[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244625

 
 

909

 
 

193379

 
 

277

Paid content will be excluded from the download.


Download | Alert*
OVAL

ALAS-2018-1009 ---- ntp

ID: oval:org.secpod.oval:def:1600883Date: (C)2018-05-15   (M)2024-03-15
Class: PATCHFamily: unix




Ephemeral association time spoofing additional protectionntpd in ntp 4.2.x before 4.2.8p7 and 4.3.x before 4.3.92 allows authenticated users that know the private symmetric key to create arbitrarily-many ephemeral associations in order to win the clock selection of ntpd and modify a victim#039;s clock via a Sybil attack. This issue exists because of an incomplete fix for CVE-2016-1549 .Interleaved symmetric mode cannot recover from bad statentpd in ntp 4.2.8p4 before 4.2.8p11 drops bad packets before updating the received timestamp, which allows remote attackers to cause a denial of service by sending a packet with a zero-origin timestamp causing the association to reset and setting the contents of the packet as the most recent timestamp. This issue is a result of an incomplete fix for CVE-2015-7704 .Ephemeral association time spoofingA malicious authenticated peer can create arbitrarily-many ephemeral associations in order to win the clock selection algorithm in ntpd in NTP 4.2.8p4 and earlier and NTPsec 3e160db8dc248a0bcb053b56a80167dc742d2b74 and a5fb34b9cc89b92a8fef2f459004865c93bb7f92 and modify a victim#039;s clock.Buffer read overrun leads information leak in ctl_getitemThe ctl_getitem method in ntpd in ntp-4.2.8p6 before 4.2.8p11 allows remote attackers to cause a denial of service via a crafted mode 6 packet with a ntpd instance from 4.2.8p6 through 4.2.8p10. Unauthenticated packet can reset authenticated interleaved associationThe protocol engine in ntp 4.2.6 before 4.2.8p11 allows a remote attackers to cause a denial of service by continually sending a packet with a zero-origin timestamp and source IP address of the other side of an interleaved association causing the victim ntpd to reset its association.decodearr can write beyond its buffer limitBuffer overflow in the decodearr function in ntpq in ntp 4.2.8p6 through 4.2.8p10 allows remote attackers to execute arbitrary code by leveraging an ntpq query and sending a response with a crafted array.

Platform:
Amazon Linux AMI
Product:
ntp
Reference:
ALAS-2018-1009
CVE-2018-7185
CVE-2018-7184
CVE-2018-7183
CVE-2018-7182
CVE-2018-7170
CVE-2016-1549
CVE-2013-5211
CVE    7
CVE-2016-1549
CVE-2013-5211
CVE-2018-7170
CVE-2018-7182
...
CPE    546
cpe:/a:ntp:ntp:4.2.7:p159
cpe:/a:ntp:ntp:4.2.7:p157
cpe:/a:ntp:ntp:4.2.7:p278
cpe:/a:ntp:ntp:4.2.7:p399
...

© SecPod Technologies