Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2019.0744 ntp -- Crafted null dereference attack from a trusted source with an authenticated mode 6 packet 8 March 2019 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: ntp Publisher: FreeBSD Operating System: FreeBSD UNIX variants (UNIX, Linux, OSX) Impact/Access: Denial of Service -- Existing Account Resolution: Patch/Upgrade CVE Names: CVE-2019-8936 Original Bulletin: http://www.vuxml.org/freebsd/c2576e14-36e2-11e9-9eda-206a8a720317.html Comment: This advisory references vulnerabilities in products which run on platforms other than FreeBSD. It is recommended that administrators running ntp check for an updated version of the software for their operating system. - --------------------------BEGIN INCLUDED TEXT-------------------- ntp -- Crafted null dereference attack from a trusted source with an authenticated mode 6 packet Affected packages ntp < 4.2.8p13 12.0 <= FreeBSD < 12.0_2 11.2 <= FreeBSD < 11.2_8 Details VuXML ID c2576e14-36e2-11e9-9eda-206a8a720317 Discovery 2019-01-15 Entry 2019-03-07 Network Time Foundation reports: A crafted malicious authenticated mode 6 (ntpq) packet from a permitted network address can trigger a NULL pointer dereference, crashing ntpd. Note that for this attack to work, the sending system must be on an address that the target's ntpd accepts mode 6 packets from, and must use a private key that is specifically listed as being used for mode 6 authorization. Impact: The ntpd daemon can crash due to the NULL pointer dereference, causing a denial of service. Mitigation: o Use restrict noquery to limit addresses that can send mode 6 queries. o Limit access to the private controlkey in ntp.keys. o Upgrade to 4.2.8p13, or later. [source] References CVE CVE-2019-8936 Name URL http://bugs.ntp.org/3565 URL http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-8936 URL https://nvd.nist.gov/vuln-metrics/cvss/v2-calculator?vector=(AV:N/AC:H/ Au:M/C:N/I:N/A:C) URL https://nvd.nist.gov/vuln-metrics/cvss/v3-calculator?vector=AV:N/AC:H/ PR:H/UI:R/S:U/C:N/I:N/A:H - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: https://www.auscert.org.au/bulletins/ =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBXIHwnWaOgq3Tt24GAQhkdRAAyulmFg5s3bDzNy/+U3nH4ex09xhRDrpn jC3Z7Pm0sz42QY5QKF7zVvsrhFJG8S7Pm9Z551fR2BXDaU4Rt5A+ZBQQp9ZYTq+p CfTsLRIC38kCjWsR3Bx8YD1Bc4beDKcEYCUFqgvNQcglPB6DCoNCP7MeHWRecinC 7vVtdZTyHaymWv6cMkfW2nSIOHwtn/rGzN9LRdCdt7E5ad0pYznNA71mcRB7MoHO a/gzrzJ3aaoGLtJwKrdzavVBLEamRgpjD/GJnUwhFKEeg6J5ck0WzKvwIKQ9vA6r NRwWK+QAym+hejina7jqYRi7//asavwVg6GMGTddDxP1AkULoBgbKBLDIFCYeNqQ VHYjV41an+ZFJfmdrnlE6j+anYImWZrRJVkOrHXugTLMJcVhmTu9smNkS8ERJazG jH8Q9fyGLidQ7/jxnNFzInQPQpPXBL5tKNwP94p/sjy1sQXcdIiMEuHQSF9+kVTv GN4kZg4Oj3CCi7n1jghPGL7YqYUHG7D1BGvDLuHjdN31TD1V7GNrAu80ZqwGxEuf Y/w2BnwyUR2fpMd9CdbGmKwi6fT1KfeNk+DFHvOWhoWvlGCuQjcZrU/D88kkvlz8 H6M4PppvtRkSoJjm2SduGl8JZJlfvi3BZfrBz2jWBc1VV8WY4Dnf33MhMNa4QgNm z3k9gWsW7wE= =+Vui -----END PGP SIGNATURE-----