Advisory Published
CVE Published
Updated

CVE-2018-7170

First published: Wed Feb 28 2018(Updated: )

ntpd can be vulnerable to Sybil attacks. If a system is set up to use a trustedkey and if one is not using the feature introduced in ntp-4.2.8p6 allowing an optional 4th field in the ntp.keys file to specify which IPs can serve time, a malicious authenticated peer -- i.e. one where the attacker knows the private symmetric key -- can create arbitrarily-many ephemeral associations in order to win the clock selection of ntpd and modify a victim's clock. Ps.: This is possibly a incomplete fix for <a href="https://access.redhat.com/security/cve/CVE-2016-1549">CVE-2016-1549</a>. References: <a href="http://support.ntp.org/bin/view/Main/NtpBug3415">http://support.ntp.org/bin/view/Main/NtpBug3415</a>

Credit: cve@mitre.org

Affected SoftwareAffected VersionHow to fix
redhat/ntp<4.2.8
4.2.8
NTP ntp>=4.2.0<4.2.8
NTP ntp>=4.3.0<4.3.92
NTP ntp=4.2.8
NTP ntp=4.2.8-p1
NTP ntp=4.2.8-p1-beta1
NTP ntp=4.2.8-p1-beta2
NTP ntp=4.2.8-p1-beta3
NTP ntp=4.2.8-p1-beta4
NTP ntp=4.2.8-p1-beta5
NTP ntp=4.2.8-p1-rc1
NTP ntp=4.2.8-p1-rc2
NTP ntp=4.2.8-p2
NTP ntp=4.2.8-p2-rc1
NTP ntp=4.2.8-p2-rc2
NTP ntp=4.2.8-p2-rc3
NTP ntp=4.2.8-p3
NTP ntp=4.2.8-p3-rc1
NTP ntp=4.2.8-p3-rc2
NTP ntp=4.2.8-p3-rc3
NTP ntp=4.2.8-p4
NTP ntp=4.2.8-p5
NTP ntp=4.2.8-p6
Synology DiskStation Manager>=5.2<6.1.6-15266
Synology Router Manager>=1.1<1.1.6-6931-3
Synology Skynas<6.1.5-15254
Synology Virtual Diskstation Manager<6.1.6-15266
Synology Vs960hd Firmware<2.2.3-1505
Synology Vs960hd
Netapp Hci
Netapp Solidfire
Hpe Hpux-ntp<c.4.2.8.4.0

Never miss a vulnerability like this again

Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.

Frequently Asked Questions

  • What is CVE-2018-7170?

    CVE-2018-7170 is a vulnerability in ntpd which allows authenticated users to create arbitrary associations and modify a victim's clock via a Sybil attack.

  • Which versions of ntp are affected by CVE-2018-7170?

    Versions of ntp before 4.2.8p7 and 4.3.x before 4.3.92 are affected by CVE-2018-7170.

  • How can an attacker exploit CVE-2018-7170?

    An attacker with knowledge of the private symmetric key can exploit CVE-2018-7170 to create arbitrary associations and modify a victim's clock via a Sybil attack.

  • What is the severity of CVE-2018-7170?

    The severity of CVE-2018-7170 is medium with a CVSS score of 5.3.

  • How can I fix CVE-2018-7170?

    To fix CVE-2018-7170, it is recommended to update ntp to version 4.2.8p7 or 4.3.0 or later.

Contact

SecAlerts Pty Ltd.
132 Wickham Terrace
Fortitude Valley,
QLD 4006, Australia
info@secalerts.co
By using SecAlerts services, you agree to our services end-user license agreement. This website is safeguarded by reCAPTCHA and governed by the Google Privacy Policy and Terms of Service. All names, logos, and brands of products are owned by their respective owners, and any usage of these names, logos, and brands for identification purposes only does not imply endorsement. If you possess any content that requires removal, please get in touch with us.
© 2024 SecAlerts Pty Ltd.
ABN: 70 645 966 203, ACN: 645 966 203