ntpd in NTP 4.x before 4.2.8p8, when autokey is enabled, allows remote attackers to cause a denial of service (peer-variable clearing and association outage) by sending (1) a spoofed crypto-NAK packet or (2) a packet with an incorrect MAC value at a certain time.
The MITRE CVE dictionary describes this issue as:
Find out more about CVE-2016-4955 from the MITRE CVE dictionary dictionary and NIST NVD.
NOTE: The following CVSS v2 metrics and score provided are preliminary and subject to review.
| Base Score | 2.6 |
|---|---|
| Base Metrics | AV:N/AC:H/Au:N/C:N/I:N/A:P |
| Access Vector | Network |
| Access Complexity | High |
| Authentication | None |
| Confidentiality Impact | None |
| Integrity Impact | None |
| Availability Impact | Partial |
Find out more about Red Hat support for the Common Vulnerability Scoring System (CVSS).
| Platform | Package | State |
|---|---|---|
| Red Hat Enterprise Linux 7 | ntp | Fix deferred |
| Red Hat Enterprise Linux 6 | ntp | Fix deferred |
| Red Hat Enterprise Linux 5 | ntp | Will not fix |
Disable autokey authentication. Instead, configure ntp to use symmetric key authentication, or no authentication at all (if not required). To configure ntp with symmetric key authentication, follow the steps at https://access.redhat.com/solutions/393663
Vulmon