Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

suse-cvrf логотип

SUSE-SU-2015:0259-3

Опубликовано: 21 июл. 2014
Источник: suse-cvrf

Описание

Security update for ntp

The NTP time service could have been used for remote denial of service amplification attacks.

This issue can be fixed by the administrator as we described in our security advisory SUSE-SA:2014:001

http://lists.opensuse.org/opensuse-security-announce/2014-01/msg00005.html http://lists.opensuse.org/opensuse-security-announce/2014-01/msg00005.html

and on

http://support.novell.com/security/cve/CVE-2013-5211.html http://support.novell.com/security/cve/CVE-2013-5211.html

this update now also replaces the default ntp.conf template to fix this problem.

Please note that if you have touched or modified ntp.conf yourself, it will not be automatically fixed, you need to merge the changes manually as described.

Additionally the following bug has been fixed:

* ntp start script does not update /var/lib/ntp/etc/localtime file if /etc/localtime is symlink (bnc#838458)

Security Issues:

* CVE-2013-5211 <http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-5211>

Список пакетов

SUSE Linux Enterprise Server 11 SP1-LTSS
ntp-4.2.4p8-1.24.1
ntp-doc-4.2.4p8-1.24.1
SUSE Linux Enterprise Server 11 SP1-TERADATA
ntp-4.2.4p8-1.24.1
ntp-doc-4.2.4p8-1.24.1

Ссылки

Описание

The monlist feature in ntp_request.c in ntpd in NTP before 4.2.7p26 allows remote attackers to cause a denial of service (traffic amplification) via forged (1) REQ_MON_GETLIST or (2) REQ_MON_GETLIST_1 requests, as exploited in the wild in December 2013.

Затронутые продукты
SUSE Linux Enterprise Server 11 SP1-LTSS:ntp-4.2.4p8-1.24.1
SUSE Linux Enterprise Server 11 SP1-LTSS:ntp-doc-4.2.4p8-1.24.1
SUSE Linux Enterprise Server 11 SP1-TERADATA:ntp-4.2.4p8-1.24.1
SUSE Linux Enterprise Server 11 SP1-TERADATA:ntp-doc-4.2.4p8-1.24.1
Ссылки

Описание

The config_auth function in ntpd in NTP before 4.2.7p11, when an auth key is not configured, improperly generates a key, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via a brute-force attack.

Затронутые продукты
SUSE Linux Enterprise Server 11 SP1-LTSS:ntp-4.2.4p8-1.24.1
SUSE Linux Enterprise Server 11 SP1-LTSS:ntp-doc-4.2.4p8-1.24.1
SUSE Linux Enterprise Server 11 SP1-TERADATA:ntp-4.2.4p8-1.24.1
SUSE Linux Enterprise Server 11 SP1-TERADATA:ntp-doc-4.2.4p8-1.24.1
Ссылки

Описание

util/ntp-keygen.c in ntp-keygen in NTP before 4.2.7p230 uses a weak RNG seed, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via a brute-force attack.

Затронутые продукты
SUSE Linux Enterprise Server 11 SP1-LTSS:ntp-4.2.4p8-1.24.1
SUSE Linux Enterprise Server 11 SP1-LTSS:ntp-doc-4.2.4p8-1.24.1
SUSE Linux Enterprise Server 11 SP1-TERADATA:ntp-4.2.4p8-1.24.1
SUSE Linux Enterprise Server 11 SP1-TERADATA:ntp-doc-4.2.4p8-1.24.1
Ссылки

Описание

Multiple stack-based buffer overflows in ntpd in NTP before 4.2.8 allow remote attackers to execute arbitrary code via a crafted packet, related to (1) the crypto_recv function when the Autokey Authentication feature is used, (2) the ctl_putdata function, and (3) the configure function.

Затронутые продукты
SUSE Linux Enterprise Server 11 SP1-LTSS:ntp-4.2.4p8-1.24.1
SUSE Linux Enterprise Server 11 SP1-LTSS:ntp-doc-4.2.4p8-1.24.1
SUSE Linux Enterprise Server 11 SP1-TERADATA:ntp-4.2.4p8-1.24.1
SUSE Linux Enterprise Server 11 SP1-TERADATA:ntp-doc-4.2.4p8-1.24.1
Ссылки

Описание

DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2014-9750, CVE-2014-9751. Reason: this ID was intended for one issue, but was associated with two issues. Notes: All CVE users should consult CVE-2014-9750 and CVE-2014-9751 to identify the ID or IDs of interest. All references and descriptions in this candidate have been removed to prevent accidental usage

Затронутые продукты
SUSE Linux Enterprise Server 11 SP1-LTSS:ntp-4.2.4p8-1.24.1
SUSE Linux Enterprise Server 11 SP1-LTSS:ntp-doc-4.2.4p8-1.24.1
SUSE Linux Enterprise Server 11 SP1-TERADATA:ntp-4.2.4p8-1.24.1
SUSE Linux Enterprise Server 11 SP1-TERADATA:ntp-doc-4.2.4p8-1.24.1
Ссылки

Описание

DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2014-9750, CVE-2014-9751. Reason: this ID was intended for one issue, but was associated with two issues. Notes: All CVE users should consult CVE-2014-9750 and CVE-2014-9751 to identify the ID or IDs of interest. All references and descriptions in this candidate have been removed to prevent accidental usage

Затронутые продукты
SUSE Linux Enterprise Server 11 SP1-LTSS:ntp-4.2.4p8-1.24.1
SUSE Linux Enterprise Server 11 SP1-LTSS:ntp-doc-4.2.4p8-1.24.1
SUSE Linux Enterprise Server 11 SP1-TERADATA:ntp-4.2.4p8-1.24.1
SUSE Linux Enterprise Server 11 SP1-TERADATA:ntp-doc-4.2.4p8-1.24.1
Ссылки

Описание

The symmetric-key feature in the receive function in ntp_proto.c in ntpd in NTP 3.x and 4.x before 4.2.8p2 performs state-variable updates upon receiving certain invalid packets, which makes it easier for man-in-the-middle attackers to cause a denial of service (synchronization loss) by spoofing the source IP address of a peer.

Затронутые продукты
SUSE Linux Enterprise Server 11 SP1-LTSS:ntp-4.2.4p8-1.24.1
SUSE Linux Enterprise Server 11 SP1-LTSS:ntp-doc-4.2.4p8-1.24.1
SUSE Linux Enterprise Server 11 SP1-TERADATA:ntp-4.2.4p8-1.24.1
SUSE Linux Enterprise Server 11 SP1-TERADATA:ntp-doc-4.2.4p8-1.24.1
Ссылки

Описание

ntp-keygen in ntp 4.2.8px before 4.2.8p2-RC2 and 4.3.x before 4.3.12 does not generate MD5 keys with sufficient entropy on big endian machines when the lowest order byte of the temp variable is between 0x20 and 0x7f and not #, which might allow remote attackers to obtain the value of generated MD5 keys via a brute force attack with the 93 possible keys.

Затронутые продукты
SUSE Linux Enterprise Server 11 SP1-LTSS:ntp-4.2.4p8-1.24.1
SUSE Linux Enterprise Server 11 SP1-LTSS:ntp-doc-4.2.4p8-1.24.1
SUSE Linux Enterprise Server 11 SP1-TERADATA:ntp-4.2.4p8-1.24.1
SUSE Linux Enterprise Server 11 SP1-TERADATA:ntp-doc-4.2.4p8-1.24.1
Ссылки