AIX 7.1 TL 4 : bos.net.tcp.client (U868958)

high Nessus Plugin ID 91235
New! Plugin Severity Now Using CVSS v3

The calculated severity for Plugins has been updated to use CVSS v3 by default. Plugins that do not have a CVSS v3 score will fall back to CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Synopsis

The remote AIX host is missing a vendor-supplied security patch.

Description

The remote host is missing AIX PTF U868958, which is related to the security of the package bos.net.tcp.client.

Network Time Protocol (NTP) is vulnerable to a denial of service, caused by an error in the sntp program. By sending specially crafted NTP packets, a remote attacker from within the local network could exploit this vulnerability to cause the application to enter into an infinite loop. Network Time Protocol (NTP) is vulnerable to a denial of service, caused by an error in ntp_crypto.c. An attacker could exploit this vulnerability using a packet containing an extension field with an invalid value for the length of its value field to cause ntpd to crash. Network Time Protocol (NTP) is vulnerable to a denial of service, caused by an error in ntp_crypto.c. An attacker could exploit this vulnerability using a packet containing an extension field with an invalid value for the length of its value field to cause ntpd to crash. Network Time Protocol (NTP) could allow a remote attacker to obtain sensitive information, caused by a memory leak in CRYPTO_ASSOC. An attacker could exploit this vulnerability to obtain sensitive information. Network Time Protocol (NTP) is vulnerable to a denial of service, caused by an error in ntp_crypto.c. An attacker could exploit this vulnerability using a packet containing an extension field with an invalid value for the length of its value field to cause ntpd to crash. Network Time Protocol (NTP) is vulnerable to a denial of service, caused by an error in the remote configuration functionality. By sending a specially crafted configuration file, an attacker could exploit this vulnerability to cause the application to enter into an infinite loop. Network Time Protocol (NTP) is vulnerable to a buffer overflow, caused by improper bounds checking by the refclock of ntpd. By sending an overly long string, a remote attacker could overflow a buffer and execute arbitrary code on the system or cause the application to crash.
Network Time Protocol (NTP) is vulnerable to a denial of service, caused by ASSERT botch instead of returning FAIL on some invalid values by the decodenetnum() function. An attacker could exploit this vulnerability to cause a denial of service.

ISC BIND is vulnerable to a denial of service, caused by an error in db.c when parsing incoming responses. A remote attacker could exploit this vulnerability to trigger a REQUIRE assertion failure and cause a denial of service.

ISC BIND is vulnerable to a denial of service, caused by improper bounds checking in apl_42.c. By sending specially crafted Address Prefix List (APL) data, a remote authenticated attacker could exploit this vulnerability to trigger an INSIST assertion failure and cause the named process to terminate.

Solution

Install the appropriate missing security-related fix.

See Also

http://www-01.ibm.com/support/docview.wss?uid=isg1IV79944

http://www-01.ibm.com/support/docview.wss?uid=isg1IV80191

http://www-01.ibm.com/support/docview.wss?uid=isg1IV81281

Plugin Details

Severity: High

ID: 91235

File Name: aix_U868958.nasl

Version: 2.3

Type: local

Published: 5/19/2016

Updated: 1/4/2021

Dependencies: ssh_get_info.nasl

Vulnerability Information

CPE: cpe:/o:ibm:aix:7.1

Required KB Items: Host/local_checks_enabled, Host/AIX/oslevel, Host/AIX/version, Host/AIX/lslpp

Patch Publication Date: 12/24/2015

Vulnerability Publication Date: 12/24/2015