Public exploit available

Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2016-0727 — Ubuntu Linux vulnerability

CWE-26410 documents8 sources

Severity

7.8HIGHNVD

OSV6.5

EPSS

0.9%

top 24.53%

CISA KEV

Not in KEV

Exploit

PoC available

Public exploit / PoC exists

Affected products

NTP Debian NTP Canonical Ubuntu Linux

Timeline

PublishedApr 14

Latest updateMay 17

Description

The crontab script in the ntp package before 1:4.2.6.p3+dfsg-1ubuntu3.11 on Ubuntu 12.04 LTS, before 1:4.2.6.p5+dfsg-3ubuntu2.14.04.10 on Ubuntu 14.04 LTS, on Ubuntu Wily, and before 1:4.2.8p4+dfsg-3ubuntu5.3 on Ubuntu 16.04 LTS allows local users with access to the ntp account to write to arbitrary files and consequently gain privileges via vectors involving statistics directory cleanup.

CVSS vector

CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:HExploitability: 1.8 | Impact: 5.9

Affected Packages3 packages

▶debiandebian/ntp< ntp 1:4.2.8p9+dfsg-2 (bullseye)

▶Debianntp/ntp< 1:4.2.8p9+dfsg-2

▶Ubuntuntp/ntp< 1:4.2.6.p5+dfsg-3ubuntu2.14.04.10+1

Also affects: Ubuntu Linux 12.04, 14.04, 16.04

Patches

Patch: bugs.launchpad.net ↗Patch: bugs.launchpad.net ↗

🔴Vulnerability Details

GHSA

GHSA-c7qx-m9c7-8wm7: The crontab script in the ntp package before 1:4↗2022-05-17

▶

OSV

CVE-2016-0727: The crontab script in the ntp package before 1:4↗2017-04-14

▶

OSV

ntp vulnerabilities↗2016-10-05

▶

💥Exploits & PoCs

Exploit-DB

NTP - Local Privilege Escalation↗2016-01-21

▶

📋Vendor Advisories

Ubuntu

NTP vulnerabilities↗2016-10-05

▶

Red Hat

ntp: Privilege escalation via cronjob↗2016-01-21

▶

Debian

CVE-2016-0727: ntp - The crontab script in the ntp package before 1:4.2.6.p3+dfsg-1ubuntu3.11 on Ubun...↗2016

▶

💬Community

Bugzilla

CVE-2016-0727 ntp: Privilege escalation via cronjob↗2016-10-06

▶

Bugzilla

CVE-2016-0727 ntp: Privilege escalation via cronjob [fedora-all]↗2016-10-06

▶