NewStart CGSL MAIN 4.05 : ntp Multiple Vulnerabilities (NS-SA-2019-0114)
Medium Nessus Plugin ID 127353
SynopsisThe remote machine is affected by multiple vulnerabilities.
DescriptionThe remote NewStart CGSL host, running version MAIN 4.05, has ntp packages installed that are affected by multiple vulnerabilities:
- It was found that when ntp is configured with rate limiting for all associations the limits are also applied to responses received from its configured sources. A remote attacker who knows the sources can cause a denial of service by preventing ntpd from accepting valid responses from its sources.
- A flaw was found in the way ntpd running on a host with multiple network interfaces handled certain server responses. A remote attacker could use this flaw which would cause ntpd to not synchronize with the source.
- A flaw was found in the way ntpd calculated the root delay. A remote attacker could send a specially-crafted spoofed packet to cause denial of service or in some special cases even crash. (CVE-2016-7433)
- A flaw was found in the control mode functionality of ntpd. A remote attacker could send a crafted control mode packet which could lead to information disclosure or result in DDoS amplification attacks. (CVE-2016-9310)
- A flaw was found in the way ntpd implemented the trap service. A remote attacker could send a specially crafted packet to cause a null pointer dereference that will crash ntpd, resulting in a denial of service.
Note that Nessus has not tested for this issue but has instead relied only on the application's self-reported version number.
SolutionUpgrade the vulnerable CGSL ntp packages. Note that updated packages may not be available yet. Please contact ZTE for more information.