FreeBSD : ntp -- multiple vulnerabilities (5237f5d7-c020-11e5-b397-d050996490d0)

high Nessus Plugin ID 88068


The remote FreeBSD host is missing one or more security-related updates.


Network Time Foundation reports :

NTF's NTP Project has been notified of the following low- and medium-severity vulnerabilities that are fixed in ntp-4.2.8p6, released on Tuesday, 19 January 2016 :

- Bug 2948 / CVE-2015-8158: Potential Infinite Loop in ntpq. Reported by Cisco ASIG.

- Bug 2945 / CVE-2015-8138: origin: Zero Origin Timestamp Bypass.
Reported by Cisco ASIG.

- Bug 2942 / CVE-2015-7979: Off-path Denial of Service (DoS) attack on authenticated broadcast mode. Reported by Cisco ASIG.

- Bug 2940 / CVE-2015-7978: Stack exhaustion in recursive traversal of restriction list. Reported by Cisco ASIG.

- Bug 2939 / CVE-2015-7977: reslist NULL pointer dereference. Reported by Cisco ASIG.

- Bug 2938 / CVE-2015-7976: ntpq saveconfig command allows dangerous characters in filenames. Reported by Cisco ASIG.

- Bug 2937 / CVE-2015-7975: nextvar() missing length check. Reported by Cisco ASIG.

- Bug 2936 / CVE-2015-7974: Skeleton Key: Missing key check allows impersonation between authenticated peers. Reported by Cisco ASIG.

- Bug 2935 / CVE-2015-7973: Deja Vu: Replay attack on authenticated broadcast mode. Reported by Cisco ASIG.

Additionally, mitigations are published for the following two issues :

- Bug 2947 / CVE-2015-8140: ntpq vulnerable to replay attacks.
Reported by Cisco ASIG.

- Bug 2946 / CVE-2015-8139: Origin Leak: ntpq and ntpdc, disclose origin. Reported by Cisco ASIG.


Update the affected packages.

See Also

Plugin Details

Severity: High

ID: 88068

File Name: freebsd_pkg_5237f5d7c02011e5b397d050996490d0.nasl

Version: 2.15

Type: local

Published: 1/22/2016

Updated: 1/4/2021

Supported Sensors: Nessus

Risk Information


Risk Factor: Medium

Score: 5.2


Risk Factor: Medium

Base Score: 5.8

Vector: CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:P


Risk Factor: High

Base Score: 7.7

Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:N

Vulnerability Information

CPE: p-cpe:/a:freebsd:freebsd:ntp, p-cpe:/a:freebsd:freebsd:ntp-devel, cpe:/o:freebsd:freebsd

Required KB Items: Host/local_checks_enabled, Host/FreeBSD/release, Host/FreeBSD/pkg_info

Patch Publication Date: 1/21/2016

Vulnerability Publication Date: 1/20/2016

Reference Information

CVE: CVE-2015-7973, CVE-2015-7974, CVE-2015-7975, CVE-2015-7976, CVE-2015-7977, CVE-2015-7978, CVE-2015-7979, CVE-2015-8138, CVE-2015-8139, CVE-2015-8140, CVE-2015-8158

FreeBSD: SA-16:09.ntp