CVE-2016-4953

Summary

CVE	CVE-2016-4953
State	PUBLIC
Assigner	[email protected]
Source Priority	CVE Program / NVD first with legacy fallback
Published	2016-07-05 01:59:00 UTC
Updated	2021-07-16 13:15:00 UTC
Description	ntpd in NTP 4.x before 4.2.8p8 allows remote attackers to cause a denial of service (ephemeral-association demobilization) by sending a spoofed crypto-NAK packet with incorrect authentication data at a certain time.

Risk And Classification

Problem Types: CWE-287

NVD Known Affected Configurations (CPE 2.3)

Type	Vendor	Product	Version	Update	Edition	Language
Application	Ntp	Ntp	All	All	All	All
Application	Ntp	Ntp	4.2.8	-	All	All
Application	Ntp	Ntp	4.2.8	p1	All	All
Application	Ntp	Ntp	4.2.8	p1-beta1	All	All
Application	Ntp	Ntp	4.2.8	p1-beta2	All	All
Application	Ntp	Ntp	4.2.8	p1-beta3	All	All
Application	Ntp	Ntp	4.2.8	p1-beta4	All	All
Application	Ntp	Ntp	4.2.8	p1-beta5	All	All
Application	Ntp	Ntp	4.2.8	p1-rc1	All	All
Application	Ntp	Ntp	4.2.8	p1-rc2	All	All
Application	Ntp	Ntp	4.2.8	p2	All	All
Application	Ntp	Ntp	4.2.8	p2-rc1	All	All
Application	Ntp	Ntp	4.2.8	p2-rc2	All	All
Application	Ntp	Ntp	4.2.8	p2-rc3	All	All
Application	Ntp	Ntp	4.2.8	p3	All	All
Application	Ntp	Ntp	4.2.8	p3-rc1	All	All
Application	Ntp	Ntp	4.2.8	p3-rc2	All	All
Application	Ntp	Ntp	4.2.8	p3-rc3	All	All
Application	Ntp	Ntp	4.2.8	p4	All	All
Application	Ntp	Ntp	4.2.8	p5	All	All
Application	Ntp	Ntp	4.2.8	p6	All	All
Application	Ntp	Ntp	4.2.8	p7	All	All
Application	Ntp	Ntp	All	All	All	All
Application	Ntp	Ntp	4.2.8	-	All	All
Application	Ntp	Ntp	4.2.8	p1	All	All
Application	Ntp	Ntp	4.2.8	p1-beta1	All	All
Application	Ntp	Ntp	4.2.8	p1-beta2	All	All
Application	Ntp	Ntp	4.2.8	p1-beta3	All	All
Application	Ntp	Ntp	4.2.8	p1-beta4	All	All
Application	Ntp	Ntp	4.2.8	p1-beta5	All	All
Application	Ntp	Ntp	4.2.8	p1-rc1	All	All
Application	Ntp	Ntp	4.2.8	p1-rc2	All	All
Application	Ntp	Ntp	4.2.8	p2	All	All
Application	Ntp	Ntp	4.2.8	p2-rc1	All	All
Application	Ntp	Ntp	4.2.8	p2-rc2	All	All
Application	Ntp	Ntp	4.2.8	p2-rc3	All	All
Application	Ntp	Ntp	4.2.8	p3	All	All
Application	Ntp	Ntp	4.2.8	p3-rc1	All	All
Application	Ntp	Ntp	4.2.8	p3-rc2	All	All
Application	Ntp	Ntp	4.2.8	p3-rc3	All	All
Application	Ntp	Ntp	4.2.8	p4	All	All
Application	Ntp	Ntp	4.2.8	p5	All	All
Application	Ntp	Ntp	4.2.8	p6	All	All
Application	Ntp	Ntp	4.2.8	p7	All	All
Operating System	Opensuse	Leap	42.1	All	All	All
Operating System	Opensuse	Leap	42.1	All	All	All
Operating System	Opensuse	Opensuse	13.2	All	All	All
Operating System	Opensuse	Opensuse	13.2	All	All	All
Operating System	Oracle	Solaris	10	All	All	All
Operating System	Oracle	Solaris	11.3	All	All	All
Operating System	Oracle	Solaris	10	All	All	All
Operating System	Oracle	Solaris	11.3	All	All	All
Hardware	Siemens	Simatic Net Cp 443-1 Opc Ua	-	All	All	All
Operating System	Siemens	Simatic Net Cp 443-1 Opc Ua Firmware	All	All	All	All
Hardware	Siemens	Tim 4r-ie	-	All	All	All
Hardware	Siemens	Tim 4r-ie Dnp3	-	All	All	All
Operating System	Siemens	Tim 4r-ie Dnp3 Firmware	All	All	All	All
Operating System	Siemens	Tim 4r-ie Firmware	All	All	All	All
Operating System	Suse	Linux Enterprise Desktop	12	sp1	All	All
Operating System	Suse	Linux Enterprise Desktop	12	sp1	All	All
Operating System	Suse	Linux Enterprise Server	11	sp2	All	All
Operating System	Suse	Linux Enterprise Server	11	sp3	All	All
Operating System	Suse	Linux Enterprise Server	11	sp4	All	All
Operating System	Suse	Linux Enterprise Server	12	sp1	All	All
Operating System	Suse	Linux Enterprise Server	11	sp2	All	All
Operating System	Suse	Linux Enterprise Server	11	sp3	All	All
Operating System	Suse	Linux Enterprise Server	11	sp4	All	All
Operating System	Suse	Linux Enterprise Server	12	sp1	All	All
Application	Suse	Manager	2.1	All	All	All
Application	Suse	Manager	2.1	All	All	All
Application	Suse	Manager Proxy	2.1	All	All	All
Application	Suse	Manager Proxy	2.1	All	All	All
Application	Suse	Openstack Cloud	5	All	All	All
Application	Suse	Openstack Cloud	5	All	All	All

References

Reference	Source	Link	Tags
Oracle Solaris Bulletin - April 2016	CONFIRM	www.oracle.com	Third Party Advisory
Document Display \| HPE Support Center	CONFIRM	h20566.www2.hpe.com	Third Party Advisory
SecurityFocus	BUGTRAQ	www.securityfocus.com
[security-announce] openSUSE-SU-2016:1636-1: important: Security update	SUSE	lists.opensuse.org	Mailing List, Third Party Advisory
Siemens SIMATIC NET CP 443-1 OPC UA \| CISA	MISC	us-cert.cisa.gov
[security-announce] openSUSE-SU-2016:1583-1: important: Security update	SUSE	lists.opensuse.org	Mailing List, Third Party Advisory
[security-announce] SUSE-SU-2016:1568-1: important: Security update for	SUSE	lists.opensuse.org
Bug 3045 – Bad authentication demobilizes ephemeral associations	CONFIRM	bugs.ntp.org	Issue Tracking, Vendor Advisory
support.ntp.org/bin/view/Main/NtpBug3045	CONFIRM	support.ntp.org	Patch, Vendor Advisory
NTP: Multiple vulnerabilities (GLSA 201607-15) — Gentoo Security	GENTOO	security.gentoo.org	Third Party Advisory
Vulnerability Note VU#321640 - NTP.org ntpd is vulnerable to denial of service and other vulnerabilities	CERT-VN	www.kb.cert.org
[security-announce] SUSE-SU-2016:1602-1: important: Security update for	SUSE	lists.opensuse.org	Mailing List, Third Party Advisory
cert-portal.siemens.com/productcert/pdf/ssa-211752.pdf	CONFIRM	cert-portal.siemens.com
SecurityFocus	BUGTRAQ	www.securityfocus.com
SecurityFocus	BUGTRAQ	www.securityfocus.com
NTP CVE-2016-4953 Denial of Service Vulnerability	BID	www.securityfocus.com	Third Party Advisory, VDB Entry
ntp Multiple Bugs Let Remote Users Modify Parameters and Deny Service - SecurityTracker	SECTRACK	www.securitytracker.com	Third Party Advisory, VDB Entry
support.ntp.org/bin/view/Main/SecurityNotice	CONFIRM	support.ntp.org	Vendor Advisory
Multiple Vulnerabilities in Network Time Protocol Daemon Affecting Cisco Products: June 2016	CISCO	tools.cisco.com
SecurityFocus	BUGTRAQ	www.securityfocus.com
Vulnerability Note VU#321640 - NTP.org ntpd is vulnerable to denial of service and other vulnerabilities	CERT-VN	www.kb.cert.org	Third Party Advisory, US Government Resource
Slackware Security Advisory - ntp Updates ≈ Packet Storm	MISC	packetstormsecurity.com
[security-announce] SUSE-SU-2016:1563-1: important: Security update for	SUSE	lists.opensuse.org	Mailing List, Third Party Advisory
SecurityFocus	BUGTRAQ	www.securityfocus.com
[security-announce] SUSE-SU-2016:1912-1: important: Security update for	SUSE	lists.opensuse.org
[security-announce] SUSE-SU-2016:2094-1: important: Security update for	SUSE	lists.opensuse.org
SecurityFocus	BUGTRAQ	www.securityfocus.com
Siemens TIM 4R-IE Devices \| CISA	CONFIRM	us-cert.cisa.gov
FreeBSD Security Advisory - FreeBSD-SA-16:24.ntp ≈ Packet Storm	MISC	packetstormsecurity.com
[security-announce] SUSE-SU-2016:1584-1: important: Security update for	SUSE	lists.opensuse.org	Mailing List, Third Party Advisory
FreeBSD-SA-16:24	FREEBSD	security.FreeBSD.org	Third Party Advisory
cert-portal.siemens.com/productcert/pdf/ssa-497656.pdf	CONFIRM	cert-portal.siemens.com
CVE Program record	CVE.ORG	www.cve.org	canonical
NVD vulnerability detail	NVD	nvd.nist.gov	canonical, analysis

No vendor comments have been submitted for this CVE.

Legacy QID Mappings

590721 Siemens TIM 4R-IE Devices Multiple Vulnerabilities (ICSA-21-103-11)
590736 Siemens SIMATIC NET CP 443-1 OPC UA Multiple Vulnerabilities (ICSA-21-159-11)
690292 Free Berkeley Software Distribution (FreeBSD) Security Update for FreeBSD (7cfcea05-600a-11e6-a6c3-14dae9d210b8)