SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Generic)  >   ntp Vendors:   ntp.org
ntp Multiple Flaws Let Remote Users Spoof Messages, Obtain Potentially Sensitive Information, and Deny Service
SecurityTracker Alert ID:  1034782
SecurityTracker URL:  http://securitytracker.com/id/1034782
CVE Reference:   CVE-2015-7973, CVE-2015-7974, CVE-2015-7975, CVE-2015-7976, CVE-2015-7977, CVE-2015-7978, CVE-2015-7979, CVE-2015-8138, CVE-2015-8139, CVE-2015-8140, CVE-2015-8158   (Links to External Site)
Date:  Jan 22 2016
Impact:   Denial of service via network, Disclosure of system information, Disclosure of user information, Modification of user information
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): prior to 4.2.8p6
Description:   Multiple vulnerabilities were reported in ntp. A remote user can cause denial of service conditions on the target system. A remote user can obtain potentially sensitive information on the target system. A remote user can impersonate ntp peers.

A remote user can conduct a replay attack against authenticated broadcast mode packets [CVE-2015-7973].

A remote authenticated user can exploit a key check flaw to impersonate a peer [CVE-2015-7974].

A remote user can send specially crafted data to trigger a buffer overflow in the nextvar() function in ntpq and cause the target service to crash [CVE-2015-7975].

A remote authenticated user can send an ntpq saveconfig command with specially crafted filename characters to cause unintended results [CVE-2015-7976].

A remote user can send a specially crafted ntpdc reslist command to trigger a null pointer dereference and cause the target service to crash [CVE-2015-7977].

A remote user can send a specially crafted reslist command to consume all available stack memory [CVE-2015-7978].

A remote user can send a specially crafted broadcast mode packet to cause the target broadcast client to tear down the association with the broadcast server [CVE-2015-7979].

A remote server can send a specially crafted packet with an origin timestamp of zero to bypass the timestamp validation check in certain cases [CVE-2015-8138].

A remote user can send specially crafted data to trigger an infinite loop in ntpq [CVE-2015-8158].

A remote user can trigger an origin leak in ntpq and ntpdc to obtain potentially sensitive information [CVE-2015-8139].

A remote user on the local network may be able to conduct replay attacks against ntpq [CVE-2015-8140].

Cisco ASIG reported these vulnerabilities.

Impact:   A remote user can cause denial of service conditions.

A remote user can obtain potentially sensitive information on the target system.

A remote authenticated user can impersonate an ntp peer.

Solution:   The vendor has issued a fix (4.2.8p6).

The vendor's advisory is available at:

http://support.ntp.org/bin/view/Main/SecurityNotice#January_2016_NTP_4_2_8p6_Securit

Vendor URL:  support.ntp.org/bin/view/Main/SecurityNotice#January_2016_NTP_4_2_8p6_Securit (Links to External Site)
Cause:   Access control error, Authentication error, Boundary error
Underlying OS:  Linux (Any), UNIX (Any)

Message History:   This archive entry has one or more follow-up message(s) listed below.
Jan 25 2016 (Red Hat Issues Fix) ntp Multiple Flaws Let Remote Users Spoof Messages, Obtain Potentially Sensitive Information, and Deny Service
Red Hat has issued a fix for Red Hat Enterprise Linux 6 and 7.
Jan 25 2016 (CentOS Issues Fix) ntp Multiple Flaws Let Remote Users Spoof Messages, Obtain Potentially Sensitive Information, and Deny Service
CentOS has issued a fix for CentOS 6 and 7.
Jan 25 2016 (Oracle Issues Fix for Oracle Linux) ntp Multiple Flaws Let Remote Users Spoof Messages, Obtain Potentially Sensitive Information, and Deny Service
Oracle has issued a fix for Oracle Linux 6 and 7.
Jan 29 2016 (FreeBSD Issues Fix) ntp Multiple Flaws Let Remote Users Spoof Messages, Obtain Potentially Sensitive Information, and Deny Service
FreeBSD has issued a fix for FreeBSD 9.3, 10.1, and 10.2.
Mar 22 2016 (IBM Issues Fix for IBM Security Network Protection) ntp Multiple Flaws Let Remote Users Spoof Messages, Obtain Potentially Sensitive Information, and Deny Service
IBM has issued a fix for IBM Security Network Protection 5.3.1 and 5.3.2.
May 6 2016 (Cisco Issues Advisory for Cisco Unified MeetingPlace) ntp Multiple Flaws Let Remote Users Spoof Messages, Obtain Potentially Sensitive Information, and Deny Service
Cisco has issued an advisory for Cisco Unified MeetingPlace.
May 6 2016 (Cisco Issues Advisory for Cisco Jabber Guest) ntp Multiple Flaws Let Remote Users Spoof Messages, Obtain Potentially Sensitive Information, and Deny Service
Cisco has issued an advisory for Cisco Jabber Guest.
May 10 2016 (Red Hat Issues Fix) ntp Multiple Flaws Let Remote Users Spoof Messages, Obtain Potentially Sensitive Information, and Deny Service
Red Hat has issued a fix for Red Hat Enterprise Linux 6.
May 21 2016 (Brocade Communications Systems Issues Fix for Brocade 5400 and 5600 vRouters) ntp Multiple Flaws Let Remote Users Spoof Messages, Obtain Potentially Sensitive Information, and Deny Service
Brocade Communications Systems has issued a fix for Brocade 5400 and 5600 vRouters.
May 31 2016 (Red Hat Issues Fix) ntp Multiple Flaws Let Remote Users Spoof Messages, Obtain Potentially Sensitive Information, and Deny Service
Red Hat has issued a fix for Red Hat Enterprise Linux 6 and 7.
Jun 1 2016 (Oracle Issues Fix for Oracle Linux) ntp Multiple Flaws Let Remote Users Spoof Messages, Obtain Potentially Sensitive Information, and Deny Service
Oracle has issued a fix for Oracle Linux 6 and 7.
Jun 9 2016 (IBM Issues Fix for IBM AIX) ntp Multiple Flaws Let Remote Users Spoof Messages, Obtain Potentially Sensitive Information, and Deny Service
IBM has issued a fix for IBM AIX 5.3, 6.1, 7.1, and 7.2.
Aug 3 2016 (Red Hat Issues Fix) ntp Multiple Flaws Let Remote Users Spoof Messages, Obtain Potentially Sensitive Information, and Deny Service
Red Hat has issued a fix for Red Hat Enterprise Linux 6.7.
Aug 19 2016 (Palo Alto Networks Issues Fix for Palo Alto PAN-OS) ntp Multiple Flaws Let Remote Users Spoof Messages, Obtain Potentially Sensitive Information, and Deny Service
Palo Alto Networks has issued a fix for Palo Alto PAN-OS.
Sep 7 2016 (IBM Issues Fix for IBM AIX) ntp Multiple Flaws Let Remote Users Spoof Messages, Obtain Potentially Sensitive Information, and Deny Service
IBM has issued a fix for IBM AIX 5.3, 6.1, 7.1, and 7.2.
Sep 13 2016 (IBM Issues Fix for IBM Security Access Manager) ntp Multiple Flaws Let Remote Users Spoof Messages, Obtain Potentially Sensitive Information, and Deny Service
IBM has issued a fix for IBM Security Access Manager.
Oct 6 2016 (Ubuntu Issues Fix) ntp Multiple Flaws Let Remote Users Spoof Messages, Obtain Potentially Sensitive Information, and Deny Service
Ubuntu has issued a fix for Ubuntu Linux 12.04 LTS, 14.04 LTS, and 16.04 LTS.
Nov 3 2016 (Red Hat Issues Fix) ntp Multiple Flaws Let Remote Users Spoof Messages, Obtain Potentially Sensitive Information, and Deny Service
Red Hat has issued a fix for Red Hat Enterprise Linux 7.
Jun 21 2017 (IBM Issues Fix for IBM Flex System Manager) ntp Multiple Flaws Let Remote Users Spoof Messages, Obtain Potentially Sensitive Information, and Deny Service
IBM has issued a fix for IBM Flex System Manager 1.3.2.0, 1.3.2.1, 1.3.3.0, and 1.3.4.0.
Jul 13 2017 (Juniper Issues Fix for Juniper Junos Space) ntp Multiple Flaws Let Remote Users Spoof Messages, Obtain Potentially Sensitive Information, and Deny Service
Juniper has issued a fix for Juniper Junos Space.
Oct 26 2017 (Oracle Issues Fix for Oracle Linux) ntp Multiple Flaws Let Remote Users Spoof Messages, Obtain Potentially Sensitive Information, and Deny Service
Oracle has issued a fix for Oracle Linux 6.



 Source Message Contents



[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2019, SecurityGlobal.net LLC