FortiClient Vulnerability

Security Vulnerabilities fixed in NTP 2901

Description

An ntpd client that honors Kiss-of-Death responses will honor KoD messages that have been forged by an attacker, causing it to delay or stop querying its servers for time updates. Also, an attacker can forge packets that claim to be from the target and send them to servers often enough that a server that implements KoD rate limiting will send the target machine a KoD response to attempt to reduce the rate of incoming packets, or it may also trigger a firewall block at the server for packets from the target machine. For either of these attacks to succeed, the attacker must know what servers the target is communicating with. An attacker can be anywhere on the Internet and can frequently learn the identity of the target's time source by sending the target a time query.

Affected Applications

NTP

CVE References

CVE-2015-7705 CVE-2015-7704

Other References

http://support.ntp.org/bin/view/Main/NtpBug2901

ID	38899
Created	Jan 17, 2020
Description Updated	Dec 21, 2023
Risk
Coverage	FortiClient
OS	Linux
Vendor	NetworkTimeFoundation
Patch	manual
Application	NTP

Protect

Detect

Respond

Recover

Identify

Network Security

Endpoint Security

Application Security

Security Operations

FortiClient Vulnerability

Security Vulnerabilities fixed in NTP 2901

Description

Affected Applications

CVE References

Other References

News/Research

Research Center

PSIRT Center

Services

By Outbreak

By Solution

By Product

Protect

Detect

Respond

Recover

Identify

Network Security

Endpoint Security

Application Security

Security Operations

Threat Intelligence Center

Resource Center

About

FortiGuard Labs

Partners

FortiClient Vulnerability

Security Vulnerabilities fixed in NTP 2901

Description

Affected Applications

CVE References

Other References

Threat Intelligence
Center