Test ID:	1.3.6.1.4.1.25623.1.0.106110
Category:	Web application abuses
Title:	Meinberg LANTIME < 6.20.005 Multiple Vulnerabilities (MBGSA-1604)
Summary:	Meinberg LANTIME NTP Timeserver devices are prone to multiple; vulnerabilities.
Description:	Summary: Meinberg LANTIME NTP Timeserver devices are prone to multiple vulnerabilities. Vulnerability Insight: The following flaws exist: - CVE-2016-3962: Remote stack buffer overflow vulnerability involving parsing of parameter in POST request in function provides privilege of web server 'nobody'. - CVE-2016-3988: Remote stack buffer overflow vulnerability is present while parsing nine different parameters in POST request in function. - CVE-2016-3989: Weak access controls allow for privilege escalation from 'nobody' to 'root' user. 'nobody' has permissions to alter script that can only run as 'root'. - CVE-2016-4953, CVE-2016-4954, CVE-2016-4955, CVE-2016-4956, CVE-2016-4957: Multiple vulnerabilities in NTP. Vulnerability Impact: Successful exploitation of these vulnerabilities could cause a buffer overflow condition that may allow escalation to root privileges. Affected Software/OS: Meinberg LANTIME devices with firmware versions prior to 6.20.005. Solution: Update to firmware version 6.20.005 or later. CVSS Score: 8.5 CVSS Vector: AV:N/AC:L/Au:S/C:C/I:C/A:N
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2016-3962 https://www.exploit-db.com/exploits/40120/ https://ics-cert.us-cert.gov/advisories/ICSA-16-175-03 Common Vulnerability Exposure (CVE) ID: CVE-2016-3988 Common Vulnerability Exposure (CVE) ID: CVE-2016-3989 Common Vulnerability Exposure (CVE) ID: CVE-2016-4953 BugTraq ID: 91010 http://www.securityfocus.com/bid/91010 Bugtraq: 20160604 FreeBSD Security Advisory FreeBSD-SA-16:24.ntp (Google Search) http://www.securityfocus.com/archive/1/538600/100/0/threaded http://www.securityfocus.com/archive/1/archive/1/538600/100/0/threaded Bugtraq: 20160604 [slackware-security] ntp (SSA:2016-155-01) (Google Search) http://www.securityfocus.com/archive/1/538599/100/0/threaded http://www.securityfocus.com/archive/1/archive/1/538599/100/0/threaded Bugtraq: 20170607 [security bulletin] HPESBHF03757 rev.1 - HPE Network Products including Comware 5 and Comware 7 running NTP, Remote Denial of Service (DoS) (Google Search) http://www.securityfocus.com/archive/1/540683/100/0/threaded http://www.securityfocus.com/archive/1/archive/1/540683/100/0/threaded CERT/CC vulnerability note: VU#321640 http://www.kb.cert.org/vuls/id/321640 https://www.kb.cert.org/vuls/id/321640 Cisco Security Advisory: 20160603 Multiple Vulnerabilities in Network Time Protocol Daemon Affecting Cisco Products: June 2016 http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160603-ntpd FreeBSD Security Advisory: FreeBSD-SA-16:24 https://security.FreeBSD.org/advisories/FreeBSD-SA-16:24.ntp.asc https://security.gentoo.org/glsa/201607-15 http://packetstormsecurity.com/files/137321/Slackware-Security-Advisory-ntp-Updates.html http://packetstormsecurity.com/files/137322/FreeBSD-Security-Advisory-FreeBSD-SA-16-24.ntp.html https://us-cert.cisa.gov/ics/advisories/icsa-21-159-11 http://www.securitytracker.com/id/1036037 SuSE Security Announcement: SUSE-SU-2016:1563 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00018.html SuSE Security Announcement: SUSE-SU-2016:1568 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00020.html SuSE Security Announcement: SUSE-SU-2016:1584 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00024.html SuSE Security Announcement: SUSE-SU-2016:1602 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00028.html SuSE Security Announcement: SUSE-SU-2016:1912 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00026.html SuSE Security Announcement: SUSE-SU-2016:2094 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00042.html SuSE Security Announcement: openSUSE-SU-2016:1583 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00023.html SuSE Security Announcement: openSUSE-SU-2016:1636 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00040.html Common Vulnerability Exposure (CVE) ID: CVE-2016-4954 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/K3EYJQHJZ2KTVQ7ICEFHXTLZ36MRASWX/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ORAMN3Q7TVJ54MBYF75XCJOE3DP7LYHT/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WNWGCQLW2VY72NIUYMJOCAKJKTXHDUK2/ http://www.ubuntu.com/usn/USN-3096-1 Common Vulnerability Exposure (CVE) ID: CVE-2016-4955 BugTraq ID: 91007 http://www.securityfocus.com/bid/91007 Common Vulnerability Exposure (CVE) ID: CVE-2016-4956 BugTraq ID: 91009 http://www.securityfocus.com/bid/91009 Common Vulnerability Exposure (CVE) ID: CVE-2016-4957
Copyright	Copyright (C) 2016 Greenbone Networks GmbH

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.