EulerOS 2.0 SP1 : ntp (EulerOS-SA-2017-1124)

This script is Copyright (C) 2017 Tenable Network Security, Inc.


Synopsis :

The remote EulerOS host is missing multiple security updates.

Description :

According to the versions of the ntp packages installed, the EulerOS
installation on the remote host is affected by the following
vulnerabilities :

- ntpq in NTP before 4.2.8p7 allows remote attackers to
obtain origin timestamps and then impersonate peers via
unspecified vectors.(CVE-2015-8139)

- NTP before 4.2.8p7 and 4.3.x before 4.3.92, when mode7
is enabled, allows remote attackers to cause a denial
of service (ntpd abort) by using the same IP address
multiple times in an unconfig directive.(CVE-2016-2516)

- The process_packet function in ntp_proto.c in ntpd in
NTP 4.x before 4.2.8p8 allows remote attackers to cause
a denial of service (peer-variable modification) by
sending spoofed packets from many source IP addresses
in a certain scenario, as demonstrated by triggering an
incorrect leap indication.(CVE-2016-4954)

- ntpd in NTP 4.x before 4.2.8p8, when autokey is
enabled, allows remote attackers to cause a denial of
service (peer-variable clearing and association outage)
by sending (1) a spoofed crypto-NAK packet or (2) a
packet with an incorrect MAC value at a certain
time.(CVE-2016-4955)

- ntpd in NTP 4.x before 4.2.8p8 allows remote attackers
to cause a denial of service (interleaved-mode
transition and time change) via a spoofed broadcast
packet. NOTE: this vulnerability exists because of an
incomplete fix for CVE-2016-1548.(CVE-2016-4956)

- Buffer overflow in the legacy Datum Programmable Time
Server (DPTS) refclock driver in NTP before 4.2.8p10
and 4.3.x before 4.3.94 allows local users to have
unspecified impact via a crafted /dev/datum
device.(CVE-2017-6462)

- NTP before 4.2.8p10 and 4.3.x before 4.3.94 allows
remote authenticated users to cause a denial of service
(daemon crash) via an invalid setting in a :config
directive, related to the unpeer option.(CVE-2017-6463)

- NTP before 4.2.8p10 and 4.3.x before 4.3.94 allows
remote attackers to cause a denial of service (ntpd
crash) via a malformed mode configuration
directive.(CVE-2017-6464)

Note that Tenable Network Security has extracted the preceding
description block directly from the EulerOS security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues.

See also :

http://www.nessus.org/u?a4cf89e7

Solution :

Update the affected ntp packages.

Risk factor :

High / CVSS Base Score : 7.1
(CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:C)
CVSS Temporal Score : 5.3
(CVSS2#E:U/RL:OF/RC:C)
Public Exploit Available : false

Family: Huawei Local Security Checks

Nessus Plugin ID: 101310 ()

Bugtraq ID:

CVE ID: CVE-2015-8139
CVE-2016-2516
CVE-2016-4954
CVE-2016-4955
CVE-2016-4956
CVE-2017-6462
CVE-2017-6463
CVE-2017-6464

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now