SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Device (Router/Bridge/Hub)  >   Brocade Switch Vendors:   Brocade Communications Systems
(Brocade Communications Systems Issues Fix for Brocade 5400 and 5600 vRouters) ntp Multiple Flaws Let Remote Users Spoof Messages, Obtain Potentially Sensitive Information, and Deny Service
SecurityTracker Alert ID:  1035942
SecurityTracker URL:  http://securitytracker.com/id/1035942
CVE Reference:   CVE-2015-7973, CVE-2015-7978   (Links to External Site)
Date:  May 21 2016
Impact:   Denial of service via network, Disclosure of system information, Disclosure of user information, Modification of user information
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): Brocade 5400 and 5600 vRouters
Description:   Multiple vulnerabilities were reported in ntp. A remote user can cause denial of service conditions on the target system. A remote user can obtain potentially sensitive information on the target system. A remote user can impersonate ntp peers. Brocade 5400 and 5600 vRouters are affected.

A remote user can conduct a replay attack against authenticated broadcast mode packets [CVE-2015-7973].

A remote authenticated user can exploit a key check flaw to impersonate a peer [CVE-2015-7974].

A remote user can send specially crafted data to trigger a buffer overflow in the nextvar() function in ntpq and cause the target service to crash [CVE-2015-7975].

A remote authenticated user can send an ntpq saveconfig command with specially crafted filename characters to cause unintended results [CVE-2015-7976].

A remote user can send a specially crafted ntpdc reslist command to trigger a null pointer dereference and cause the target service to crash [CVE-2015-7977].

A remote user can send a specially crafted reslist command to consume all available stack memory [CVE-2015-7978].

A remote user can send a specially crafted broadcast mode packet to cause the target broadcast client to tear down the association with the broadcast server [CVE-2015-7979].

A remote server can send a specially crafted packet with an origin timestamp of zero to bypass the timestamp validation check in certain cases [CVE-2015-8138].

A remote user can send specially crafted data to trigger an infinite loop in ntpq [CVE-2015-8158].

A remote user can trigger an origin leak in ntpq and ntpdc to obtain potentially sensitive information [CVE-2015-8139].

A remote user on the local network may be able to conduct replay attacks against ntpq [CVE-2015-8140].

Cisco ASIG reported these vulnerabilities.

Impact:   A remote user can cause denial of service conditions.

A remote user can obtain potentially sensitive information on the target system.

A remote authenticated user can impersonate an ntp peer.

Solution:   Brocade Communications Systems has issued a fix for CVE-2015-7973 and CVE-2015-7978 for Brocade 5400 (6.7R13) and 5600 (5.0R1) vRouters.

The Brocade Communications Systems advisory is available at:

http://www.brocade.com/content/dam/common/documents/content-types/security-bulletin/brocade-security-advisory-2016-006.pdf

Vendor URL:  www.brocade.com/content/dam/common/documents/content-types/security-bulletin/brocade-security-advisory-2016-006.pdf (Links to External Site)
Cause:   Access control error, Authentication error, Boundary error

Message History:   This archive entry is a follow-up to the message listed below.
Jan 22 2016 ntp Multiple Flaws Let Remote Users Spoof Messages, Obtain Potentially Sensitive Information, and Deny Service



 Source Message Contents



[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2019, SecurityGlobal.net LLC