Updated ntp packages fix security vulnerabilities
Publication date: 20 Dec 2014Type: security
Affected Mageia releases : 4
CVE: CVE-2014-9293 , CVE-2014-9294 , CVE-2014-9295 , CVE-2014-9296
Description
Updated ntp packages fix security vulnerabilities: If no authentication key is defined in the ntp.conf file, a cryptographically-weak default key is generated (CVE-2014-9293). ntp-keygen before 4.2.7p230 uses a non-cryptographic random number generator with a weak seed to generate symmetric keys (CVE-2014-9294). A remote unauthenticated attacker may craft special packets that trigger buffer overflows in the ntpd functions crypto_recv() (when using autokey authentication), ctl_putdata(), and configure(). The resulting buffer overflows may be exploited to allow arbitrary malicious code to be executed with the privilege of the ntpd process (CVE-2014-9295). A section of code in ntpd handling a rare error is missing a return statement, therefore processing did not stop when the error was encountered. This situation may be exploitable by an attacker (CVE-2014-9296). The ntp package has been patched to fix these issues.
References
- https://bugs.mageia.org/show_bug.cgi?id=14858
- http://support.ntp.org/bin/view/Main/SecurityNotice#Resolved_Vulnerabilities
- https://ics-cert.us-cert.gov/advisories/ICSA-14-353-01
- http://www.kb.cert.org/vuls/id/852879
- https://bugzilla.redhat.com/show_bug.cgi?id=1176032
- https://bugzilla.redhat.com/show_bug.cgi?id=1176035
- https://bugzilla.redhat.com/show_bug.cgi?id=1176037
- https://bugzilla.redhat.com/show_bug.cgi?id=1176040
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9293
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9294
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9295
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9296
SRPMS
4/core
- ntp-4.2.6p5-15.2.mga4