QwikSec

Security Database

CVE

CWE

Training

CVE-2016-1550

Published: Jan 6, 2017

Modified: Aug 5, 2024

PUBLISHED

Description

An exploitable vulnerability exists in the message authentication functionality of libntp in ntp 4.2.8p4 and NTPSec a5fb34b9cc89b92a8fef2f459004865c93bb7f92. An attacker can send a series of crafted messages to attempt to recover the message digest key.

Vendor	Product	Versions
NTP Project	NTP	affected `4.2.8p3` affected `4.2.8p4`
NTPsec Project	NTPSec	affected `a5fb34b9cc89b92a8fef2f459004865c93bb7f92`

References

vendor-advisory

x_refsource_UBUNTU

vendor-advisory

x_refsource_DEBIAN

http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html

x_refsource_CONFIRM

vendor-advisory

x_refsource_REDHAT

SUSE-SU-2016:1912

vendor-advisory

x_refsource_SUSE

third-party-advisory

x_refsource_CERT-VN

vendor-advisory

x_refsource_REDHAT

vdb-entry

x_refsource_SECTRACK

http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html

x_refsource_CONFIRM

https://security.netapp.com/advisory/ntap-20171004-0002/

x_refsource_CONFIRM

http://www.talosintelligence.com/reports/TALOS-2016-0084/

x_refsource_MISC

20160428 Multiple Vulnerabilities in Network Time Protocol Daemon Affecting Cisco Products: April 2016

vendor-advisory

x_refsource_CISCO

FreeBSD-SA-16:16

vendor-advisory

x_refsource_FREEBSD

vdb-entry

x_refsource_BID

SUSE-SU-2016:2094

vendor-advisory

x_refsource_SUSE

openSUSE-SU-2016:1423

vendor-advisory

x_refsource_SUSE

vendor-advisory

x_refsource_GENTOO

openSUSE-SU-2016:1329

vendor-advisory

x_refsource_SUSE

http://packetstormsecurity.com/files/136864/Slackware-Security-Advisory-ntp-Updates.html

x_refsource_MISC

SUSE-SU-2016:1471

vendor-advisory

x_refsource_SUSE

FEDORA-2016-5b2eb0bf9c

vendor-advisory

x_refsource_FEDORA

SUSE-SU-2016:1291

vendor-advisory

x_refsource_SUSE

vendor-advisory

x_refsource_DEBIAN

https://www.talosintelligence.com/vulnerability_reports/TALOS-2016-0084

x_refsource_MISC

20160429 [slackware-security] ntp (SSA:2016-120-01)

mailing-list

x_refsource_BUGTRAQ

SUSE-SU-2016:1568

vendor-advisory

x_refsource_SUSE

20160429 [slackware-security] ntp (SSA:2016-120-01)

mailing-list

x_refsource_BUGTRAQ

SUSE-SU-2016:1278

vendor-advisory

x_refsource_SUSE

FEDORA-2016-ed8c6c0426

vendor-advisory

x_refsource_FEDORA

https://cert-portal.siemens.com/productcert/pdf/ssa-497656.pdf

x_refsource_CONFIRM

https://us-cert.cisa.gov/ics/advisories/icsa-21-103-11

x_refsource_MISC

https://cert-portal.siemens.com/productcert/pdf/ssa-211752.pdf

x_refsource_CONFIRM

https://us-cert.cisa.gov/ics/advisories/icsa-21-159-11

x_refsource_MISC

https://www.arista.com/en/support/advisories-notices/security-advisories/1332-security-advisory-19

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.