Executive Summary

Summary
Title NTP vulnerabilities
Informations
Name USN-2567-1 First vendor Publication 2015-04-13
Vendor Ubuntu Last vendor Modification 2015-04-13
Severity (Vendor) N/A Revision N/A

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:A/AC:M/Au:N/C:N/I:P/A:P)
Cvss Base Score 4.3 Attack Range Adjacent network
Cvss Impact Score 4.9 Attack Complexity Medium
Cvss Expoit Score 5.5 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

A security issue affects these releases of Ubuntu and its derivatives:

- Ubuntu 14.10 - Ubuntu 14.04 LTS - Ubuntu 12.04 LTS

Summary:

Several security issues were fixed in NTP.

Software Description: - ntp: Network Time Protocol daemon and utility programs

Details:

Miroslav Lichvar discovered that NTP incorrectly validated MAC fields. A remote attacker could possibly use this issue to bypass authentication and spoof packets. (CVE-2015-1798)

Miroslav Lichvar discovered that NTP incorrectly handled certain invalid packets. A remote attacker could possibly use this issue to cause a denial of service. (CVE-2015-1799)

Juergen Perlinger discovered that NTP incorrectly generated MD5 keys on big-endian platforms. This issue could either cause ntp-keygen to hang, or could result in non-random keys. (CVE number pending)

Update instructions:

The problem can be corrected by updating your system to the following package versions:

Ubuntu 14.10:
ntp 1:4.2.6.p5+dfsg-3ubuntu2.14.10.3

Ubuntu 14.04 LTS:
ntp 1:4.2.6.p5+dfsg-3ubuntu2.14.04.3

Ubuntu 12.04 LTS:
ntp 1:4.2.6.p3+dfsg-1ubuntu3.4

In general, a standard system update will make all the necessary changes.

References:
http://www.ubuntu.com/usn/usn-2567-1
CVE-2015-1798, CVE-2015-1799

Package Information:
https://launchpad.net/ubuntu/+source/ntp/1:4.2.6.p5+dfsg-3ubuntu2.14.10.3
https://launchpad.net/ubuntu/+source/ntp/1:4.2.6.p5+dfsg-3ubuntu2.14.04.3
https://launchpad.net/ubuntu/+source/ntp/1:4.2.6.p3+dfsg-1ubuntu3.4

Original Source

Url : http://www.ubuntu.com/usn/USN-2567-1

CWE : Common Weakness Enumeration

% Id Name
100 % CWE-17 Code

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:28698
 
Oval ID: oval:org.mitre.oval:def:28698
Title: Symmetric-Key feature allows MAC address spoofing.
Description: The symmetric-key feature in the receive function in ntp_proto.c in ntpd in NTP 4.x before 4.2.8p2 requires a correct MAC only if the MAC field has a nonzero length, which makes it easier for man-in-the-middle attackers to spoof packets by omitting the MAC.
Family: unix Class: vulnerability
Reference(s): CVE-2015-1798
 Version: 3
Platform(s): HP-UX 11
 Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:28915
 
Oval ID: oval:org.mitre.oval:def:28915
Title: Symmetric-Key feature allows denial of service
Description: The symmetric-key feature in the receive function in ntp_proto.c in ntpd in NTP 3.x and 4.x before 4.2.8p2 performs state-variable updates upon receiving certain invalid packets, which makes it easier for man-in-the-middle attackers to cause a denial of service (synchronization loss) by spoofing the source IP address of a peer.
Family: unix Class: vulnerability
Reference(s): CVE-2015-1799
 Version: 3
Platform(s): HP-UX 11
 Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:29492
 
Oval ID: oval:org.mitre.oval:def:29492
Title: AIX 'NTPv4' vulnerability
Description: The symmetric-key feature in the receive function in ntp_proto.c in ntpd in NTP 3.x and 4.x before 4.2.8p2 performs state-variable updates upon receiving certain invalid packets, which makes it easier for man-in-the-middle attackers to cause a denial of service (synchronization loss) by spoofing the source IP address of a peer.
Family: unix Class: vulnerability
Reference(s): CVE-2015-1799
 Version: 5
Platform(s): IBM AIX 6.1
IBM AIX 7.1
 Product(s):
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 776

Nessus® Vulnerability Scanner

Date Description
2018-04-10 Name : The remote device is missing a vendor-supplied security patch.
File : cisco-sa-20150408-ntpd-iosxe.nasl - Type : ACT_GATHER_INFO
2018-04-10 Name : The remote device is missing a vendor-supplied security patch.
File : cisco-sa-20150408-ntpd-ios.nasl - Type : ACT_GATHER_INFO
2016-08-29 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2016-1912-1.nasl - Type : ACT_GATHER_INFO
2016-06-01 Name : The remote device is affected by multiple vulnerabilities.
File : cisco_ace_A5_3_3.nasl - Type : ACT_GATHER_INFO
2015-12-22 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20151119_ntp_on_SL7_x.nasl - Type : ACT_GATHER_INFO
2015-12-02 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2015-2231.nasl - Type : ACT_GATHER_INFO
2015-11-24 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2015-2231.nasl - Type : ACT_GATHER_INFO
2015-11-20 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2015-2231.nasl - Type : ACT_GATHER_INFO
2015-09-25 Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201509-01.nasl - Type : ACT_GATHER_INFO
2015-09-21 Name : The remote device is missing a vendor-supplied security patch.
File : f5_bigip_SOL16506.nasl - Type : ACT_GATHER_INFO
2015-08-25 Name : The remote AIX host is missing a security patch.
File : aix_IV74263.nasl - Type : ACT_GATHER_INFO
2015-08-25 Name : The remote AIX host is missing a security patch.
File : aix_IV74262.nasl - Type : ACT_GATHER_INFO
2015-08-25 Name : The remote AIX host is missing a security patch.
File : aix_IV74261.nasl - Type : ACT_GATHER_INFO
2015-08-25 Name : The remote AIX host is missing a security patch.
File : aix_IV73783.nasl - Type : ACT_GATHER_INFO
2015-08-04 Name : The remote Scientific Linux host is missing one or more security updates.
File : sl_20150722_ntp_on_SL6_x.nasl - Type : ACT_GATHER_INFO
2015-07-31 Name : The remote OracleVM host is missing one or more security updates.
File : oraclevm_OVMSA-2015-0102.nasl - Type : ACT_GATHER_INFO
2015-07-30 Name : The remote Oracle Linux host is missing one or more security updates.
File : oraclelinux_ELSA-2015-1459.nasl - Type : ACT_GATHER_INFO
2015-07-28 Name : The remote CentOS host is missing one or more security updates.
File : centos_RHSA-2015-1459.nasl - Type : ACT_GATHER_INFO
2015-07-23 Name : The remote Red Hat host is missing one or more security updates.
File : redhat-RHSA-2015-1459.nasl - Type : ACT_GATHER_INFO
2015-07-06 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2015-1173-1.nasl - Type : ACT_GATHER_INFO
2015-07-02 Name : The remote AIX host is missing a security patch.
File : aix_IV71096.nasl - Type : ACT_GATHER_INFO
2015-07-02 Name : The remote AIX host is missing a security patch.
File : aix_IV71094.nasl - Type : ACT_GATHER_INFO
2015-07-01 Name : The remote host is missing a Mac OS X update that fixes multiple security vul...
File : macosx_SecUpd2015-005.nasl - Type : ACT_GATHER_INFO
2015-07-01 Name : The remote host is missing a Mac OS X update that fixes multiple security vul...
File : macosx_10_10_4.nasl - Type : ACT_GATHER_INFO
2015-05-21 Name : The remote NTP server is affected by multiple vulnerabilities.
File : ntp_4_2_8p2.nasl - Type : ACT_GATHER_INFO
2015-05-20 Name : The remote SUSE host is missing one or more security updates.
File : suse_SU-2015-0865-1.nasl - Type : ACT_GATHER_INFO
2015-05-07 Name : The remote Amazon Linux AMI host is missing a security update.
File : ala_ALAS-2015-520.nasl - Type : ACT_GATHER_INFO
2015-04-29 Name : The remote Fedora host is missing a security update.
File : fedora_2015-5830.nasl - Type : ACT_GATHER_INFO
2015-04-28 Name : The remote openSUSE host is missing a security update.
File : openSUSE-2015-330.nasl - Type : ACT_GATHER_INFO
2015-04-24 Name : The remote device is missing a vendor-supplied security patch.
File : f5_bigip_SOL16505.nasl - Type : ACT_GATHER_INFO
2015-04-23 Name : The remote Fedora host is missing a security update.
File : fedora_2015-5874.nasl - Type : ACT_GATHER_INFO
2015-04-23 Name : The remote Fedora host is missing a security update.
File : fedora_2015-5761.nasl - Type : ACT_GATHER_INFO
2015-04-22 Name : The remote Slackware host is missing a security update.
File : Slackware_SSA_2015-111-08.nasl - Type : ACT_GATHER_INFO
2015-04-14 Name : The remote Ubuntu host is missing a security-related patch.
File : ubuntu_USN-2567-1.nasl - Type : ACT_GATHER_INFO
2015-04-14 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-3223.nasl - Type : ACT_GATHER_INFO
2015-04-13 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2015-202.nasl - Type : ACT_GATHER_INFO
2015-04-13 Name : The remote Debian host is missing a security update.
File : debian_DLA-192.nasl - Type : ACT_GATHER_INFO
2015-04-08 Name : The remote FreeBSD host is missing one or more security-related updates.
File : freebsd_pkg_ebd84c96dd7e11e4854e3c970e169bc2.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
1
Date Informations
2015-04-15 13:28:36
  • Multiple Updates
2015-04-13 21:25:43
  • First insertion