Ubuntu 12.04 LTS / 14.04 LTS / 15.04 / 15.10 : ntp vulnerabilities (USN-2783-1)
High Nessus Plugin ID 86630
Synopsis
The remote Ubuntu host is missing a security-related patch.
Description
Aleksis Kauppinen discovered that NTP incorrectly handled certain remote config packets. In a non-default configuration, a remote authenticated attacker could possibly use this issue to cause NTP to crash, resulting in a denial of service. (CVE-2015-5146)
Miroslav Lichvar discovered that NTP incorrectly handled logconfig directives. In a non-default configuration, a remote authenticated attacker could possibly use this issue to cause NTP to crash, resulting in a denial of service. (CVE-2015-5194)
Miroslav Lichvar discovered that NTP incorrectly handled certain statistics types. In a non-default configuration, a remote authenticated attacker could possibly use this issue to cause NTP to crash, resulting in a denial of service. (CVE-2015-5195)
Miroslav Lichvar discovered that NTP incorrectly handled certain file paths. In a non-default configuration, a remote authenticated attacker could possibly use this issue to cause NTP to crash, resulting in a denial of service, or overwrite certain files. (CVE-2015-5196, CVE-2015-7703)
Miroslav Lichvar discovered that NTP incorrectly handled certain packets. A remote attacker could possibly use this issue to cause NTP to hang, resulting in a denial of service. (CVE-2015-5219)
Aanchal Malhotra, Isaac E. Cohen, and Sharon Goldberg discovered that NTP incorrectly handled restarting after hitting a panic threshold. A remote attacker could possibly use this issue to alter the system time on clients. (CVE-2015-5300)
It was discovered that NTP incorrectly handled autokey data packets. A remote attacker could possibly use this issue to cause NTP to crash, resulting in a denial of service, or possibly execute arbitrary code.
(CVE-2015-7691, CVE-2015-7692, CVE-2015-7702)
It was discovered that NTP incorrectly handled memory when processing certain autokey messages. A remote attacker could possibly use this issue to cause NTP to consume memory, resulting in a denial of service. (CVE-2015-7701)
Aanchal Malhotra, Isaac E. Cohen, and Sharon Goldberg discovered that NTP incorrectly handled rate limiting. A remote attacker could possibly use this issue to cause clients to stop updating their clock.
(CVE-2015-7704, CVE-2015-7705)
Yves Younan discovered that NTP incorrectly handled logfile and keyfile directives. In a non-default configuration, a remote authenticated attacker could possibly use this issue to cause NTP to enter a loop, resulting in a denial of service. (CVE-2015-7850)
Yves Younan and Aleksander Nikolich discovered that NTP incorrectly handled ascii conversion. A remote attacker could possibly use this issue to cause NTP to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2015-7852)
Yves Younan discovered that NTP incorrectly handled reference clock memory. A malicious refclock could possibly use this issue to cause NTP to crash, resulting in a denial of service, or possibly execute arbitrary code. (CVE-2015-7853)
John D 'Doug' Birdwell discovered that NTP incorrectly handled decoding certain bogus values. An attacker could possibly use this issue to cause NTP to crash, resulting in a denial of service.
(CVE-2015-7855)
Stephen Gray discovered that NTP incorrectly handled symmetric association authentication. A remote attacker could use this issue to possibly bypass authentication and alter the system clock.
(CVE-2015-7871)
In the default installation, attackers would be isolated by the NTP AppArmor profile.
Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
Solution
Update the affected ntp package.