Vulnerabilidad en la función process_packet en ntp_proto.c en ntpd en NTP (CVE-2016-4954)
Gravedad CVSS v3.1:
ALTA
Tipo:
CWE-362
Ejecución concurrente utilizando recursos compartidos con una incorrecta sincronización (Condición de carrera)
Fecha de publicación:
05/07/2016
Última modificación:
12/04/2025
Descripción
La función process_packet en ntp_proto.c en ntpd en NTP 4.x en versiones anteriores a 4.2.8p8 permite a atacantes remotos provocar una denegación de servicio (modificación de par variable) enviando paquetes falsificados desde muchas direcciones IP de origen en un determinado escenario, según lo demostrado desencadenando una indicación de salto incorrecta.
Impacto
Puntuación base 3.x
7.50
Gravedad 3.x
ALTA
Puntuación base 2.0
5.00
Gravedad 2.0
MEDIA
Productos y versiones vulnerables
| CPE | Desde | Hasta |
|---|---|---|
| cpe:2.3:a:ntp:ntp:*:*:*:*:*:*:*:* | 4.2.0 (incluyendo) | 4.2.8 (excluyendo) |
| cpe:2.3:a:ntp:ntp:*:*:*:*:*:*:*:* | 4.3.0 (incluyendo) | 4.3.93 (excluyendo) |
| cpe:2.3:a:ntp:ntp:4.2.8:-:*:*:*:*:*:* | ||
| cpe:2.3:a:ntp:ntp:4.2.8:p1:*:*:*:*:*:* | ||
| cpe:2.3:a:ntp:ntp:4.2.8:p1-beta1:*:*:*:*:*:* | ||
| cpe:2.3:a:ntp:ntp:4.2.8:p1-beta2:*:*:*:*:*:* | ||
| cpe:2.3:a:ntp:ntp:4.2.8:p1-beta3:*:*:*:*:*:* | ||
| cpe:2.3:a:ntp:ntp:4.2.8:p1-beta4:*:*:*:*:*:* | ||
| cpe:2.3:a:ntp:ntp:4.2.8:p1-beta5:*:*:*:*:*:* | ||
| cpe:2.3:a:ntp:ntp:4.2.8:p1-rc1:*:*:*:*:*:* | ||
| cpe:2.3:a:ntp:ntp:4.2.8:p1-rc2:*:*:*:*:*:* | ||
| cpe:2.3:a:ntp:ntp:4.2.8:p2:*:*:*:*:*:* | ||
| cpe:2.3:a:ntp:ntp:4.2.8:p2-rc1:*:*:*:*:*:* | ||
| cpe:2.3:a:ntp:ntp:4.2.8:p2-rc2:*:*:*:*:*:* | ||
| cpe:2.3:a:ntp:ntp:4.2.8:p2-rc3:*:*:*:*:*:* |
Para consultar la lista completa de nombres de CPE con productos y versiones, ver esta página
Referencias a soluciones, herramientas e información
- http://bugs.ntp.org/3044
- http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00018.html
- http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00020.html
- http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00023.html
- http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00024.html
- http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00028.html
- http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00040.html
- http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00026.html
- http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00042.html
- http://packetstormsecurity.com/files/137321/Slackware-Security-Advisory-ntp-Updates.html
- http://packetstormsecurity.com/files/137322/FreeBSD-Security-Advisory-FreeBSD-SA-16-24.ntp.html
- http://support.ntp.org/bin/view/Main/NtpBug3044
- http://support.ntp.org/bin/view/Main/SecurityNotice
- http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160603-ntpd
- http://www.kb.cert.org/vuls/id/321640
- http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html
- http://www.securityfocus.com/archive/1/538599/100/0/threaded
- http://www.securityfocus.com/archive/1/538600/100/0/threaded
- http://www.securityfocus.com/archive/1/540683/100/0/threaded
- http://www.securityfocus.com/archive/1/archive/1/538599/100/0/threaded
- http://www.securityfocus.com/archive/1/archive/1/538600/100/0/threaded
- http://www.securityfocus.com/archive/1/archive/1/540683/100/0/threaded
- http://www.securitytracker.com/id/1036037
- http://www.ubuntu.com/usn/USN-3096-1
- https://cert-portal.siemens.com/productcert/pdf/ssa-211752.pdf
- https://cert-portal.siemens.com/productcert/pdf/ssa-497656.pdf
- https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03757en_us
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/K3EYJQHJZ2KTVQ7ICEFHXTLZ36MRASWX/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ORAMN3Q7TVJ54MBYF75XCJOE3DP7LYHT/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WNWGCQLW2VY72NIUYMJOCAKJKTXHDUK2/
- https://security.FreeBSD.org/advisories/FreeBSD-SA-16:24.ntp.asc
- https://security.gentoo.org/glsa/201607-15
- https://us-cert.cisa.gov/ics/advisories/icsa-21-103-11
- https://us-cert.cisa.gov/ics/advisories/icsa-21-159-11
- https://www.kb.cert.org/vuls/id/321640
- http://bugs.ntp.org/3044
- http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00018.html
- http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00020.html
- http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00023.html
- http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00024.html
- http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00028.html
- http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00040.html
- http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00026.html
- http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00042.html
- http://packetstormsecurity.com/files/137321/Slackware-Security-Advisory-ntp-Updates.html
- http://packetstormsecurity.com/files/137322/FreeBSD-Security-Advisory-FreeBSD-SA-16-24.ntp.html
- http://support.ntp.org/bin/view/Main/NtpBug3044
- http://support.ntp.org/bin/view/Main/SecurityNotice
- http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160603-ntpd
- http://www.kb.cert.org/vuls/id/321640
- http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html
- http://www.securityfocus.com/archive/1/538599/100/0/threaded
- http://www.securityfocus.com/archive/1/538600/100/0/threaded
- http://www.securityfocus.com/archive/1/540683/100/0/threaded
- http://www.securityfocus.com/archive/1/archive/1/538599/100/0/threaded
- http://www.securityfocus.com/archive/1/archive/1/538600/100/0/threaded
- http://www.securityfocus.com/archive/1/archive/1/540683/100/0/threaded
- http://www.securitytracker.com/id/1036037
- http://www.ubuntu.com/usn/USN-3096-1
- https://cert-portal.siemens.com/productcert/pdf/ssa-211752.pdf
- https://cert-portal.siemens.com/productcert/pdf/ssa-497656.pdf
- https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03757en_us
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/K3EYJQHJZ2KTVQ7ICEFHXTLZ36MRASWX/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ORAMN3Q7TVJ54MBYF75XCJOE3DP7LYHT/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WNWGCQLW2VY72NIUYMJOCAKJKTXHDUK2/
- https://security.FreeBSD.org/advisories/FreeBSD-SA-16:24.ntp.asc
- https://security.gentoo.org/glsa/201607-15
- https://us-cert.cisa.gov/ics/advisories/icsa-21-103-11
- https://us-cert.cisa.gov/ics/advisories/icsa-21-159-11
- https://www.kb.cert.org/vuls/id/321640