Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.871612
Category:Red Hat Local Security Checks
Title:RedHat Update for ntp RHSA-2016:0780-01
Summary:The remote host is missing an update for the 'ntp'; package(s) announced via the referenced advisory.
Description:Summary:
The remote host is missing an update for the 'ntp'
package(s) announced via the referenced advisory.

Vulnerability Insight:
The Network Time Protocol (NTP) is used to synchronize a computer's time
with another referenced time source. These packages include the ntpd
service which continuously adjusts system time and utilities used to query
and configure the ntpd service.

Security Fix(es):

* It was found that the fix for CVE-2014-9750 was incomplete: three issues
were found in the value length checks in NTP's ntp_crypto.c, where a packet
with particular autokey operations that contained malicious data was not
always being completely validated. A remote attacker could use a specially
crafted NTP packet to crash ntpd. (CVE-2015-7691, CVE-2015-7692,
CVE-2015-7702)

* A memory leak flaw was found in ntpd's CRYPTO_ASSOC. If ntpd was
configured to use autokey authentication, an attacker could send packets to
ntpd that would, after several days of ongoing attack, cause it to run out
of memory. (CVE-2015-7701)

* An off-by-one flaw, leading to a buffer overflow, was found in
cookedprint functionality of ntpq. A specially crafted NTP packet could
potentially cause ntpq to crash. (CVE-2015-7852)

* A NULL pointer dereference flaw was found in the way ntpd processed
'ntpdc reslist' commands that queried restriction lists with a large amount
of entries. A remote attacker could potentially use this flaw to crash
ntpd. (CVE-2015-7977)

* A stack-based buffer overflow flaw was found in the way ntpd processed
'ntpdc reslist' commands that queried restriction lists with a large amount
of entries. A remote attacker could use this flaw to crash ntpd.
(CVE-2015-7978)

* It was found that ntpd could crash due to an uninitialized variable when
processing malformed logconfig configuration commands. (CVE-2015-5194)

* It was found that ntpd would exit with a segmentation fault when a
statistics type that was not enabled during compilation (e.g. timingstats)
was referenced by the statistics or filegen configuration command.
(CVE-2015-5195)

* It was discovered that the sntp utility could become unresponsive due to
being caught in an infinite loop when processing a crafted NTP packet.
(CVE-2015-5219)

* It was found that NTP's :config command could be used to set the pidfile
and driftfile paths without any restrictions. A remote attacker could use
this flaw to overwrite a file on the file system with a file containing the
pid of the ntpd process (immediately) or the current estimated drift of the
system clock (in hourly intervals). (CVE-2015-7703)

The CVE-2015-5219 and CVE-2015-7703 issues were discovered by Miroslav
Lichvar (R ...

Description truncated, please see the referenced URL(s) for more information.

Affected Software/OS:
ntp on Red Hat Enterprise Linux Desktop (v. 6),
Red Hat Enterprise Linux Server (v. 6),
Red Hat Enterprise Linux Workstation (v. 6)

Solution:
Please Install the Updated Packages.

CVSS Score:
5.8

CVSS Vector:
AV:N/AC:M/Au:N/C:P/I:N/A:P

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2015-5194
BugTraq ID: 76475
http://www.securityfocus.com/bid/76475
Debian Security Information: DSA-3388 (Google Search)
http://www.debian.org/security/2015/dsa-3388
http://lists.fedoraproject.org/pipermail/package-announce/2015-October/169167.html
http://lists.fedoraproject.org/pipermail/package-announce/2015-November/170926.html
http://www.openwall.com/lists/oss-security/2015/08/25/3
RedHat Security Advisories: RHSA-2016:0780
http://rhn.redhat.com/errata/RHSA-2016-0780.html
RedHat Security Advisories: RHSA-2016:2583
http://rhn.redhat.com/errata/RHSA-2016-2583.html
SuSE Security Announcement: SUSE-SU:2016:1311 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00048.html
SuSE Security Announcement: SUSE-SU:2016:1912 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00026.html
SuSE Security Announcement: SUSE-SU:2016:2094 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00042.html
http://www.ubuntu.com/usn/USN-2783-1
Common Vulnerability Exposure (CVE) ID: CVE-2015-5195
BugTraq ID: 76474
http://www.securityfocus.com/bid/76474
http://lists.fedoraproject.org/pipermail/package-announce/2015-September/166992.html
Common Vulnerability Exposure (CVE) ID: CVE-2015-5219
BugTraq ID: 76473
http://www.securityfocus.com/bid/76473
SuSE Security Announcement: openSUSE-SU:2016:3280 (Google Search)
http://lists.opensuse.org/opensuse-updates/2016-12/msg00153.html
Common Vulnerability Exposure (CVE) ID: CVE-2015-7691
BugTraq ID: 77274
http://www.securityfocus.com/bid/77274
https://security.gentoo.org/glsa/201607-15
http://www.securitytracker.com/id/1033951
Common Vulnerability Exposure (CVE) ID: CVE-2015-7692
BugTraq ID: 77285
http://www.securityfocus.com/bid/77285
Common Vulnerability Exposure (CVE) ID: CVE-2015-7701
BugTraq ID: 77281
http://www.securityfocus.com/bid/77281
Common Vulnerability Exposure (CVE) ID: CVE-2015-7702
BugTraq ID: 77286
http://www.securityfocus.com/bid/77286
Common Vulnerability Exposure (CVE) ID: CVE-2015-7703
BugTraq ID: 77278
http://www.securityfocus.com/bid/77278
Common Vulnerability Exposure (CVE) ID: CVE-2015-7852
BugTraq ID: 77288
http://www.securityfocus.com/bid/77288
Common Vulnerability Exposure (CVE) ID: CVE-2015-7977
BugTraq ID: 81815
http://www.securityfocus.com/bid/81815
CERT/CC vulnerability note: VU#718152
https://www.kb.cert.org/vuls/id/718152
Cisco Security Advisory: 20160120 Multiple Vulnerabilities in Network Time Protocol Daemon Affecting Cisco Products - January 2016
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160127-ntpd
Debian Security Information: DSA-3629 (Google Search)
http://www.debian.org/security/2016/dsa-3629
http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177507.html
http://lists.fedoraproject.org/pipermail/package-announce/2016-January/176434.html
FreeBSD Security Advisory: FreeBSD-SA-16:09
https://security.FreeBSD.org/advisories/FreeBSD-SA-16:09.ntp.asc
http://www.securitytracker.com/id/1034782
SuSE Security Announcement: SUSE-SU-2016:1175 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00059.html
SuSE Security Announcement: SUSE-SU-2016:1177 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00060.html
SuSE Security Announcement: SUSE-SU-2016:1247 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00020.html
SuSE Security Announcement: SUSE-SU-2016:1311 (Google Search)
SuSE Security Announcement: SUSE-SU-2016:1912 (Google Search)
SuSE Security Announcement: SUSE-SU-2016:2094 (Google Search)
SuSE Security Announcement: openSUSE-SU-2016:1292 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00038.html
SuSE Security Announcement: openSUSE-SU-2016:1423 (Google Search)
http://lists.opensuse.org/opensuse-updates/2016-05/msg00114.html
http://www.ubuntu.com/usn/USN-3096-1
Common Vulnerability Exposure (CVE) ID: CVE-2015-7978
BugTraq ID: 81962
http://www.securityfocus.com/bid/81962
Common Vulnerability Exposure (CVE) ID: CVE-2014-9750
BugTraq ID: 72583
http://www.securityfocus.com/bid/72583
CERT/CC vulnerability note: VU#852879
http://www.kb.cert.org/vuls/id/852879
RedHat Security Advisories: RHSA-2015:1459
http://rhn.redhat.com/errata/RHSA-2015-1459.html
CopyrightCopyright (C) 2016 Greenbone Networks GmbH

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2024 E-Soft Inc. All rights reserved.