NVD Vulnerability Detail

CVE-2016-1550

Summary	An exploitable vulnerability exists in the message authentication functionality of libntp in ntp 4.2.8p4 and NTPSec a5fb34b9cc89b92a8fef2f459004865c93bb7f92. An attacker can send a series of crafted messages to attempt to recover the message digest key.
Publication Date	Jan. 7, 2017, 6:59 a.m.
Registration Date	Jan. 26, 2021, 2:07 p.m.
Last Update	Nov. 21, 2024, 11:46 a.m.

CVSS3.0 : MEDIUM
スコア	5.3
Vector	CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N
攻撃元区分(AV)	ネットワーク
攻撃条件の複雑さ(AC)	低
攻撃に必要な特権レベル(PR)	不要
利用者の関与(UI)	不要
影響の想定範囲(S)	変更なし
機密性への影響(C)	低
完全性への影響(I)	なし
可用性への影響(A)	なし

CVSS2.0 : MEDIUM
Score	5.0
Vector	AV:N/AC:L/Au:N/C:P/I:N/A:N
攻撃元区分(AV)	ネットワーク
攻撃条件の複雑さ(AC)	低
攻撃前の認証要否(Au)	不要
機密性への影響(C)	低
完全性への影響(I)	なし
可用性への影響(A)	なし
Get all privileges.	いいえ
Get user privileges	いいえ
Get other privileges	いいえ
User operation required	いいえ

Affected software configurations

Configuration1		or higher	or less	more than	less than
cpe:2.3:a:ntp:ntp:4.2.8:p4::::::

Related information, measures and tools

No	URL	タグ
1	http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183647.html
2	http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183647.html
3	http://lists.fedoraproject.org/pipermail/package-announce/2016-May/184669.html
4	http://lists.fedoraproject.org/pipermail/package-announce/2016-May/184669.html
5	http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00034.html
6	http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00034.html
7	http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00037.html
8	http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00037.html
9	http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00052.html
10	http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00052.html
11	http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00001.html
12	http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00001.html
13	http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00020.html
14	http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00020.html
15	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00026.html
16	http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00026.html
17	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00042.html
18	http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00042.html
19	http://lists.opensuse.org/opensuse-updates/2016-05/msg00114.html
20	http://lists.opensuse.org/opensuse-updates/2016-05/msg00114.html
21	http://packetstormsecurity.com/files/136864/Slackware-Security-Advisory-ntp-Updates.html
22	http://packetstormsecurity.com/files/136864/Slackware-Security-Advisory-ntp-Updates.html
23	http://rhn.redhat.com/errata/RHSA-2016-1552.html
24	http://rhn.redhat.com/errata/RHSA-2016-1552.html
25	http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160428-ntpd
26	http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160428-ntpd
27	http://www.debian.org/security/2016/dsa-3629
28	http://www.debian.org/security/2016/dsa-3629
29	http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html
30	http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html
31	http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html
32	http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html
33	http://www.securityfocus.com/archive/1/538233/100/0/threaded
34	http://www.securityfocus.com/archive/1/538233/100/0/threaded
35	http://www.securityfocus.com/archive/1/archive/1/538233/100/0/threaded
36	http://www.securityfocus.com/archive/1/archive/1/538233/100/0/threaded
37	http://www.securityfocus.com/bid/88261
38	http://www.securityfocus.com/bid/88261
39	http://www.securitytracker.com/id/1035705
40	http://www.securitytracker.com/id/1035705
41	http://www.talosintelligence.com/reports/TALOS-2016-0084/	Technical Description Third Party Advisory
42	http://www.talosintelligence.com/reports/TALOS-2016-0084/	Technical Description Third Party Advisory
43	http://www.ubuntu.com/usn/USN-3096-1
44	http://www.ubuntu.com/usn/USN-3096-1
45	https://access.redhat.com/errata/RHSA-2016:1141
46	https://access.redhat.com/errata/RHSA-2016:1141
47	https://cert-portal.siemens.com/productcert/pdf/ssa-211752.pdf
48	https://cert-portal.siemens.com/productcert/pdf/ssa-211752.pdf
49	https://cert-portal.siemens.com/productcert/pdf/ssa-497656.pdf
50	https://cert-portal.siemens.com/productcert/pdf/ssa-497656.pdf
51	https://security.FreeBSD.org/advisories/FreeBSD-SA-16:16.ntp.asc
52	https://security.FreeBSD.org/advisories/FreeBSD-SA-16:16.ntp.asc
53	https://security.gentoo.org/glsa/201607-15
54	https://security.gentoo.org/glsa/201607-15
55	https://security.netapp.com/advisory/ntap-20171004-0002/
56	https://security.netapp.com/advisory/ntap-20171004-0002/
57	https://us-cert.cisa.gov/ics/advisories/icsa-21-103-11
58	https://us-cert.cisa.gov/ics/advisories/icsa-21-103-11
59	https://us-cert.cisa.gov/ics/advisories/icsa-21-159-11
60	https://us-cert.cisa.gov/ics/advisories/icsa-21-159-11
61	https://www.arista.com/en/support/advisories-notices/security-advisories/1332-security-advisory-19
62	https://www.arista.com/en/support/advisories-notices/security-advisories/1332-security-advisory-19
63	https://www.debian.org/security/2016/dsa-3629
64	https://www.debian.org/security/2016/dsa-3629
65	https://www.kb.cert.org/vuls/id/718152
66	https://www.kb.cert.org/vuls/id/718152
67	https://www.talosintelligence.com/vulnerability_reports/TALOS-2016-0084
68	https://www.talosintelligence.com/vulnerability_reports/TALOS-2016-0084

Common Vulnerabilities List

No	CWE	Name	URL
1	CWE-200	情報漏えい	https://cwe.mitre.org/data/definitions/200.html

JVN Vulnerability Information

NTP の libntp のメッセージ認証機能におけるメッセージダイジェストの鍵の回復を試行される脆弱性

Title	NTP の libntp のメッセージ認証機能におけるメッセージダイジェストの鍵の回復を試行される脆弱性
Summary	NTP の libntp のメッセージ認証機能には、メッセージダイジェストの鍵の回復を試行される脆弱性が存在します。
Possible impacts	攻撃者により、一連の巧妙に細工されたメッセージを送信されることで、メッセージダイジェストの鍵の回復を試行される可能性があります。
Solution	ベンダより正式な対策が公開されています。ベンダ情報を参照して適切な対策を実施してください。
Publication Date	April 26, 2016, midnight
Registration Date	Jan. 19, 2017, 10:56 a.m.
Last Update	June 10, 2021, 6:01 p.m.

Affected System

NTP Project

NTP 4.2.8p4 およびそれ以前

CVE (情報セキュリティ共通脆弱性識別子)

No	Name	URL
Common Vulnerabilities and Exposures (CVE)
1	CVE-2016-1550	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1550
National Vulnerability Database (NVD)
2	CVE-2016-1550	http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2016-1550

CWE (共通脆弱性タイプ一覧)

No	Name	URL
JVNDB
1	CWE-20	https://jvndb.jvn.jp/ja/cwe/CWE-20.html
2	CWE-200	https://jvndb.jvn.jp/ja/cwe/CWE-200.html

ベンダー情報

No	Name	URL
Oracle Critical Patch Update
1	Oracle Critical Patch Update Advisory - July 2016	http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html
Oracle Technology Network
2	Oracle Linux Bulletin - April 2016	http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html
3	Oracle Solaris Third Party Bulletin - April 2016	http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html
Security Notice
4	April 2016 ntp-4.2.8p7 Security Vulnerability Announcement (Medium)	http://support.ntp.org/bin/view/Main/SecurityNotice#April_2016_NTP_4_2_8p7_Security
Talos Vulnerability Report
5	TALOS-2016-0084	http://www.talosintelligence.com/reports/TALOS-2016-0084/

その他

No	Name	URL
JVN
1	JVNVU#91176422	http://jvn.jp/vu/JVNVU91176422/
2	JVNVU#95781418	https://jvn.jp/vu/JVNVU95781418/index.html
3	JVNVU#96269392	https://jvn.jp/vu/JVNVU96269392/index.html
US-CERT Vulnerability Note
4	VU#718152	https://www.kb.cert.org/vuls/id/718152

Change Log

No	Changed Details	Date of change
1	[2021年04月16日] 参考情報：JVN (JVNVU#96269392) を追加	April 16, 2021, 3:06 p.m.
0	[2017年01月19日] 掲載	Feb. 17, 2018, 10:37 a.m.
2	[2021年06月10日] 参考情報：JVN (JVNVU#95781418) を追加	June 10, 2021, 12:26 p.m.