copyright | disclaimer | privacy | contact  
Australia's Leading Computer Emergency Response Team
 
Search this site

 
On this site

 > HOME
 > About AusCERT
 > Membership
 > Contact Us
 > PKI Services
 > Publications
 > Sec. Bulletins
 > Conferences
 > News & Media
 > Services
 > Web Log
 > Site Map
 > Site Help
 > Member login





 

ESB-2014.2476 - [Debian] ntp: Multiple vulnerabilities

Date: 22 December 2014
References: ESB-2014.2472  ESB-2014.2473  ESB-2014.2497  ESB-2014.2519  ESB-2015.0006  ESB-2015.0008  ESB-2015.0029  ESB-2015.0341  ESB-2015.0363  ESB-2015.0535  
ESB-2015.2648  

Click here for printable version
Click here for PGP verifiable version
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

===========================================================================
             AUSCERT External Security Bulletin Redistribution

                               ESB-2014.2476
                            ntp security update
                             22 December 2014

===========================================================================

        AusCERT Security Bulletin Summary
        ---------------------------------

Product:           ntp
Publisher:         Debian
Operating System:  Debian GNU/Linux 7
Impact/Access:     Execute Arbitrary Code/Commands -- Remote/Unauthenticated
                   Denial of Service               -- Remote/Unauthenticated
                   Provide Misleading Information  -- Remote/Unauthenticated
                   Reduced Security                -- Remote/Unauthenticated
Resolution:        Patch/Upgrade
CVE Names:         CVE-2014-9296 CVE-2014-9295 CVE-2014-9294
                   CVE-2014-9293  

Reference:         ESB-2014.2473
                   ESB-2014.2472

Original Bulletin: 
   http://www.debian.org/security/2014/dsa-3108

- --------------------------BEGIN INCLUDED TEXT--------------------

- -----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

- - -------------------------------------------------------------------------
Debian Security Advisory DSA-3108-1                   security@debian.org
http://www.debian.org/security/                            Florian Weimer
December 20, 2014                      http://www.debian.org/security/faq
- - -------------------------------------------------------------------------

Package        : ntp
CVE ID         : CVE-2014-9293 CVE-2014-9294 CVE-2014-9295 CVE-2014-9296
Debian Bug     : 773576

Several vulnerabilities were discovered in the ntp package, an
implementation of the Network Time Protocol.

CVE-2014-9293

    ntpd generated a weak key for its internal use, with full
    administrative privileges.  Attackers could use this key to
    reconfigure ntpd (or to exploit other vulnerabilities).

CVE-2014-9294

    The ntp-keygen utility generated weak MD5 keys with insufficient
    entropy.

CVE-2014-9295

    ntpd had several buffer overflows (both on the stack and in the
    data section), allowing remote authenticated attackers to crash
    ntpd or potentially execute arbitrary code.

CVE-2014-9296

    The general packet processing function in ntpd did not handle an
    error case correctly.

The default ntpd configuration in Debian restricts access to localhost
(and possible the adjacent network in case of IPv6).

Keys explicitly generated by "ntp-keygen -M" should be regenerated.

For the stable distribution (wheezy), these problems have been fixed in
version 1:4.2.6.p5+dfsg-2+deb7u1.

We recommend that you upgrade your ntp packages.

Further information about Debian Security Advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://www.debian.org/security/

Mailing list: debian-security-announce@lists.debian.org
- -----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iQEcBAEBAgAGBQJUleVzAAoJEL97/wQC1SS+idoIAIFlvZ3V4xG+2iUeYYuwHJ+Y
+tkxWt/O6o5UA2uxeOuy8AHZX1N+VI+VhZxTRsIXdXPRJOPbPwHXTI3bMKJ7ARQ9
wZmqc2lYJ9vHY3xRNg+vk+UJ8+vbxmXf+QE8o0MQC8u6Q+aHl8+3o2tvGcw0nxIX
PaOpA/tg86JTEYlrlS4mLCATgr9UACVUal0NR/W82QMTAfe3NttGGCyuWjmHCCQ4
cn6rzzBk8wrc1E0Kx/dkuiMwhpEdlkmtBK5K+Y07hQmy/Ks8fN1WgDzTlba/fGkm
nR0az4HbiSqalvnXM0O/vr4lSqr2tEjUAGE92fRVOHwDAYuX+n9rb9vORbQEJ9A=
=u8r8
- -----END PGP SIGNATURE-----

- --------------------------END INCLUDED TEXT--------------------

You have received this e-mail bulletin as a result of your organisation's
registration with AusCERT. The mailing list you are subscribed to is
maintained within your organisation, so if you do not wish to continue
receiving these bulletins you should contact your local IT manager. If
you do not know who that is, please send an email to auscert@auscert.org.au
and we will forward your request to the appropriate person.

NOTE: Third Party Rights
This security bulletin is provided as a service to AusCERT's members.  As
AusCERT did not write the document quoted above, AusCERT has had no control
over its content. The decision to follow or act on information or advice
contained in this security bulletin is the responsibility of each user or
organisation, and should be considered in accordance with your organisation's
site policies and procedures. AusCERT takes no responsibility for consequences
which may arise from following or acting on information or advice contained in
this security bulletin.

NOTE: This is only the original release of the security bulletin.  It may
not be updated when updates to the original are made.  If downloading at
a later date, it is recommended that the bulletin is retrieved directly
from the author's website to ensure that the information is still current.

Contact information for the authors of the original document is included
in the Security Bulletin above.  If you have any questions or need further
information, please contact them directly.

Previous advisories and external security bulletins can be retrieved from:

        http://www.auscert.org.au/render.html?cid=1980

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================
-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQIVAwUBVJdy1RLndAQH1ShLAQLbYhAAgEA/BJTlP7HGqOiEcXZCtyld7gOC7GPP
IA53qiOMGsCWTjDvP3JN0YOch7B1bcJAE6yRvwaA2FHRpoX9pEhHgTWLZYmWhcEc
sDysVP9qfOFRtNkXBGfYVZtCIEkXGICbpVYfCpcDPKUzSkS8nXAgNCXogy6riOYj
emTPuCDeHYtKFiIRPhsEaNG865XDS5zJJ0TFiY1a96K388tBbQUaukUW4QlOdNsH
YyP193i0lsXUu+OGibXuzB4RpRkgJ8NE5oDUn0M32q+2bVsuZjIDtwdp3jtmkzxv
IqHfvr+pc88VxSrHOH48FpaLwlGZW995OzMW5AIKhbJvryvtxoiINXpsjvjtpOCc
2m/23XSF+44DpAgxkVoL/8vit6G+jbXmWloV7BSOSyHXWZlPRpfIsxE/iZoOKxeu
xLSFpedAj4La2LPuVyppRr6ReuGdmUZv+HK2TclkXHefRnQds30Z6mGlxQh5bdJM
6mbKqzqAx/6J8qwv57ufzLPqoN4GZdigFpzSpwuerj2mkHmv3OAMy3oU/ozoV5GA
rR8oHzfcTmqRiZYmr0jdz6LshhoSYdgKYvULPo009CaClSmpLwVFWjGZix6egy+Y
W8RZYo6UYxWgMTU6aosru3D5Y1MuTvxRoEy/jIb5T8CfC1DZqFh+hlsbO/EsH3wQ
OOMgxT1atJ4=
=tEFb
-----END PGP SIGNATURE-----