Network Time Protocol Daemon (ntpd) Information Disclosure

medium Nessus Plugin ID 84288

Synopsis

The remote NTP server is affected by an information disclosure vulnerability.

Description

The remote NTP server is affected by an information disclosure vulnerability due to improper validation of the 'vallen' value in extension fields in 'ntp_crypto.c'. This allows a remote attacker to disclose sensitive information.

Note that this plugin requires both the scanner IP and target IP to not go through Network Address Translation (NAT) when communicating with each other.

Solution

Upgrade to NTP version 4.2.8p1 or later.

See Also

http://support.ntp.org/bin/view/Main/SecurityNotice

Plugin Details

Severity: Medium

ID: 84288

File Name: ntp_cve-2014-9297.nbin

Version: 1.76

Type: remote

Family: Misc.

Published: 6/19/2015

Updated: 7/17/2024

Configuration: Enable paranoid mode

Supported Sensors: Nessus

Vulnerability Information

CPE: cpe:/a:ntp:ntp

Required KB Items: NTP/Running, Settings/ParanoidReport

Exploit Ease: No known exploits are available

Patch Publication Date: 2/4/2015

Vulnerability Publication Date: 12/19/2014

Reference Information

CVE: CVE-2014-9297

BID: 72583

CERT: 852879