RHEL 6 / 7 : ntp (RHSA-2017:0252)

This script is Copyright (C) 2017 Tenable Network Security, Inc.


Synopsis :

The remote Red Hat host is missing one or more security updates.

Description :

An update for ntp is now available for Red Hat Enterprise Linux 6 and
Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security
impact of Moderate. A Common Vulnerability Scoring System (CVSS) base
score, which gives a detailed severity rating, is available for each
vulnerability from the CVE link(s) in the References section.

The Network Time Protocol (NTP) is used to synchronize a computer's
time with another referenced time source. These packages include the
ntpd service which continuously adjusts system time and utilities used
to query and configure the ntpd service.

Security Fix(es) :

* It was found that when ntp is configured with rate limiting for all
associations the limits are also applied to responses received from
its configured sources. A remote attacker who knows the sources can
cause a denial of service by preventing ntpd from accepting valid
responses from its sources. (CVE-2016-7426)

* A flaw was found in the control mode functionality of ntpd. A remote
attacker could send a crafted control mode packet which could lead to
information disclosure or result in DDoS amplification attacks.
(CVE-2016-9310)

* A flaw was found in the way ntpd implemented the trap service. A
remote attacker could send a specially crafted packet to cause a NULL
pointer dereference that will crash ntpd, resulting in a denial of
service. (CVE-2016-9311)

* A flaw was found in the way ntpd running on a host with multiple
network interfaces handled certain server responses. A remote attacker
could use this flaw which would cause ntpd to not synchronize with the
source. (CVE-2016-7429)

* A flaw was found in the way ntpd calculated the root delay. A remote
attacker could send a specially crafted spoofed packet to cause denial
of service or in some special cases even crash. (CVE-2016-7433)

See also :

https://www.redhat.com/security/data/cve/CVE-2016-7426.html
https://www.redhat.com/security/data/cve/CVE-2016-7429.html
https://www.redhat.com/security/data/cve/CVE-2016-7433.html
https://www.redhat.com/security/data/cve/CVE-2016-9310.html
https://www.redhat.com/security/data/cve/CVE-2016-9311.html
http://rhn.redhat.com/errata/RHSA-2017-0252.html

Solution :

Update the affected packages.

Risk factor :

High / CVSS Base Score : 7.1
(CVSS2#AV:N/AC:M/Au:N/C:N/I:N/A:C)
CVSS Temporal Score : 5.9
(CVSS2#E:F/RL:OF/RC:ND)
Public Exploit Available : true

Family: Red Hat Local Security Checks

Nessus Plugin ID: 97011 ()

Bugtraq ID:

CVE ID: CVE-2016-7426
CVE-2016-7429
CVE-2016-7433
CVE-2016-9310
CVE-2016-9311

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now