Connect with us

Hi, what are you looking for?



Audit Finds Over a Dozen NTP Vulnerabilities

Researchers at Germany-based security firm Cure53 have conducted a 32-day audit of the Network Time Protocol (NTP) and the NTPsec project and discovered more than a dozen vulnerabilities.

Researchers at Germany-based security firm Cure53 have conducted a 32-day audit of the Network Time Protocol (NTP) and the NTPsec project and discovered more than a dozen vulnerabilities.

Experts identified a total of 16 security-related issues, including 8 weaknesses that only affect NTP and two that only impact NTPsec, which is meant to be a secure, hardened and improved implementation of NTP. Cure53 has published separate reports focusing on the NTP and NTPsec problems.

The Network Time Foundation addressed the flaws earlier this month with the release of ntp-4.2.8p10.

Cure53 has classified one vulnerability as being critical. CVE-2017-6460, which only affects NTP, has been described as a stack-based buffer overflow that can be triggered by a malicious server when a client requests the restriction list. The flaw can be exploited to cause a crash and possibly to execute arbitrary code.

The security holes rated by Cure53 as high severity are CVE-2017-6463 and CVE-2017-6464, both of which can be exploited for DoS attacks.

It’s worth noting that while some of the vulnerabilities have been classified as critical and high severity by Cure53, NTP developers have only assigned medium, low and informational-level severity ratings to the discovered flaws.

Ntp-4.2.8p10 patches a total of 15 vulnerabilities and also includes just as many non-security fixes and improvements. Of the 15 security holes resolved in the latest version, 14 were discovered by Cure53, which also noticed that a flaw initially patched in December 2014 was reintroduced in November 2016.

One of the vulnerabilities fixed in ntp-4.2.8p10 was reported by researchers at Cisco Talos. Experts identified a DoS vulnerability affecting the origin timestamp check functionality. The company has published a blog post and a technical advisory describing the issue.

Advertisement. Scroll to continue reading.

This is not the only audit conducted recently by Cure53. In the past months, the company also analyzed the cURL data transfer tool and the Dovecot email server.

Related: NTP Servers Exposed to Long-Distance Wireless Attacks

Related: Several DoS Vulnerabilities Patched in NTP

Related: High Severity DoS Vulnerability Patched in NTP

Written By

Eduard Kovacs (@EduardKovacs) is a managing editor at SecurityWeek. He worked as a high school IT teacher for two years before starting a career in journalism as Softpedia’s security news reporter. Eduard holds a bachelor’s degree in industrial informatics and a master’s degree in computer techniques applied in electrical engineering.

Click to comment


Daily Briefing Newsletter

Subscribe to the SecurityWeek Email Briefing to stay informed on the latest threats, trends, and technology, along with insightful columns from industry experts.

Gain valuable insights from industry professionals who will help guide you through the intricacies of industrial cybersecurity.


Join us for an in depth exploration of the critical nature of software and vendor supply chain security issues with a focus on understanding how attacks against identity infrastructure come with major cascading effects.


Expert Insights

Related Content


Less than a week after announcing that it would suspended service indefinitely due to a conflict with an (at the time) unnamed security researcher...

Data Breaches

OpenAI has confirmed a ChatGPT data breach on the same day a security firm reported seeing the use of a component affected by an...

IoT Security

A group of seven security researchers have discovered numerous vulnerabilities in vehicles from 16 car makers, including bugs that allowed them to control car...


A researcher at IOActive discovered that home security systems from SimpliSafe are plagued by a vulnerability that allows tech savvy burglars to remotely disable...

Risk Management

The supply chain threat is directly linked to attack surface management, but the supply chain must be known and understood before it can be...


Patch Tuesday: Microsoft calls attention to a series of zero-day remote code execution attacks hitting its Office productivity suite.


Patch Tuesday: Microsoft warns vulnerability (CVE-2023-23397) could lead to exploitation before an email is viewed in the Preview Pane.


The latest Chrome update brings patches for eight vulnerabilities, including seven reported by external researchers.