Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusThis script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.REDHAT-RHSA-2018-0855.NASL
HistoryApr 11, 2018 - 12:00 a.m.

RHEL 7 : ntp (RHSA-2018:0855)

2018-04-1100:00:00
This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
71
JSON

An update for ntp is now available for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System (CVSS) base score, which gives a detailed severity rating, is available for each vulnerability from the CVE link(s) in the References section.

The Network Time Protocol (NTP) is used to synchronize a computerโ€™s time with another referenced time source. These packages include the ntpd service which continuously adjusts system time and utilities used to query and configure the ntpd service.

Security Fix(es) :

  • ntp: Authenticated DoS via Malicious Config Option (CVE-2017-6463)

  • ntp: Denial of Service via Malformed Config (CVE-2017-6464)

  • ntp: Buffer Overflow in DPTS Clock (CVE-2017-6462)

For more details about the security issue(s), including the impact, a CVSS score, and other related information, refer to the CVE page(s) listed in the References section.

Red Hat would like to thank the NTP project for reporting these issues. Upstream acknowledges Cure53 as the original reporter of these issues.

Additional Changes :

For detailed information on changes in this release, see the Red Hat Enterprise Linux 7.5 Release Notes linked from the References section.

#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were  
# extracted from Red Hat Security Advisory RHSA-2018:0855. The text 
# itself is copyright (C) Red Hat, Inc.
#

include("compat.inc");

if (description)
{
  script_id(108989);
  script_version("1.7");
  script_cvs_date("Date: 2019/10/24 15:35:44");

  script_cve_id("CVE-2017-6462", "CVE-2017-6463", "CVE-2017-6464");
  script_xref(name:"RHSA", value:"2018:0855");

  script_name(english:"RHEL 7 : ntp (RHSA-2018:0855)");
  script_summary(english:"Checks the rpm output for the updated packages");

  script_set_attribute(
    attribute:"synopsis", 
    value:"The remote Red Hat host is missing one or more security updates."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"An update for ntp is now available for Red Hat Enterprise Linux 7.

Red Hat Product Security has rated this update as having a security
impact of Moderate. A Common Vulnerability Scoring System (CVSS) base
score, which gives a detailed severity rating, is available for each
vulnerability from the CVE link(s) in the References section.

The Network Time Protocol (NTP) is used to synchronize a computer's
time with another referenced time source. These packages include the
ntpd service which continuously adjusts system time and utilities used
to query and configure the ntpd service.

Security Fix(es) :

* ntp: Authenticated DoS via Malicious Config Option (CVE-2017-6463)

* ntp: Denial of Service via Malformed Config (CVE-2017-6464)

* ntp: Buffer Overflow in DPTS Clock (CVE-2017-6462)

For more details about the security issue(s), including the impact, a
CVSS score, and other related information, refer to the CVE page(s)
listed in the References section.

Red Hat would like to thank the NTP project for reporting these
issues. Upstream acknowledges Cure53 as the original reporter of these
issues.

Additional Changes :

For detailed information on changes in this release, see the Red Hat
Enterprise Linux 7.5 Release Notes linked from the References section."
  );
  # https://access.redhat.com/documentation/en-US/red_hat_enterprise_linux/7/
  script_set_attribute(
    attribute:"see_also",
    value:"http://www.nessus.org/u?dde41582"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://access.redhat.com/errata/RHSA-2018:0855"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://access.redhat.com/security/cve/cve-2017-6462"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://access.redhat.com/security/cve/cve-2017-6463"
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://access.redhat.com/security/cve/cve-2017-6464"
  );
  script_set_attribute(attribute:"solution", value:"Update the affected packages.");
  script_set_cvss_base_vector("CVSS2#AV:L/AC:L/Au:N/C:P/I:P/A:P");
  script_set_cvss3_base_vector("CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H");

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:ntp");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:ntp-debuginfo");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:ntp-doc");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:ntp-perl");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:ntpdate");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:redhat:enterprise_linux:sntp");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:7");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:7.6");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:redhat:enterprise_linux:7.7");

  script_set_attribute(attribute:"vuln_publication_date", value:"2017/03/27");
  script_set_attribute(attribute:"patch_publication_date", value:"2018/04/10");
  script_set_attribute(attribute:"plugin_publication_date", value:"2018/04/11");
  script_set_attribute(attribute:"generated_plugin", value:"current");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"This script is Copyright (C) 2018-2019 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"Red Hat Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/local_checks_enabled", "Host/RedHat/release", "Host/RedHat/rpm-list", "Host/cpu");

  exit(0);
}


include("audit.inc");
include("global_settings.inc");
include("misc_func.inc");
include("rpm.inc");

if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/RedHat/release");
if (isnull(release) || "Red Hat" >!< release) audit(AUDIT_OS_NOT, "Red Hat");
os_ver = pregmatch(pattern: "Red Hat Enterprise Linux.*release ([0-9]+(\.[0-9]+)?)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "Red Hat");
os_ver = os_ver[1];
if (! preg(pattern:"^7([^0-9]|$)", string:os_ver)) audit(AUDIT_OS_NOT, "Red Hat 7.x", "Red Hat " + os_ver);

if (!get_kb_item("Host/RedHat/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$" && "s390" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Red Hat", cpu);

yum_updateinfo = get_kb_item("Host/RedHat/yum-updateinfo");
if (!empty_or_null(yum_updateinfo)) 
{
  rhsa = "RHSA-2018:0855";
  yum_report = redhat_generate_yum_updateinfo_report(rhsa:rhsa);
  if (!empty_or_null(yum_report))
  {
    security_report_v4(
      port       : 0,
      severity   : SECURITY_WARNING,
      extra      : yum_report 
    );
    exit(0);
  }
  else
  {
    audit_message = "affected by Red Hat security advisory " + rhsa;
    audit(AUDIT_OS_NOT, audit_message);
  }
}
else
{
  flag = 0;
  if (rpm_check(release:"RHEL7", cpu:"s390x", reference:"ntp-4.2.6p5-28.el7")) flag++;

  if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"ntp-4.2.6p5-28.el7")) flag++;

  if (rpm_check(release:"RHEL7", cpu:"s390x", reference:"ntp-debuginfo-4.2.6p5-28.el7")) flag++;

  if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"ntp-debuginfo-4.2.6p5-28.el7")) flag++;

  if (rpm_check(release:"RHEL7", reference:"ntp-doc-4.2.6p5-28.el7")) flag++;

  if (rpm_check(release:"RHEL7", reference:"ntp-perl-4.2.6p5-28.el7")) flag++;

  if (rpm_check(release:"RHEL7", cpu:"s390x", reference:"ntpdate-4.2.6p5-28.el7")) flag++;

  if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"ntpdate-4.2.6p5-28.el7")) flag++;

  if (rpm_check(release:"RHEL7", cpu:"s390x", reference:"sntp-4.2.6p5-28.el7")) flag++;

  if (rpm_check(release:"RHEL7", cpu:"x86_64", reference:"sntp-4.2.6p5-28.el7")) flag++;


  if (flag)
  {
    security_report_v4(
      port       : 0,
      severity   : SECURITY_WARNING,
      extra      : rpm_report_get() + redhat_report_package_caveat()
    );
    exit(0);
  }
  else
  {
    tested = pkg_tests_get();
    if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
    else audit(AUDIT_PACKAGE_NOT_INSTALLED, "ntp / ntp-debuginfo / ntp-doc / ntp-perl / ntpdate / sntp");
  }
}
VendorProductVersionCPE
redhatenterprise_linuxntpp-cpe:/a:redhat:enterprise_linux:ntp
redhatenterprise_linuxntp-debuginfop-cpe:/a:redhat:enterprise_linux:ntp-debuginfo
redhatenterprise_linuxntp-docp-cpe:/a:redhat:enterprise_linux:ntp-doc
redhatenterprise_linuxntp-perlp-cpe:/a:redhat:enterprise_linux:ntp-perl
redhatenterprise_linuxntpdatep-cpe:/a:redhat:enterprise_linux:ntpdate
redhatenterprise_linuxsntpp-cpe:/a:redhat:enterprise_linux:sntp
redhatenterprise_linux7cpe:/o:redhat:enterprise_linux:7
redhatenterprise_linux7.6cpe:/o:redhat:enterprise_linux:7.6
redhatenterprise_linux7.7cpe:/o:redhat:enterprise_linux:7.7

Related

nessus 39
ibm 14
redhat 2
openvas 11
centos 2
freebsd 1
freebsd_advisory 1
amazon 2
fedora 3
mageia 1
oraclelinux 3
aix 1
checkpoint_advisories 1
veracode 3
ubuntucve 3
debiancve 3
prion 3
cve 3
redhatcve 3
f5 3
slackware 1
symantec 1
ubuntu 2
cloudfoundry 1
apple 2
nessus
nessus
Virtuozzo 6 : ntp / ntp-doc / ntp-perl / ntpdate (VZLSA-2017-3071)
2018-11-27 00:00:00
NewStart CGSL MAIN 4.05 : ntp Multiple Vulnerabilities (NS-SA-2019-0127)
2019-08-12 00:00:00
NewStart CGSL CORE 5.04 / MAIN 5.04 : ntp Multiple Vulnerabilities (NS-SA-2019-0029)
2019-08-12 00:00:00
ibm
ibm
Security Bulletin: A security vulnerability has been identified in Red Hatยฎ Enterprise Linux (RHEL) Server shipped with PurePower Integrated Manager (PPIM) (CVE-2017-6462 CVE-2017-6463 CVE-2017-6464)
2018-06-18 01:36:03
Security Bulletin: Vulnerabilities in NTP affect PowerKVM
2018-07-06 23:57:31
Security Bulletin: Multiple vulnerabilities in OpenSource NTP affects IBM Netezza Host Management
2019-10-18 03:10:29
redhat
redhat
(RHSA-2018:0855) Moderate: ntp security, bug fix, and enhancement update
2018-04-10 05:02:34
(RHSA-2017:3071) Moderate: ntp security update
2017-10-26 06:19:03
openvas
openvas
RedHat Update for ntp RHSA-2017:3071-01
2017-10-27 00:00:00
CentOS Update for ntp CESA-2017:3071 centos6
2017-10-27 00:00:00
Fedora Update for ntp FEDORA-2017-5ebac1c112
2017-03-29 00:00:00
centos
centos
ntp, ntpdate, sntp security update
2018-04-26 17:47:34
ntp, ntpdate security update
2017-10-26 11:47:10
freebsd
freebsd
FreeBSD -- Multiple vulnerabilities of ntp
2017-04-12 00:00:00
freebsd_advisory
freebsd_advisory
FreeBSD-SA-17:03.ntp
2017-04-12 00:00:00
amazon
amazon
Medium: ntp
2017-04-20 05:54:00
Medium: ntp
2018-05-10 17:11:00
fedora
fedora
[SECURITY] Fedora 24 Update: ntp-4.2.6p5-44.fc24
2017-04-18 16:49:59
[SECURITY] Fedora 25 Update: ntp-4.2.6p5-44.fc25
2017-03-29 01:35:03
[SECURITY] Fedora 26 Update: ntp-4.2.8p10-1.fc26
2017-04-01 18:10:49
mageia
mageia
Updated ntp packages fix security vulnerability
2017-05-09 09:35:29
oraclelinux
oraclelinux
ntp security update
2018-12-19 00:00:00
ntp security, bug fix, and enhancement update
2018-04-16 00:00:00
ntp security update
2017-10-26 00:00:00
aix
aix
There are multiple vulnerabilities in NTPv3 and NTPv4 that impact AIX,There are multiple vulnerabilities in NTPv3 and NTPv4 that impact AIX.,There are multiple vulnerabilities in NTPv3 and NTPv4 that impact VIOS
2017-07-06 14:53:51
checkpoint_advisories
checkpoint_advisories
Network Time Protocol Daemon peer xmit mode Denial of Service (CVE-2017-6464)
2017-05-11 00:00:00
veracode
veracode
Denial Of Service (DoS)
2019-05-02 06:37:19
Denial Of Service (DoS)
2019-01-15 09:19:43
Denial Of Service (DoS)
2019-05-02 06:37:19
ubuntucve
ubuntucve
CVE-2017-6464
2017-03-27 00:00:00
CVE-2017-6463
2017-03-27 00:00:00
CVE-2017-6462
2017-03-27 00:00:00
debiancve
debiancve
CVE-2017-6464
2017-03-27 17:59:00
CVE-2017-6462
2017-03-27 17:59:00
CVE-2017-6463
2017-03-27 17:59:00
prion
prion
Design/Logic Flaw
2017-03-27 17:59:00
Buffer overflow
2017-03-27 17:59:00
Design/Logic Flaw
2017-03-27 17:59:00
cve
cve
CVE-2017-6464
2017-03-27 17:59:00
CVE-2017-6462
2017-03-27 17:59:00
CVE-2017-6463
2017-03-27 17:59:00
redhatcve
redhatcve
CVE-2017-6464
2017-03-22 02:18:10
CVE-2017-6462
2017-03-22 02:18:33
CVE-2017-6463
2017-03-22 02:18:27
f5
f5
K96670746 : NTP vulnerability CVE-2017-6464
2017-05-09 00:00:00
K07082049 : NTP vulnerability CVE-2017-6462
2017-05-08 00:00:00
K02951273 : NTP vulnerability CVE-2017-6463
2017-05-16 00:00:00
slackware
slackware
[slackware-security] ntp
2017-04-22 16:42:41
symantec
symantec
SA147 : March 2017 NTP Security Vulnerabilities
2017-04-13 08:00:00
ubuntu
ubuntu
NTP vulnerabilities
2019-01-23 00:00:00
NTP vulnerabilities
2017-07-05 00:00:00
cloudfoundry
cloudfoundry
USN-3349-1: NTP vulnerabilities | Cloud Foundry
2017-08-04 00:00:00
apple
apple
About the security content of macOS High Sierra 10.13
2017-09-25 00:00:00
About the security content of macOS High Sierra 10.13 - Apple Support
2020-02-06 07:51:09
JSON
Related for REDHAT-RHSA-2018-0855.NASL
nessus39ibm14redhat2openvas11centos2freebsd1freebsd_advisory1amazon2fedora3mageia1oraclelinux3aix1checkpoint_advisories1veracode3ubuntucve3debiancve3prion3cve3redhatcve3f53slackware1symantec1ubuntu2cloudfoundry1apple2