openSUSE Security Update : ntp (openSUSE-2016-578)

This script is Copyright (C) 2016-2017 Tenable Network Security, Inc.


Synopsis :

The remote openSUSE host is missing a security update.

Description :

ntp was updated to version 4.2.8p6 to fix 12 security issues.

Also yast2-ntp-client was updated to match some sntp syntax changes.
(bsc#937837)

These security issues were fixed :

- CVE-2015-8158: Fixed potential infinite loop in ntpq
(bsc#962966).

- CVE-2015-8138: Zero Origin Timestamp Bypass
(bsc#963002).

- CVE-2015-7979: Off-path Denial of Service (DoS) attack
on authenticated broadcast mode (bsc#962784).

- CVE-2015-7978: Stack exhaustion in recursive traversal
of restriction list (bsc#963000).

- CVE-2015-7977: reslist NULL pointer dereference
(bsc#962970).

- CVE-2015-7976: ntpq saveconfig command allows dangerous
characters in filenames (bsc#962802).

- CVE-2015-7975: nextvar() missing length check
(bsc#962988).

- CVE-2015-7974: Skeleton Key: Missing key check allows
impersonation between authenticated peers (bsc#962960).

- CVE-2015-7973: Replay attack on authenticated broadcast
mode (bsc#962995).

- CVE-2015-8140: ntpq vulnerable to replay attacks
(bsc#962994).

- CVE-2015-8139: Origin Leak: ntpq and ntpdc, disclose
origin (bsc#962997).

- CVE-2015-5300: MITM attacker could have forced ntpd to
make a step larger than the panic threshold
(bsc#951629).

These non-security issues were fixed :

- fate#320758 bsc#975981: Enable compile-time support for
MS-SNTP (--enable-ntp-signd). This replaces the w32
patches in 4.2.4 that added the authreg directive.

- bsc#962318: Call /usr/sbin/sntp with full path to
synchronize in start-ntpd. When run as cron job,
/usr/sbin/ is not in the path, which caused the
synchronization to fail.

- bsc#782060: Speedup ntpq.

- bsc#916617: Add /var/db/ntp-kod.

- bsc#956773: Add ntp-ENOBUFS.patch to limit a warning
that might happen quite a lot on loaded systems.

- bsc#951559,bsc#975496: Fix the TZ offset output of sntp
during DST.

- Add ntp-fork.patch and build with threads disabled to
allow name resolution even when running chrooted.

This update was imported from the SUSE:SLE-12-SP1:Update update
project.

See also :

https://bugzilla.opensuse.org/show_bug.cgi?id=782060
https://bugzilla.opensuse.org/show_bug.cgi?id=916617
https://bugzilla.opensuse.org/show_bug.cgi?id=937837
https://bugzilla.opensuse.org/show_bug.cgi?id=951559
https://bugzilla.opensuse.org/show_bug.cgi?id=951629
https://bugzilla.opensuse.org/show_bug.cgi?id=956773
https://bugzilla.opensuse.org/show_bug.cgi?id=962318
https://bugzilla.opensuse.org/show_bug.cgi?id=962784
https://bugzilla.opensuse.org/show_bug.cgi?id=962802
https://bugzilla.opensuse.org/show_bug.cgi?id=962960
https://bugzilla.opensuse.org/show_bug.cgi?id=962966
https://bugzilla.opensuse.org/show_bug.cgi?id=962970
https://bugzilla.opensuse.org/show_bug.cgi?id=962988
https://bugzilla.opensuse.org/show_bug.cgi?id=962994
https://bugzilla.opensuse.org/show_bug.cgi?id=962995
https://bugzilla.opensuse.org/show_bug.cgi?id=962997
https://bugzilla.opensuse.org/show_bug.cgi?id=963000
https://bugzilla.opensuse.org/show_bug.cgi?id=963002
https://bugzilla.opensuse.org/show_bug.cgi?id=975496
https://bugzilla.opensuse.org/show_bug.cgi?id=975981

Solution :

Update the affected ntp packages.

Risk factor :

Medium / CVSS Base Score : 5.8
(CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:P)

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now