Detections
Analytics

OracleVM 3.3 / 3.4 : ntp (OVMSA-2016-0082)

high Nessus Plugin ID 91419

Language:

Synopsis

The remote OracleVM host is missing one or more security updates.

Description

The remote OracleVM system is missing necessary patches to address critical security updates :

 - don't allow spoofed packets to demobilize associations (CVE-2015-7979, CVE-2016-1547)

 - don't allow spoofed packet to enable symmetric interleaved mode (CVE-2016-1548)

 - check mode of new source in config command (CVE-2016-2518)

 - make MAC check resilient against timing attack (CVE-2016-1550)

 - don't accept server/peer packets with zero origin timestamp (CVE-2015-8138)

 - fix crash with reslist command (CVE-2015-7977, CVE-2015-7978)

 - fix crash with invalid logconfig command (CVE-2015-5194)

 - fix crash when referencing disabled statistic type (CVE-2015-5195)

 - don't hang in sntp with crafted reply (CVE-2015-5219)

 - don't crash with crafted autokey packet (CVE-2015-7691, CVE-2015-7692, CVE-2015-7702)

 - fix memory leak with autokey (CVE-2015-7701)

 - don't allow setting driftfile and pidfile remotely (CVE-2015-7703)

 - don't crash in ntpq with crafted packet (CVE-2015-7852)

 - add option to set Differentiated Services Code Point (DSCP) (#1228314)

 - extend rawstats log (#1242895)

 - fix resetting of leap status (#1243034)

 - report clock state changes related to leap seconds (#1242937)

 - allow -4/-6 on restrict lines with mask (#1232146)

 - retry joining multicast groups (#1288534)

 - explain synchronised state in ntpstat man page (#1286969)

 - check origin timestamp before accepting KoD RATE packet (CVE-2015-7704)

 - allow only one step larger than panic threshold with -g (CVE-2015-5300)

Solution

Update the affected ntp / ntpdate packages.

See Also

https://oss.oracle.com/pipermail/oraclevm-errata/2016-May/000470.html

https://oss.oracle.com/pipermail/oraclevm-errata/2016-May/000469.html

https://www.tenable.com/security/research/tra-2015-04

Plugin Details

Severity: High

ID: 91419

File Name: oraclevm_OVMSA-2016-0082.nasl

Version: 2.13

Type: local

Published: 6/1/2016

Updated: 1/4/2021

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 4.4

CVSS v2

Risk Factor: Medium

Base Score: 6.4

Temporal Score: 4.7

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:P

CVSS v3

Risk Factor: High

Base Score: 7.5

Temporal Score: 6.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: p-cpe:/a:oracle:vm:ntp, p-cpe:/a:oracle:vm:ntpdate, cpe:/o:oracle:vm_server:3.3, cpe:/o:oracle:vm_server:3.4

Required KB Items: Host/local_checks_enabled, Host/OracleVM/release, Host/OracleVM/rpm-list

Exploit Ease: No known exploits are available

Patch Publication Date: 5/31/2016

Vulnerability Publication Date: 1/6/2017

Reference Information

CVE: CVE-2015-5194, CVE-2015-5195, CVE-2015-5219, CVE-2015-5300, CVE-2015-7691, CVE-2015-7692, CVE-2015-7701, CVE-2015-7702, CVE-2015-7703, CVE-2015-7704, CVE-2015-7852, CVE-2015-7977, CVE-2015-7978, CVE-2015-7979, CVE-2015-8138, CVE-2016-1547, CVE-2016-1548, CVE-2016-1550, CVE-2016-2518