F5 Networks BIG-IP : NTP vulnerabilities (K02360853)

Medium Nessus Plugin ID 97443

Synopsis

The remote device is missing a vendor-supplied security patch.

Description

CVE-2015-5194

The log_config_command function in ntp_parser.y in ntpd in NTP before 4.2.7p42 allows remote attackers to cause a denial of service (ntpd crash) via crafted logconfig commands.

CVE-2015-5195 ntp_openssl.m4 in ntpd in NTP before 4.2.7p112 allows remote attackers to cause a denial of service (segmentation fault) via a crafted statistics or filegen configuration command that is not enabled during compilation.

Impact

The ntpd process could stop responding, due to an uninitialized variable, when processing malformed configuration commands.

F5 has evaluated this vulnerability as having low impact to the BIG-IP product line for the following reasons :

This issue is not exposed in a BIG-IP system default configuration.

The configuration that exposes the issue is not recommended by F5.

Solution

Upgrade to one of the non-vulnerable versions listed in the F5 Solution K02360853.

See Also

https://support.f5.com/csp/article/K02360853

Plugin Details

Severity: Medium

ID: 97443

File Name: f5_bigip_SOL02360853.nasl

Version: 3.11

Type: local

Published: 2017/03/01

Updated: 2020/03/09

Dependencies: 76940

Risk Information

Risk Factor: Medium

CVSS v2.0

Base Score: 5

Temporal Score: 3.7

Vector: CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P

Temporal Vector: CVSS2#E:U/RL:OF/RC:C

CVSS v3.0

Base Score: 7.5

Temporal Score: 6.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Temporal Vector: CVSS:3.0/E:U/RL:O/RC:C

Vulnerability Information

CPE: cpe:/a:f5:big-ip_access_policy_manager, cpe:/a:f5:big-ip_advanced_firewall_manager, cpe:/a:f5:big-ip_application_acceleration_manager, cpe:/a:f5:big-ip_application_security_manager, cpe:/a:f5:big-ip_application_visibility_and_reporting, cpe:/a:f5:big-ip_global_traffic_manager, cpe:/a:f5:big-ip_link_controller, cpe:/a:f5:big-ip_local_traffic_manager, cpe:/a:f5:big-ip_policy_enforcement_manager, cpe:/a:f5:big-ip_wan_optimization_manager, cpe:/a:f5:big-ip_webaccelerator, cpe:/h:f5:big-ip, cpe:/h:f5:big-ip_protocol_security_manager

Required KB Items: Host/local_checks_enabled, Host/BIG-IP/hotfix, Host/BIG-IP/modules, Host/BIG-IP/version

Exploit Available: false

Exploit Ease: No known exploits are available

Patch Publication Date: 2016/01/21

Vulnerability Publication Date: 2017/07/21

Reference Information

CVE: CVE-2015-5194, CVE-2015-5195