Juniper Networks
Solutions
Products & Services
Company
Partners
Support
Education

Signature Detail

Security Intelligence Center
Signatures
Print

This site is deprecated. Please CLICK HERE for latest updates

Short Name

 NTP:CRYPTO-NAK-AUTH-BYPASS

Severity

 Major

Recommended

 Yes

Recommended Action

 Drop

Category

 NTP

Keywords

 Network Time Protocol Daemon crypto-NAK Authentication Bypass

Release Date

 2016/02/08

Update Number

 2642

Supported Platforms

 idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+

NTP: Network Time Protocol Daemon crypto-NAK Authentication Bypass


This signature detects attempts to exploit a known vulnerability against NTP Daemon. The vulnerability is due to improper validation of crypto-NAK packets that leads to an NTP Symmetric association to be established with an unauthorized peer. A remote, unauthenticated attacker can exploit this vulnerability by sending a crafted crypto-NAK NTP packet to the vulnerable service. Successful exploitation will let the attacker change the time on the target system, resulting in a policy bypass and potentially other security vulnerabilities.

Extended Description

Crypto-NAK packets in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to bypass authentication.

Affected Products

  • Debian debian_linux 7.0
  • Debian debian_linux 8.0
  • Debian debian_linux 9.0
  • Netapp clustered_data_ontap -
  • Netapp data_ontap -
  • Netapp oncommand_balance -
  • Netapp oncommand_performance_manager -
  • Netapp oncommand_unified_manager -
  • Ntp ntp 4.2.5
  • Ntp ntp 4.2.6
  • Ntp ntp 4.2.7
  • Ntp ntp 4.2.7p444
  • Ntp ntp 4.2.8
  • Ntp ntp 4.3.0
  • Ntp ntp 4.3.1
  • Ntp ntp 4.3.10
  • Ntp ntp 4.3.11
  • Ntp ntp 4.3.12
  • Ntp ntp 4.3.13
  • Ntp ntp 4.3.14
  • Ntp ntp 4.3.15
  • Ntp ntp 4.3.16
  • Ntp ntp 4.3.17
  • Ntp ntp 4.3.18
  • Ntp ntp 4.3.19
  • Ntp ntp 4.3.2
  • Ntp ntp 4.3.20
  • Ntp ntp 4.3.21
  • Ntp ntp 4.3.22
  • Ntp ntp 4.3.23
  • Ntp ntp 4.3.24
  • Ntp ntp 4.3.25
  • Ntp ntp 4.3.26
  • Ntp ntp 4.3.27
  • Ntp ntp 4.3.28
  • Ntp ntp 4.3.29
  • Ntp ntp 4.3.3
  • Ntp ntp 4.3.30
  • Ntp ntp 4.3.31
  • Ntp ntp 4.3.32
  • Ntp ntp 4.3.33
  • Ntp ntp 4.3.34
  • Ntp ntp 4.3.35
  • Ntp ntp 4.3.36
  • Ntp ntp 4.3.37
  • Ntp ntp 4.3.38
  • Ntp ntp 4.3.39
  • Ntp ntp 4.3.4
  • Ntp ntp 4.3.40
  • Ntp ntp 4.3.41
  • Ntp ntp 4.3.42
  • Ntp ntp 4.3.43
  • Ntp ntp 4.3.44
  • Ntp ntp 4.3.45
  • Ntp ntp 4.3.46
  • Ntp ntp 4.3.47
  • Ntp ntp 4.3.48
  • Ntp ntp 4.3.49
  • Ntp ntp 4.3.5
  • Ntp ntp 4.3.50
  • Ntp ntp 4.3.51
  • Ntp ntp 4.3.52
  • Ntp ntp 4.3.53
  • Ntp ntp 4.3.54
  • Ntp ntp 4.3.55
  • Ntp ntp 4.3.56
  • Ntp ntp 4.3.57
  • Ntp ntp 4.3.58
  • Ntp ntp 4.3.59
  • Ntp ntp 4.3.6
  • Ntp ntp 4.3.60
  • Ntp ntp 4.3.61
  • Ntp ntp 4.3.62
  • Ntp ntp 4.3.63
  • Ntp ntp 4.3.64
  • Ntp ntp 4.3.65
  • Ntp ntp 4.3.66
  • Ntp ntp 4.3.67
  • Ntp ntp 4.3.68
  • Ntp ntp 4.3.69
  • Ntp ntp 4.3.7
  • Ntp ntp 4.3.70
  • Ntp ntp 4.3.71
  • Ntp ntp 4.3.72
  • Ntp ntp 4.3.73
  • Ntp ntp 4.3.74
  • Ntp ntp 4.3.75
  • Ntp ntp 4.3.76
  • Ntp ntp 4.3.8
  • Ntp ntp 4.3.9

References

  • CVE: CVE-2015-7871

Site Map
RSS Feeds
Careers
Accessibility
Feedback
Privacy Policy
Legal Notices
Copyright © 1999-2010 Juniper Networks, Inc. All rights reserved.
Help
|
My Account
|
Log Out