English | Deutsch | Español
 
Startseite ▼
Startseite Über uns Kontact Datenschutz Partnerprogramme Zeugnisse In der Presse Mailinglisten Missbrauch Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Sicherheits
Überprüfungs ▼
Home Dediziert Erweitert Standard Wiederkehrend Risikolos Desktop Basis Sicherheits Segal FAQ Preis/Funktionszusammenfassung Bestellen Neue Anfälligkeiten Alle Anfälligkeiten Vertraulichkeit Anfälligkeiten Suche Durchführen Terminkalender IP Permissions Maßgeschneidert Warteschlange Erinnerer Siegel Berichte Berichts Stil
Verwaltetes
DNS ▼
Info Bestellen/Erneuern FAQ AUP Dynamic DNS Clients
Domaine konfigurieren Dyanmic DNS Update Password
Netzwerk
Überwachung ▼
Enterprise Erweiterte Standard Gratis Test FAQ Preis/Funktionszusammenfassung Bestellen Beispiele
Konfigurieren/Status Alarm Profile
Recherce
Berichte ▼
Home FAQ Glossary Archive
 Anmeldung/Registrierung 
 
 Anfälligkeitssuche        Suche in 324607 CVE Beschreibungen
und 145615 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.0.131203
Kategorie:Mageia Linux Local Security Checks
Titel:Mageia: Security Advisory (MGASA-2016-0039)
Zusammenfassung:The remote host is missing an update for the 'ntp' package(s) announced via the MGASA-2016-0039 advisory.
Beschreibung:Summary:
The remote host is missing an update for the 'ntp' package(s) announced via the MGASA-2016-0039 advisory.

Vulnerability Insight:
In ntpd before 4.2.8p6, when used with symmetric key encryption, the
client would accept packets encrypted with keys for any configured server,
allowing a server to impersonate other servers to clients, thus performing
a man-in-the-middle attack. A server can be attacked by a client in a
similar manner (CVE-2015-7974).

A NULL pointer dereference flaw was found in the way ntpd processed 'ntpdc
reslist' commands that queried restriction lists with a large amount of
entries. A remote attacker could use this flaw to crash the ntpd process
(CVE-2015-7977).

A stack-based buffer overflow was found in the way ntpd processed 'ntpdc
reslist' commands that queried restriction lists with a large amount of
entries. A remote attacker could use this flaw to crash the ntpd process
(CVE-2015-7978).

It was found that when NTP is configured in broadcast mode, an off-path
attacker could broadcast packets with bad authentication (wrong key,
mismatched key, incorrect MAC, etc) to all clients. The clients, upon
receiving the malformed packets, would break the association with the
broadcast server. This could cause the time on affected clients to become
out of sync over a longer period of time (CVE-2015-7979).

A faulty protection against spoofing and replay attacks allows an attacker
to disrupt synchronization with kiss-of-death packets, take full control
of the clock, or cause ntpd to crash (CVE-2015-8138).

A flaw was found in the way the ntpq client certain processed incoming
packets in a loop in the getresponse() function. A remote attacker could
potentially use this flaw to crash an ntpq client instance
(CVE-2015-8158).

The ntp package has been patched to fix these issues and a few other bugs.

Note that there are still some unfixed issues. Two of those issues,
CVE-2015-8139 and CVE-2015-8140, are vulnerabilities to spoofing and
replay attacks that can be mitigated by either adding the noquery option
to all restrict entries in ntp.conf, configuring ntpd to get time from
multiple sources, or using a restriction list to limit who is allowed to
issue ntpq and ntpdc queries.

Additionally, the other unfixed issues can also be mitigated.
CVE-2015-7973, a replay attack issue, can be mitigated by not using
broadcast mode, and CVE-2015-7976, a bug that can cause globbing issues
on the server, can be mitigated by restricting use of the 'saveconfig'
command with the 'restrict nomodify' directive.

Affected Software/OS:
'ntp' package(s) on Mageia 5.

Solution:
Please install the updated package(s).

CVSS Score:
5.0

CVSS Vector:
AV:N/AC:L/Au:N/C:N/I:P/A:N

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2015-7974
BugTraq ID: 81960
http://www.securityfocus.com/bid/81960
Debian Security Information: DSA-3629 (Google Search)
http://www.debian.org/security/2016/dsa-3629
FreeBSD Security Advisory: FreeBSD-SA-16:09
https://security.FreeBSD.org/advisories/FreeBSD-SA-16:09.ntp.asc
https://security.gentoo.org/glsa/201607-15
http://www.talosintel.com/reports/TALOS-2016-0071/
https://us-cert.cisa.gov/ics/advisories/icsa-21-103-11
RedHat Security Advisories: RHSA-2016:2583
http://rhn.redhat.com/errata/RHSA-2016-2583.html
http://www.securitytracker.com/id/1034782
Common Vulnerability Exposure (CVE) ID: CVE-2015-7977
BugTraq ID: 81815
http://www.securityfocus.com/bid/81815
CERT/CC vulnerability note: VU#718152
https://www.kb.cert.org/vuls/id/718152
Cisco Security Advisory: 20160120 Multiple Vulnerabilities in Network Time Protocol Daemon Affecting Cisco Products - January 2016
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160127-ntpd
http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177507.html
http://lists.fedoraproject.org/pipermail/package-announce/2016-January/176434.html
RedHat Security Advisories: RHSA-2016:0780
http://rhn.redhat.com/errata/RHSA-2016-0780.html
SuSE Security Announcement: SUSE-SU-2016:1175 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00059.html
SuSE Security Announcement: SUSE-SU-2016:1177 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00060.html
SuSE Security Announcement: SUSE-SU-2016:1247 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00020.html
SuSE Security Announcement: SUSE-SU-2016:1311 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00048.html
SuSE Security Announcement: SUSE-SU-2016:1912 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00026.html
SuSE Security Announcement: SUSE-SU-2016:2094 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00042.html
SuSE Security Announcement: openSUSE-SU-2016:1292 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00038.html
SuSE Security Announcement: openSUSE-SU-2016:1423 (Google Search)
http://lists.opensuse.org/opensuse-updates/2016-05/msg00114.html
http://www.ubuntu.com/usn/USN-3096-1
Common Vulnerability Exposure (CVE) ID: CVE-2015-7978
BugTraq ID: 81962
http://www.securityfocus.com/bid/81962
Common Vulnerability Exposure (CVE) ID: CVE-2015-7979
BugTraq ID: 81816
http://www.securityfocus.com/bid/81816
RedHat Security Advisories: RHSA-2016:1141
https://access.redhat.com/errata/RHSA-2016:1141
RedHat Security Advisories: RHSA-2016:1552
http://rhn.redhat.com/errata/RHSA-2016-1552.html
Common Vulnerability Exposure (CVE) ID: CVE-2015-8138
BugTraq ID: 81811
http://www.securityfocus.com/bid/81811
Cisco Security Advisory: 20160428 Multiple Vulnerabilities in Network Time Protocol Daemon Affecting Cisco Products: April 2016
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160428-ntpd
Cisco Security Advisory: 20161123 Multiple Vulnerabilities in Network Time Protocol Daemon Affecting Cisco Products: November 2016
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161123-ntpd
https://www.arista.com/en/support/advisories-notices/security-advisories/1332-security-advisory-19
RedHat Security Advisories: RHSA-2016:0063
http://rhn.redhat.com/errata/RHSA-2016-0063.html
Common Vulnerability Exposure (CVE) ID: CVE-2015-8158
BugTraq ID: 81814
http://www.securityfocus.com/bid/81814
CopyrightCopyright (C) 2016 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.



© 1998-2025 E-Soft Inc. Alle Rechte vorbehalten.