Updated ntp packages fixes security vulnerabilities
Publication date: 25 Oct 2015Modification date: 25 Oct 2015
Type: security
Affected Mageia releases : 5
CVE: CVE-2015-5300 , CVE-2015-7701 , CVE-2015-7691 , CVE-2015-7692 , CVE-2015-7702 , CVE-2015-7704 , CVE-2015-7852 , CVE-2015-7871
Description
It was found that ntpd did not correctly implement the threshold
limitation for the '-g' option, which is used to set the time without any
restrictions.
A man-in-the-middle attacker able to intercept NTP traffic between a
connecting client and an NTP server could use this flaw to force that
client to make multiple steps larger than the panic threshold, effectively
changing the time to an arbitrary value at any time (CVE-2015-5300).
Slow memory leak in CRYPTO_ASSOC with autokey (CVE-2015-7701).
Incomplete autokey data packet length checks could result in crash caused
by a crafted packet (CVE-2015-7691, CVE-2015-7692, CVE-2015-7702).
Clients that receive a KoD should validate the origin timestamp field
(CVE-2015-7704).
ntpq atoascii() Memory Corruption Vulnerability could result in ntpd crash
caused by a crafted packet (CVE-2015-7852).
Symmetric association authentication bypass via crypto-NAK
(CVE-2015-7871).
References
- https://bugs.mageia.org/show_bug.cgi?id=16999
- http://support.ntp.org/bin/view/Main/SecurityNotice#October_2015_NTP_Security_Vulner
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5300
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7701
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7691
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7692
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7702
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7704
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7852
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7871
SRPMS
5/core
- ntp-4.2.6p5-24.2.mga5