CVE-2018-7182 — HIGH (7.5) — White Hats Nepal

Vulnerability Description

The ctl_getitem method in ntpd in ntp-4.2.8p6 before 4.2.8p11 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted mode 6 packet with a ntpd instance from 4.2.8p6 through 4.2.8p10.

CVSS Score

7.5

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

NONE

Integrity

NONE

Availability

HIGH

Affected Products

Vendor	Product	Versions
Ntp	Ntp	4.2.8
Canonical	Ubuntu Linux	17.10
Netapp	Element Software	-

Related Weaknesses (CWE)

CWE-125

References

http://packetstormsecurity.com/files/146631/Slackware-Security-Advisory-ntp-UpdaThird Party AdvisoryVDB Entry
http://support.ntp.org/bin/view/Main/NtpBug3412MitigationVendor Advisory
http://www.securityfocus.com/archive/1/541824/100/0/threadedThird Party AdvisoryVDB Entry
http://www.securityfocus.com/bid/103191Third Party AdvisoryVDB Entry
https://security.FreeBSD.org/advisories/FreeBSD-SA-18:02.ntp.ascPatchThird Party Advisory
https://security.gentoo.org/glsa/201805-12Third Party Advisory
https://security.netapp.com/advisory/ntap-20180626-0001/Third Party Advisory
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpe
https://usn.ubuntu.com/3707-1/Third Party Advisory
https://www.exploit-db.com/exploits/45846/ExploitThird Party AdvisoryVDB Entry
https://www.synology.com/support/security/Synology_SA_18_13Third Party Advisory
http://packetstormsecurity.com/files/146631/Slackware-Security-Advisory-ntp-UpdaThird Party AdvisoryVDB Entry
http://support.ntp.org/bin/view/Main/NtpBug3412MitigationVendor Advisory
http://www.securityfocus.com/archive/1/541824/100/0/threadedThird Party AdvisoryVDB Entry
http://www.securityfocus.com/bid/103191Third Party AdvisoryVDB Entry

FAQ

What is CVE-2018-7182?

CVE-2018-7182 is a vulnerability with a CVSS score of 7.5 (HIGH). The ctl_getitem method in ntpd in ntp-4.2.8p6 before 4.2.8p11 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted mode 6 packet with a ntpd instance from 4.2.8p6 th...

How severe is CVE-2018-7182?

CVE-2018-7182 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2018-7182?

Check the references section above for vendor advisories and patch information. Affected products include: Ntp Ntp, Canonical Ubuntu Linux, Netapp Element Software.