Описание
Multiple stack-based buffer overflows in ntpd in NTP before 4.2.8 allow remote attackers to execute arbitrary code via a crafted packet, related to (1) the crypto_recv function when the Autokey Authentication feature is used, (2) the ctl_putdata function, and (3) the configure function.
Multiple buffer overflow flaws were discovered in ntpd's crypto_recv(), ctl_putdata(), and configure() functions. A remote attacker could use either of these flaws to send a specially crafted request packet that could crash ntpd or, potentially, execute arbitrary code with the privileges of the ntp user. Note: the crypto_recv() flaw requires non default configurations to be active, while the ctl_putdata() flaw, by default, can only be exploited via local attackers, and the configure() flaw requires additional authentication to exploit.
Меры по смягчению последствий
Add these lines (included by default starting with Red Hat Enterprise Linux 5) to the configuration file /etc/ntp.conf: restrict default kod nomodify notrap nopeer noquery restrict -6 default kod nomodify notrap nopeer noquery restrict 127.0.0.1 restrict -6 ::1 This restricts server-type functionality to localhost. If ntpd needs to perform time service for specific hosts and networks, you have to list them with suitable restrict statements.
Затронутые пакеты
| Платформа | Пакет | Состояние | Рекомендация | Релиз |
|---|---|---|---|---|
| Red Hat Enterprise Linux 4 | ntp | Will not fix | ||
| Red Hat Enterprise Linux 5 | ntp | Fixed | RHSA-2014:2025 | 20.12.2014 |
| Red Hat Enterprise Linux 6 | ntp | Fixed | RHSA-2014:2024 | 20.12.2014 |
| Red Hat Enterprise Linux 6.5 Extended Update Support | ntp | Fixed | RHSA-2015:0104 | 28.01.2015 |
| Red Hat Enterprise Linux 7 | ntp | Fixed | RHSA-2014:2024 | 20.12.2014 |
Показывать по
Дополнительная информация
Статус:
6.8 Medium
CVSS2
Связанные уязвимости
Multiple stack-based buffer overflows in ntpd in NTP before 4.2.8 allow remote attackers to execute arbitrary code via a crafted packet, related to (1) the crypto_recv function when the Autokey Authentication feature is used, (2) the ctl_putdata function, and (3) the configure function.
Multiple stack-based buffer overflows in ntpd in NTP before 4.2.8 allow remote attackers to execute arbitrary code via a crafted packet, related to (1) the crypto_recv function when the Autokey Authentication feature is used, (2) the ctl_putdata function, and (3) the configure function.
Multiple stack-based buffer overflows in ntpd in NTP before 4.2.8 allo ...
Multiple stack-based buffer overflows in ntpd in NTP before 4.2.8 allow remote attackers to execute arbitrary code via a crafted packet, related to (1) the crypto_recv function when the Autokey Authentication feature is used, (2) the ctl_putdata function, and (3) the configure function.
Уязвимость микропрограммного обеспечения системы коммуникаций Cisco Unified Communications Manager, позволяющая удаленному злоумышленнику выполнить произвольный код
6.8 Medium
CVSS2