Test ID:	1.3.6.1.4.1.25623.1.1.10.2016.0277
Category:	Mageia Linux Local Security Checks
Title:	Mageia: Security Advisory (MGASA-2016-0277)
Summary:	The remote host is missing an update for the 'busybox, openntpd' package(s) announced via the MGASA-2016-0277 advisory.
Description:	Summary: The remote host is missing an update for the 'busybox, openntpd' package(s) announced via the MGASA-2016-0277 advisory. Vulnerability Insight: The busybox NTP implementation doesn't check the NTP mode of packets received on the server port and responds to any packet with the right size. This includes responses from another NTP server. An attacker can send a packet with a spoofed source address in order to create an infinite loop of responses between two busybox NTP servers. Adding more packets to the loop increases the traffic between the servers until one of them has a fully loaded CPU and/or network (CVE-2016-6301). The affected code originated from openntpd, which had fixed it upstream, but the fix had not made it into Mageia's openntpd package. It has also been patched with the fix in this update. Affected Software/OS: 'busybox, openntpd' package(s) on Mageia 5. Solution: Please install the updated package(s). CVSS Score: 7.8 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:C
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2016-6301 20190612 SEC Consult SA-20190612-0 :: Multiple vulnerabilities in WAGO 852 Industrial Managed Switch Series http://seclists.org/fulldisclosure/2019/Jun/18 20190613 SEC Consult SA-20190612-0 :: Multiple vulnerabilities in WAGO 852 Industrial Managed Switch Series https://seclists.org/bugtraq/2019/Jun/14 20190904 SEC Consult SA-20190904-0 :: Multiple vulnerabilities in Cisco router series RV34X, RV26X and RV16X http://seclists.org/fulldisclosure/2019/Sep/7 https://seclists.org/bugtraq/2019/Sep/7 20200313 SEC Consult SA-20200312-0 :: Authenticated Command Injection in Phoenix Contact TC Router & TC Cloud Client http://seclists.org/fulldisclosure/2020/Mar/15 20200827 SEC Consult SA-20200827-0 :: Multiple Vulnerabilities in ZTE mobile Hotspot MS910S http://seclists.org/fulldisclosure/2020/Aug/20 92277 http://www.securityfocus.com/bid/92277 GLSA-201701-05 https://security.gentoo.org/glsa/201701-05 [oss-security] 20160803 CVE-2016-6301: busybox: NTP server denial of service flaw http://www.openwall.com/lists/oss-security/2016/08/03/7 http://packetstormsecurity.com/files/153278/WAGO-852-Industrial-Managed-Switch-Series-Code-Execution-Hardcoded-Credentials.html http://packetstormsecurity.com/files/154361/Cisco-Device-Hardcoded-Credentials-GNU-glibc-BusyBox.html https://bugzilla.redhat.com/show_bug.cgi?id=1363710 https://git.busybox.net/busybox/commit/?id=150dc7a2b483b8338a3e185c478b4b23ee884e71
Copyright	Copyright (C) 2022 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.