Mageia Linux Local Security Checks : Mageia: Security Advisory (MGASA-2016-0277)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 145615 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.1.10.2016.0277

Categoría: Mageia Linux Local Security Checks

Título: Mageia: Security Advisory (MGASA-2016-0277)

Resumen: The remote host is missing an update for the 'busybox, openntpd' package(s) announced via the MGASA-2016-0277 advisory.

Descripción: Summary:
The remote host is missing an update for the 'busybox, openntpd' package(s) announced via the MGASA-2016-0277 advisory.

Vulnerability Insight:
The busybox NTP implementation doesn't check the NTP mode of packets
received on the server port and responds to any packet with the right
size. This includes responses from another NTP server. An attacker can
send a packet with a spoofed source address in order to create an infinite
loop of responses between two busybox NTP servers. Adding more packets to
the loop increases the traffic between the servers until one of them has a
fully loaded CPU and/or network (CVE-2016-6301).

The affected code originated from openntpd, which had fixed it upstream,
but the fix had not made it into Mageia's openntpd package. It has also
been patched with the fix in this update.

Affected Software/OS:
'busybox, openntpd' package(s) on Mageia 5.

Solution:
Please install the updated package(s).

CVSS Score:
7.8

CVSS Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:C

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2016-6301
20190612 SEC Consult SA-20190612-0 :: Multiple vulnerabilities in WAGO 852 Industrial Managed Switch Series
http://seclists.org/fulldisclosure/2019/Jun/18
20190613 SEC Consult SA-20190612-0 :: Multiple vulnerabilities in WAGO 852 Industrial Managed Switch Series
https://seclists.org/bugtraq/2019/Jun/14
20190904 SEC Consult SA-20190904-0 :: Multiple vulnerabilities in Cisco router series RV34X, RV26X and RV16X
http://seclists.org/fulldisclosure/2019/Sep/7
https://seclists.org/bugtraq/2019/Sep/7
20200313 SEC Consult SA-20200312-0 :: Authenticated Command Injection in Phoenix Contact TC Router & TC Cloud Client
http://seclists.org/fulldisclosure/2020/Mar/15
20200827 SEC Consult SA-20200827-0 :: Multiple Vulnerabilities in ZTE mobile Hotspot MS910S
http://seclists.org/fulldisclosure/2020/Aug/20
92277
http://www.securityfocus.com/bid/92277
GLSA-201701-05
https://security.gentoo.org/glsa/201701-05
[oss-security] 20160803 CVE-2016-6301: busybox: NTP server denial of service flaw
http://www.openwall.com/lists/oss-security/2016/08/03/7
http://packetstormsecurity.com/files/153278/WAGO-852-Industrial-Managed-Switch-Series-Code-Execution-Hardcoded-Credentials.html
http://packetstormsecurity.com/files/154361/Cisco-Device-Hardcoded-Credentials-GNU-glibc-BusyBox.html
https://bugzilla.redhat.com/show_bug.cgi?id=1363710
https://git.busybox.net/busybox/commit/?id=150dc7a2b483b8338a3e185c478b4b23ee884e71

Copyright Copyright (C) 2022 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.1.10.2016.0277
Categoría:	Mageia Linux Local Security Checks
Título:	Mageia: Security Advisory (MGASA-2016-0277)
Resumen:	The remote host is missing an update for the 'busybox, openntpd' package(s) announced via the MGASA-2016-0277 advisory.
Descripción:	Summary: The remote host is missing an update for the 'busybox, openntpd' package(s) announced via the MGASA-2016-0277 advisory. Vulnerability Insight: The busybox NTP implementation doesn't check the NTP mode of packets received on the server port and responds to any packet with the right size. This includes responses from another NTP server. An attacker can send a packet with a spoofed source address in order to create an infinite loop of responses between two busybox NTP servers. Adding more packets to the loop increases the traffic between the servers until one of them has a fully loaded CPU and/or network (CVE-2016-6301). The affected code originated from openntpd, which had fixed it upstream, but the fix had not made it into Mageia's openntpd package. It has also been patched with the fix in this update. Affected Software/OS: 'busybox, openntpd' package(s) on Mageia 5. Solution: Please install the updated package(s). CVSS Score: 7.8 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2016-6301 20190612 SEC Consult SA-20190612-0 :: Multiple vulnerabilities in WAGO 852 Industrial Managed Switch Series http://seclists.org/fulldisclosure/2019/Jun/18 20190613 SEC Consult SA-20190612-0 :: Multiple vulnerabilities in WAGO 852 Industrial Managed Switch Series https://seclists.org/bugtraq/2019/Jun/14 20190904 SEC Consult SA-20190904-0 :: Multiple vulnerabilities in Cisco router series RV34X, RV26X and RV16X http://seclists.org/fulldisclosure/2019/Sep/7 https://seclists.org/bugtraq/2019/Sep/7 20200313 SEC Consult SA-20200312-0 :: Authenticated Command Injection in Phoenix Contact TC Router & TC Cloud Client http://seclists.org/fulldisclosure/2020/Mar/15 20200827 SEC Consult SA-20200827-0 :: Multiple Vulnerabilities in ZTE mobile Hotspot MS910S http://seclists.org/fulldisclosure/2020/Aug/20 92277 http://www.securityfocus.com/bid/92277 GLSA-201701-05 https://security.gentoo.org/glsa/201701-05 [oss-security] 20160803 CVE-2016-6301: busybox: NTP server denial of service flaw http://www.openwall.com/lists/oss-security/2016/08/03/7 http://packetstormsecurity.com/files/153278/WAGO-852-Industrial-Managed-Switch-Series-Code-Execution-Hardcoded-Credentials.html http://packetstormsecurity.com/files/154361/Cisco-Device-Hardcoded-Credentials-GNU-glibc-BusyBox.html https://bugzilla.redhat.com/show_bug.cgi?id=1363710 https://git.busybox.net/busybox/commit/?id=150dc7a2b483b8338a3e185c478b4b23ee884e71
Copyright	Copyright (C) 2022 Greenbone AG