Talos Vulnerability Report


Network Time Protocol Remote Configuration Denial of Service Vulnerability

October 21, 2015
CVE Number



An exploitable denial of service vulnerability exists in the remote configuration functionality of the Network Time Protocol. A specially crafted configuration file could cause an endless loop resulting in a denial of service. An attacker could provide a the malicious configuration file to trigger this vulnerability.

Tested Versions

ntp 4.2.8p2

Product URLs



When sending a remote configuration file, an attacker can enable extended logging via the logconfig=allall setting. An attacker can also set the keys file when specifying this remote configuration. If the attacker sets the keys file to be the log file, the key parsing will go into an endless loop. NTP will log an invalid key in parsing, and will then subsequently parse that line as a key and again log the error, continuing in an infinite loop.


Yves Younan of Cisco Talos