Lucene search
This script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof.ALA_ALAS-2016-727.NASLHistoryAug 02, 2016 - 12:00 a.m.
Amazon Linux AMI : ntp (ALAS-2016-727)
2016-08-0200:00:00
This script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
17
It was discovered that ntpq and ntpdc disclosed the origin timestamp to unauthenticated clients, which could permit such clients to forge the server’s replies. (CVE-2015-8139)
The process_packet function in ntp_proto.c in ntpd in NTP 4.x before 4.2.8p8 allows remote attackers to cause a denial of service (peer-variable modification) by sending spoofed packets from many source IP addresses in a certain scenario, as demonstrated by triggering an incorrect leap indication. (CVE-2016-4954)
ntpd in NTP 4.x before 4.2.8p8, when autokey is enabled, allows remote attackers to cause a denial of service (peer-variable clearing and association outage) by sending (1) a spoofed crypto-NAK packet or (2) a packet with an incorrect MAC value at a certain time.
(CVE-2016-4955)
ntpd in NTP 4.x before 4.2.8p8 allows remote attackers to cause a denial of service (interleaved-mode transition and time change) via a spoofed broadcast packet. This vulnerability exists because of an incomplete fix for CVE-2016-1548 . (CVE-2016-4956)
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Amazon Linux AMI Security Advisory ALAS-2016-727.
#
include("compat.inc");
if (description)
{
script_id(92662);
script_version("2.9");
script_set_attribute(attribute:"plugin_modification_date", value:"2020/06/22");
script_cve_id("CVE-2015-8139", "CVE-2016-4954", "CVE-2016-4955", "CVE-2016-4956");
script_xref(name:"ALAS", value:"2016-727");
script_name(english:"Amazon Linux AMI : ntp (ALAS-2016-727)");
script_summary(english:"Checks rpm output for the updated packages");
script_set_attribute(
attribute:"synopsis",
value:"The remote Amazon Linux AMI host is missing a security update."
);
script_set_attribute(
attribute:"description",
value:
"It was discovered that ntpq and ntpdc disclosed the origin timestamp
to unauthenticated clients, which could permit such clients to forge
the server's replies. (CVE-2015-8139)
The process_packet function in ntp_proto.c in ntpd in NTP 4.x before
4.2.8p8 allows remote attackers to cause a denial of service
(peer-variable modification) by sending spoofed packets from many
source IP addresses in a certain scenario, as demonstrated by
triggering an incorrect leap indication. (CVE-2016-4954)
ntpd in NTP 4.x before 4.2.8p8, when autokey is enabled, allows remote
attackers to cause a denial of service (peer-variable clearing and
association outage) by sending (1) a spoofed crypto-NAK packet or (2)
a packet with an incorrect MAC value at a certain time.
(CVE-2016-4955)
ntpd in NTP 4.x before 4.2.8p8 allows remote attackers to cause a
denial of service (interleaved-mode transition and time change) via a
spoofed broadcast packet. This vulnerability exists because of an
incomplete fix for CVE-2016-1548 . (CVE-2016-4956)"
);
script_set_attribute(
attribute:"see_also",
value:"https://alas.aws.amazon.com/ALAS-2016-727.html"
);
script_set_attribute(
attribute:"solution",
value:"Run 'yum update ntp' to update your system."
);
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:N");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:ntp");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:ntp-debuginfo");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:ntp-doc");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:ntp-perl");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:amazon:linux:ntpdate");
script_set_attribute(attribute:"cpe", value:"cpe:/o:amazon:linux");
script_set_attribute(attribute:"vuln_publication_date", value:"2016/07/05");
script_set_attribute(attribute:"patch_publication_date", value:"2017/01/04");
script_set_attribute(attribute:"plugin_publication_date", value:"2016/08/02");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2016-2020 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_family(english:"Amazon Linux Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/AmazonLinux/release", "Host/AmazonLinux/rpm-list");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/AmazonLinux/release");
if (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, "Amazon Linux");
os_ver = pregmatch(pattern: "^AL(A|\d)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Amazon Linux");
os_ver = os_ver[1];
if (os_ver != "A")
{
if (os_ver == 'A') os_ver = 'AMI';
audit(AUDIT_OS_NOT, "Amazon Linux AMI", "Amazon Linux " + os_ver);
}
if (!get_kb_item("Host/AmazonLinux/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
flag = 0;
if (rpm_check(release:"ALA", reference:"ntp-4.2.6p5-41.32.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"ntp-debuginfo-4.2.6p5-41.32.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"ntp-doc-4.2.6p5-41.32.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"ntp-perl-4.2.6p5-41.32.amzn1")) flag++;
if (rpm_check(release:"ALA", reference:"ntpdate-4.2.6p5-41.32.amzn1")) flag++;
if (flag)
{
if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());
else security_warning(0);
exit(0);
}
else
{
tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "ntp / ntp-debuginfo / ntp-doc / ntp-perl / ntpdate");
}
Related
amazon
amazon
Medium: ntp
2016-08-01 13:30:00
Medium: ntp
2016-06-02 18:06:00
fedora
fedora
[SECURITY] Fedora 24 Update: ntp-4.2.6p5-41.fc24
2016-06-18 19:39:53
[SECURITY] Fedora 22 Update: ntp-4.2.6p5-41.fc22
2016-07-02 19:29:35
[SECURITY] Fedora 23 Update: ntp-4.2.6p5-41.fc23
2016-07-02 19:36:52
mageia
mageia
Updated ntp packages fix security vulnerability
2016-06-08 00:39:50
Updated ntp packages fix security vulnerabilities
2016-05-14 00:54:49
Updated ntp packages fix security vulnerability
2016-01-29 14:02:50
openvas
openvas
Fedora Update for ntp FEDORA-2016-89e0874533
2016-07-10 00:00:00
Amazon Linux: Security Advisory (ALAS-2016-727)
2016-10-26 00:00:00
Mageia: Security Advisory (MGASA-2016-0219)
2022-01-28 00:00:00
nessus
nessus
Fedora 24 : ntp (2016-50b0066b7f)
2016-07-14 00:00:00
Fedora 23 : ntp (2016-89e0874533)
2016-07-15 00:00:00
Fedora 22 : ntp (2016-c3bd6a3496)
2016-07-15 00:00:00
archlinux
archlinux
ntp: distributed denial of service amplification
2016-06-04 00:00:00
suse
suse
Security update for ntp (important)
2016-06-15 14:08:23
Security update for ntp (important)
2016-06-20 21:07:55
Security update for ntp (important)
2016-06-13 18:37:46
ibm
ibm
cert
cert
NTP.org ntpd is vulnerable to denial of service and other vulnerabilities
2016-06-02 00:00:00
NTP.org ntpd contains multiple vulnerabilities
2016-04-27 00:00:00
freebsd_advisory
freebsd_advisory
FreeBSD-SA-16:24.ntp
2016-06-04 00:00:00
FreeBSD-SA-16:16.ntp
2016-04-29 00:00:00
FreeBSD-SA-16:09.ntp
2016-01-27 00:00:00
redhatcve
redhatcve
cve
cve
freebsd
freebsd
FreeBSD -- Multiple ntp vulnerabilities
2016-06-04 00:00:00
ntp -- multiple vulnerabilities
2016-01-20 00:00:00
ntp -- multiple vulnerabilities
2016-04-26 00:00:00
slackware
slackware
[slackware-security] ntp
2016-06-04 00:43:43
[slackware-security] ntp
2016-04-29 21:57:25
prion
prion
Design/Logic Flaw
2016-07-05 01:59:00
Design/Logic Flaw
2016-07-05 01:59:00
Code injection
2016-07-05 01:59:00
ubuntucve
ubuntucve
debiancve
debiancve
cisco
cisco
f5
f5
K64505405 : NTP vulnerability CVE-2016-4956
2016-06-16 00:00:00
K82644737 : NTP vulnerability CVE-2016-4954
2016-06-16 00:00:00
SOL82644737 - NTP vulnerability CVE-2016-4954
2016-06-16 00:00:00
talos
talos
seebug
seebug
veracode
veracode
Denial Of Service (DoS)
2019-05-02 05:34:28
ics
ics
Siemens SIMATIC NET CP 443-1 OPC UA
2021-06-08 12:00:00
Siemens TIM 4R-IE Devices
2021-04-13 12:00:00
cloudfoundry
cloudfoundry
USN-3096-1: NTP vulnerabilities | Cloud Foundry
2016-12-21 00:00:00
ubuntu
ubuntu
NTP vulnerabilities
2016-10-05 00:00:00
aix
aix
Vulnerabilities in NTP affect AIX,Vulnerabilities in NTP affect VIOS
2016-09-06 09:07:16
Vulnerabilities in NTP affect AIX,Vulnerabilities in NTP affect VIOS
2016-06-08 13:17:48
gentoo
gentoo
NTP: Multiple vulnerabilities
2016-07-20 00:00:00
centos
centos
ntp, ntpdate, sntp security update
2016-05-31 10:58:56
oraclelinux
oraclelinux
ntp security update
2016-05-31 00:00:00
redhat
redhat
(RHSA-2016:1141) Moderate: ntp security update
2016-05-31 05:04:27
(RHSA-2016:1552) Moderate: ntp security update
2016-08-03 04:36:58
rosalinux
rosalinux
Advisory ROSA-SA-2021-1932
2021-07-02 17:35:16
symantec
symantec
SA113 : January 2016 NTP Security Vulnerabilities
2016-03-03 08:00:00
debian
debian
[SECURITY] [DLA 559-1] ntp security update
2016-07-25 21:37:31
arista
arista
Security Advisory 0019
2018-04-25 00:00:00
osv
osv
ntp - security update
2016-07-25 00:00:00
ntp - security update
2016-07-25 00:00:00
Related for ALA_ALAS-2016-727.NASL