.17 | |
| NTP ntp | =4.3.18 | |
| NTP ntp | =4.3.19 | |
| NTP ntp | =4.3.20 | |
| NTP ntp | =4.3.21 | |
| NTP ntp | =4.3.22 | |
| NTP ntp | =4.3.23 | |
| NTP ntp | =4.3.24 | |
| NTP ntp | =4.3.25 | |
| NTP ntp | =4.3.26 | |
| NTP ntp | =4.3.27 | |
| NTP ntp | =4.3.28 | |
| NTP ntp | =4.3.29 | |
| NTP ntp | =4.3.30 | |
| NTP ntp | =4.3.31 | |
| NTP ntp | =4.3.32 | |
| NTP ntp | =4.3.33 | |
| NTP ntp | =4.3.34 | |
| NTP ntp | =4.3.35 | |
| NTP ntp | =4.3.36 | |
| NTP ntp | =4.3.37 | |
| NTP ntp | =4.3.38 | |
| NTP ntp | =4.3.39 | |
| NTP ntp | =4.3.40 | |
| NTP ntp | =4.3.41 | |
| NTP ntp | =4.3.42 | |
| NTP ntp | =4.3.43 | |
| NTP ntp | =4.3.44 | |
| NTP ntp | =4.3.45 | |
| NTP ntp | =4.3.46 | |
| NTP ntp | =4.3.47 | |
| NTP ntp | =4.3.48 | |
| NTP ntp | =4.3.49 | |
| NTP ntp | =4.3.50 | |
| NTP ntp | =4.3.51 | |
| NTP ntp | =4.3.52 | |
| NTP ntp | =4.3.53 | |
| NTP ntp | =4.3.54 | |
| NTP ntp | =4.3.55 | |
| NTP ntp | =4.3.56 | |
| NTP ntp | =4.3.57 | |
| NTP ntp | =4.3.58 | |
| NTP ntp | =4.3.59 | |
| NTP ntp | =4.3.60 | |
| NTP ntp | =4.3.61 | |
| NTP ntp | =4.3.62 | |
| NTP ntp | =4.3.63 | |
| NTP ntp | =4.3.64 | |
| NTP ntp | =4.3.65 | |
| NTP ntp | =4.3.66 | |
| NTP ntp | =4.3.67 | |
| NTP ntp | =4.3.68 | |
| NTP ntp | =4.3.69 | |
| NTP ntp | =4.3.70 | |
| NTP ntp | =4.3.71 | |
| NTP ntp | =4.3.72 | |
| NTP ntp | =4.3.73 | |
| NTP ntp | =4.3.74 | |
| NTP ntp | =4.3.75 | |
| NTP ntp | =4.3.76 | |
| NTP ntp | =4.3.77 | |
| NTP ntp | =4.3.78 | |
| NTP ntp | =4.3.79 | |
| NTP ntp | =4.3.80 | |
| NTP ntp | =4.3.81 | |
| NTP ntp | =4.3.82 | |
| NTP ntp | =4.3.83 | |
| NTP ntp | =4.3.84 | |
| NTP ntp | =4.3.85 | |
| NTP ntp | =4.3.86 | |
| NTP ntp | =4.3.87 | |
| NTP ntp | =4.3.88 | |
| NTP ntp | =4.3.89 | |
| NTP ntp | =4.3.90 | |
| NTP ntp | =4.3.91 | |
| NTP ntp | =4.3.92 | |
| NTP ntp | =4.3.93 | |
| Apple macOS High Sierra | <10.13 | 10.13 |
| redhat/ntp | <4.2.8 | 4.2.8 |
| redhat/ntp | <4.3.94 | 4.3.94 |
| debian/ntp | 1:4.2.8p15+dfsg-1 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://support.ntp.org/bin/view/Main/NtpBug3387
- http://support.ntp.org/bin/view/Main/SecurityNotice#March_2017_ntp_4_2_8p10_NTP_Secu
- http://www.securityfocus.com/bid/97049
- http://www.securitytracker.com/id/1038123
- https://access.redhat.com/errata/RHSA-2017:3071
- https://access.redhat.com/errata/RHSA-2018:0855
- https://security.FreeBSD.org/advisories/FreeBSD-SA-17:03.ntp.asc
- https://support.apple.com/HT208144
- https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03962en_us
- https://usn.ubuntu.com/3707-2/
- https://support.apple.com/en-us/HT208144 (Advisory)
- https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03962en_us
- https://launchpad.net/bugs/cve/CVE-2017-6463
- https://bugzilla.redhat.com/show_bug.cgi/show_bug.cgi?id=1435163
- https://bugzilla.redhat.com/show_bug.cgi?id=1434002
- https://cure53.de/pentest-report_ntp.pdf
- https://security-tracker.debian.org/tracker/CVE-2017-6463
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6463
- https://nvd.nist.gov/vuln/detail/CVE-2017-6463
- https://ubuntu.com/security/CVE-2017-6463
Peer vulnerabilities
(Found alongside the following vulnerabilities)
- CVE-2017-13832
- CVE-2016-0736
- CVE-2016-2161
- CVE-2016-5387
- CVE-2016-8740
- CVE-2016-8743
- CVE-2017-13909
- CVE-2017-13809
- CVE-2017-7084
- CVE-2017-7074
- CVE-2017-13820
- CVE-2017-13807
- CVE-2017-7143
- CVE-2017-13829
- CVE-2017-13833
- CVE-2017-7083
- CVE-2017-13821
- CVE-2017-0381
- CVE-2017-13825
- CVE-2017-13890
- CVE-2017-13851
- CVE-2017-7138
- CVE-2017-7121
- CVE-2017-7122
- CVE-2017-7123
- CVE-2017-7124
- CVE-2017-7125
- CVE-2017-7126
- CVE-2017-13815
- CVE-2017-13828
- CVE-2017-13811
- CVE-2017-13835
- CVE-2017-11103
- CVE-2017-13819
- CVE-2017-13830
- CVE-2017-13814
- CVE-2017-13831
- CVE-2017-13837
- CVE-2017-13906
- CVE-2017-7077
- CVE-2017-7119
- CVE-2017-7114
- CVE-2017-13810
- CVE-2017-13817
- CVE-2017-13818
- CVE-2017-13836
- CVE-2017-13841
- CVE-2017-13840
- CVE-2017-13842
- CVE-2017-13782
- CVE-2017-13843
- CVE-2017-13854
- CVE-2017-13834
- CVE-2017-13873
- CVE-2017-13827
- CVE-2017-13813
- CVE-2017-13816
- CVE-2017-13812
- CVE-2016-4736
- CVE-2017-7086
- CVE-2017-1000373
- CVE-2016-9063
- CVE-2017-9233
- CVE-2018-4302
- CVE-2017-5130
- CVE-2017-7376
- CVE-2017-9050
- CVE-2017-9049
- CVE-2017-7141
- CVE-2017-7078
- CVE-2017-6451
- CVE-2017-6452
- CVE-2017-6455
- CVE-2017-6458
- CVE-2017-6459
- CVE-2017-6460
- CVE-2017-6462
- CVE-2017-6463
- CVE-2017-6464
- CVE-2016-9042
- CVE-2017-13824
- CVE-2017-13846
- CVE-2017-10140
- CVE-2017-13822
- CVE-2017-7132
- CVE-2017-13823
- CVE-2017-13808
- CVE-2017-13838
- CVE-2017-7082
- CVE-2017-7080
- CVE-2017-13908
- CVE-2017-13839
- CVE-2017-13910
- CVE-2017-10989
- CVE-2017-7128
- CVE-2017-7129
- CVE-2017-7130
- CVE-2017-7127
- CVE-2016-9840
- CVE-2016-9841
- CVE-2016-9842
- CVE-2016-9843
- collector/nvd-index
- collector/apple-support
- alias/CVE-2017-6452
- alias/CVE-2017-6455
- alias/CVE-2017-6458
- alias/CVE-2017-6459
- alias/CVE-2017-6460
- alias/CVE-2017-6462
- alias/CVE-2017-6463
- alias/CVE-2017-6464
- alias/CVE-2016-9042
- collector/launchpad-cve
- source/Launchpad
- agent/type
- agent/first-publish-date
- agent/last-modified-date
- agent/author
- collector/nvd-cve
- source/NVD
- agent/software-canonical-lookup
- agent/remedy
- agent/weakness
- agent/severity
- collector/redhat-bugzilla
- source/Red Hat
- collector/security-tracker-debian
- source/Debian
- collector/usn-cve
- source/Ubuntu
- agent/references
- agent/softwarecombine
- agent/tags
- agent/description
- agent/event
- agent/trending
- vendor/ntp
- canonical/ntp ntp
- version/ntp ntp/4.2.8-p9
- version/ntp ntp/4.3.0
- version/ntp ntp/4.3.1
- version/ntp ntp/4.3.2
- version/ntp ntp/4.3.3
- version/ntp ntp/4.3.4
- version/ntp ntp/4.3.5
- version/ntp ntp/4.3.6
- version/ntp ntp/4.3.7
- version/ntp ntp/4.3.8
- version/ntp ntp/4.3.9
- version/ntp ntp/4.3.10
- version/ntp ntp/4.3.11
- version/ntp ntp/4.3.12
- version/ntp ntp/4.3.13
- version/ntp ntp/4.3.14
- version/ntp ntp/4.3.15
- version/ntp ntp/4.3.16
- version/ntp ntp/4.3.17
- version/ntp ntp/4.3.18
- version/ntp ntp/4.3.19
- version/ntp ntp/4.3.20
- version/ntp ntp/4.3.21
- version/ntp ntp/4.3.22
- version/ntp ntp/4.3.23
- version/ntp ntp/4.3.24
- version/ntp ntp/4.3.25
- version/ntp ntp/4.3.26
- version/ntp ntp/4.3.27
- version/ntp ntp/4.3.28
- version/ntp ntp/4.3.29
- version/ntp ntp/4.3.30
- version/ntp ntp/4.3.31
- version/ntp ntp/4.3.32
- version/ntp ntp/4.3.33
- version/ntp ntp/4.3.34
- version/ntp ntp/4.3.35
- version/ntp ntp/4.3.36
- version/ntp ntp/4.3.37
- version/ntp ntp/4.3.38
- version/ntp ntp/4.3.39
- version/ntp ntp/4.3.40
- version/ntp ntp/4.3.41
- version/ntp ntp/4.3.42
- version/ntp ntp/4.3.43
- version/ntp ntp/4.3.44
- version/ntp ntp/4.3.45
- version/ntp ntp/4.3.46
- version/ntp ntp/4.3.47
- version/ntp ntp/4.3.48
- version/ntp ntp/4.3.49
- version/ntp ntp/4.3.50
- version/ntp ntp/4.3.51
- version/ntp ntp/4.3.52
- version/ntp ntp/4.3.53
- version/ntp ntp/4.3.54
- version/ntp ntp/4.3.55
- version/ntp ntp/4.3.56
- version/ntp ntp/4.3.57
- version/ntp ntp/4.3.58
- version/ntp ntp/4.3.59
- version/ntp ntp/4.3.60
- version/ntp ntp/4.3.61
- version/ntp ntp/4.3.62
- version/ntp ntp/4.3.63
- version/ntp ntp/4.3.64
- version/ntp ntp/4.3.65
- version/ntp ntp/4.3.66
- version/ntp ntp/4.3.67
- version/ntp ntp/4.3.68
- version/ntp ntp/4.3.69
- version/ntp ntp/4.3.70
- version/ntp ntp/4.3.71
- version/ntp ntp/4.3.72
- version/ntp ntp/4.3.73
- version/ntp ntp/4.3.74
- version/ntp ntp/4.3.75
- version/ntp ntp/4.3.76
- version/ntp ntp/4.3.77
- version/ntp ntp/4.3.78
- version/ntp ntp/4.3.79
- version/ntp ntp/4.3.80
- version/ntp ntp/4.3.81
- version/ntp ntp/4.3.82
- version/ntp ntp/4.3.83
- version/ntp ntp/4.3.84
- version/ntp ntp/4.3.85
- version/ntp ntp/4.3.86
- version/ntp ntp/4.3.87
- version/ntp ntp/4.3.88
- version/ntp ntp/4.3.89
- version/ntp ntp/4.3.90
- version/ntp ntp/4.3.91
- version/ntp ntp/4.3.92
- version/ntp ntp/4.3.93
- vendor/apple
- canonical/apple macos high sierra
- package-manager/redhat
- package-manager/debian