CVE-2016-5117

EUVD-2016-6068
OpenNTPD before 6.0p1 does not validate the CN for HTTPS constraint requests, which allows remote attackers to bypass the man-in-the-middle mitigations via a crafted timestamp constraint with a valid certificate.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTPrimary
5.9 MEDIUM
NETWORK
HIGH
NONE
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:N
Base Score
CVSS 3.x
EPSS Score
Percentile: 50%
Affected Products (NVD)
VendorProductVersion
openntpdopenntpd
𝑥
≤ 6.0
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
openntpd
bookworm
1:6.2p3-4.2
fixed
bullseye
1:6.2p3-4.2
fixed
jessie
not-affected
sid
1:6.2p3-4.2
fixed
trixie
1:6.2p3-4.2
fixed
wheezy
not-affected
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
openntpd
artful
ignored
bionic
not-affected
cosmic
not-affected
disco
not-affected
precise
ignored
trusty
not-affected
wily
ignored
xenial
not-affected
yakkety
ignored
zesty
ignored
Common Weakness Enumeration
References
http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.sbin/ntpd/constraint.c.diff?r1=1.27&r2=1.28
http://www.openntpd.org/txt/release-6.0p1.txt
http://www.openwall.com/lists/oss-security/2016/05/23/2
http://www.openwall.com/lists/oss-security/2016/05/29/6
http://cvsweb.openbsd.org/cgi-bin/cvsweb/src/usr.sbin/ntpd/constraint.c.diff?r1=1.27&r2=1.28
http://www.openntpd.org/txt/release-6.0p1.txt
http://www.openwall.com/lists/oss-security/2016/05/23/2
http://www.openwall.com/lists/oss-security/2016/05/29/6