CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS
Percentile
99.8%
NTP was updated to version 4.2.8p8 to fix several security issues and to ensure the continued maintainability of the package.
These security issues were fixed :
CVE-2016-4953: Bad authentication demobilized ephemeral associations (bsc#982065).
CVE-2016-4954: Processing spoofed server packets (bsc#982066).
CVE-2016-4955: Autokey association reset (bsc#982067).
CVE-2016-4956: Broadcast interleave (bsc#982068).
CVE-2016-4957: CRYPTO_NAK crash (bsc#982064).
CVE-2016-1547: Validate crypto-NAKs to prevent ACRYPTO-NAK DoS (bsc#977459).
CVE-2016-1548: Prevent the change of time of an ntpd client or denying service to an ntpd client by forcing it to change from basic client/server mode to interleaved symmetric mode (bsc#977461).
CVE-2016-1549: Sybil vulnerability: ephemeral association attack (bsc#977451).
CVE-2016-1550: Improve security against buffer comparison timing attacks (bsc#977464).
CVE-2016-1551: Refclock impersonation vulnerability (bsc#977450)y
CVE-2016-2516: Duplicate IPs on unconfig directives could have caused an assertion botch in ntpd (bsc#977452).
CVE-2016-2517: Remote configuration trustedkey/ requestkey/controlkey values are not properly validated (bsc#977455).
CVE-2016-2518: Crafted addpeer with hmode > 7 causes array wraparound with MATCH_ASSOC (bsc#977457).
CVE-2016-2519: ctl_getitem() return value not always checked (bsc#977458).
CVE-2015-8158: Potential Infinite Loop in ntpq (bsc#962966).
CVE-2015-8138: Zero Origin Timestamp Bypass (bsc#963002).
CVE-2015-7979: Off-path Denial of Service (DoS) attack on authenticated broadcast mode (bsc#962784).
CVE-2015-7978: Stack exhaustion in recursive traversal of restriction list (bsc#963000).
CVE-2015-7977: reslist NULL pointer dereference (bsc#962970).
CVE-2015-7976: ntpq saveconfig command allowed dangerous characters in filenames (bsc#962802).
CVE-2015-7975: nextvar() missing length check (bsc#962988).
CVE-2015-7974: NTP did not verify peer associations of symmetric keys when authenticating packets, which might have allowed remote attackers to conduct impersonation attacks via an arbitrary trusted key, aka a ‘skeleton’ key (bsc#962960).
CVE-2015-7973: Replay attack on authenticated broadcast mode (bsc#962995).
CVE-2015-5300: MITM attacker can force ntpd to make a step larger than the panic threshold (bsc#951629).
CVE-2015-5194: Crash with crafted logconfig configuration command (bsc#943218).
CVE-2015-7871: NAK to the Future: Symmetric association authentication bypass via crypto-NAK (bsc#952611).
CVE-2015-7855: decodenetnum() will ASSERT botch instead of returning FAIL on some bogus values (bsc#952611).
CVE-2015-7854: Password Length Memory Corruption Vulnerability (bsc#952611).
CVE-2015-7853: Invalid length data provided by a custom refclock driver could cause a buffer overflow (bsc#952611).
CVE-2015-7852: ntpq atoascii() Memory Corruption Vulnerability (bsc#952611).
CVE-2015-7851: saveconfig Directory Traversal Vulnerability (bsc#952611).
CVE-2015-7850: Clients that receive a KoD now validate the origin timestamp field (bsc#952611).
CVE-2015-7849: Prevent use-after-free trusted key (bsc#952611).
CVE-2015-7848: Prevent mode 7 loop counter underrun (bsc#952611).
CVE-2015-7701: Slow memory leak in CRYPTO_ASSOC (bsc#952611).
CVE-2015-7703: Configuration directives ‘pidfile’ and ‘driftfile’ should only be allowed locally (bsc#943221).
CVE-2015-7704: Clients that receive a KoD should validate the origin timestamp field (bsc#952611).
CVE-2015-7705: Clients that receive a KoD should validate the origin timestamp field (bsc#952611).
CVE-2015-7691: Incomplete autokey data packet length checks (bsc#952611).
CVE-2015-7692: Incomplete autokey data packet length checks (bsc#952611).
CVE-2015-7702: Incomplete autokey data packet length checks (bsc#952611).
CVE-2015-1798: The symmetric-key feature in the receive function in ntp_proto.c in ntpd in NTP required a correct MAC only if the MAC field has a nonzero length, which made it easier for man-in-the-middle attackers to spoof packets by omitting the MAC (bsc#924202).
CVE-2015-1799: The symmetric-key feature in the receive function in ntp_proto.c in ntpd in NTP performed state-variable updates upon receiving certain invalid packets, which made it easier for man-in-the-middle attackers to cause a denial of service (synchronization loss) by spoofing the source IP address of a peer (bsc#924202).
The update package also includes non-security fixes. See advisory for details.
Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from SUSE update advisory SUSE-SU-2016:1912-1.
# The text itself is copyright (C) SUSE.
#
include('deprecated_nasl_level.inc');
include('compat.inc');
if (description)
{
script_id(93186);
script_version("2.19");
script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/06");
script_cve_id("CVE-2015-1798", "CVE-2015-1799", "CVE-2015-5194", "CVE-2015-5300", "CVE-2015-7691", "CVE-2015-7692", "CVE-2015-7701", "CVE-2015-7702", "CVE-2015-7703", "CVE-2015-7704", "CVE-2015-7705", "CVE-2015-7848", "CVE-2015-7849", "CVE-2015-7850", "CVE-2015-7851", "CVE-2015-7852", "CVE-2015-7853", "CVE-2015-7854", "CVE-2015-7855", "CVE-2015-7871", "CVE-2015-7973", "CVE-2015-7974", "CVE-2015-7975", "CVE-2015-7976", "CVE-2015-7977", "CVE-2015-7978", "CVE-2015-7979", "CVE-2015-8138", "CVE-2015-8158", "CVE-2016-1547", "CVE-2016-1548", "CVE-2016-1549", "CVE-2016-1550", "CVE-2016-1551", "CVE-2016-2516", "CVE-2016-2517", "CVE-2016-2518", "CVE-2016-2519", "CVE-2016-4953", "CVE-2016-4954", "CVE-2016-4955", "CVE-2016-4956", "CVE-2016-4957");
script_bugtraq_id(73950, 73951);
script_xref(name:"TRA", value:"TRA-2015-04");
script_name(english:"SUSE SLES10 Security Update : ntp (SUSE-SU-2016:1912-1)");
script_summary(english:"Checks rpm output for the updated packages.");
script_set_attribute(
attribute:"synopsis",
value:"The remote SUSE host is missing one or more security updates."
);
script_set_attribute(
attribute:"description",
value:
"NTP was updated to version 4.2.8p8 to fix several security issues and
to ensure the continued maintainability of the package.
These security issues were fixed :
CVE-2016-4953: Bad authentication demobilized ephemeral associations
(bsc#982065).
CVE-2016-4954: Processing spoofed server packets (bsc#982066).
CVE-2016-4955: Autokey association reset (bsc#982067).
CVE-2016-4956: Broadcast interleave (bsc#982068).
CVE-2016-4957: CRYPTO_NAK crash (bsc#982064).
CVE-2016-1547: Validate crypto-NAKs to prevent ACRYPTO-NAK DoS
(bsc#977459).
CVE-2016-1548: Prevent the change of time of an ntpd client or denying
service to an ntpd client by forcing it to change from basic
client/server mode to interleaved symmetric mode (bsc#977461).
CVE-2016-1549: Sybil vulnerability: ephemeral association attack
(bsc#977451).
CVE-2016-1550: Improve security against buffer comparison timing
attacks (bsc#977464).
CVE-2016-1551: Refclock impersonation vulnerability (bsc#977450)y
CVE-2016-2516: Duplicate IPs on unconfig directives could have caused
an assertion botch in ntpd (bsc#977452).
CVE-2016-2517: Remote configuration trustedkey/ requestkey/controlkey
values are not properly validated (bsc#977455).
CVE-2016-2518: Crafted addpeer with hmode > 7 causes array wraparound
with MATCH_ASSOC (bsc#977457).
CVE-2016-2519: ctl_getitem() return value not always checked
(bsc#977458).
CVE-2015-8158: Potential Infinite Loop in ntpq (bsc#962966).
CVE-2015-8138: Zero Origin Timestamp Bypass (bsc#963002).
CVE-2015-7979: Off-path Denial of Service (DoS) attack on
authenticated broadcast mode (bsc#962784).
CVE-2015-7978: Stack exhaustion in recursive traversal of restriction
list (bsc#963000).
CVE-2015-7977: reslist NULL pointer dereference (bsc#962970).
CVE-2015-7976: ntpq saveconfig command allowed dangerous characters in
filenames (bsc#962802).
CVE-2015-7975: nextvar() missing length check (bsc#962988).
CVE-2015-7974: NTP did not verify peer associations of symmetric keys
when authenticating packets, which might have allowed remote attackers
to conduct impersonation attacks via an arbitrary trusted key, aka a
'skeleton' key (bsc#962960).
CVE-2015-7973: Replay attack on authenticated broadcast mode
(bsc#962995).
CVE-2015-5300: MITM attacker can force ntpd to make a step larger than
the panic threshold (bsc#951629).
CVE-2015-5194: Crash with crafted logconfig configuration command
(bsc#943218).
CVE-2015-7871: NAK to the Future: Symmetric association authentication
bypass via crypto-NAK (bsc#952611).
CVE-2015-7855: decodenetnum() will ASSERT botch instead of returning
FAIL on some bogus values (bsc#952611).
CVE-2015-7854: Password Length Memory Corruption Vulnerability
(bsc#952611).
CVE-2015-7853: Invalid length data provided by a custom refclock
driver could cause a buffer overflow (bsc#952611).
CVE-2015-7852: ntpq atoascii() Memory Corruption Vulnerability
(bsc#952611).
CVE-2015-7851: saveconfig Directory Traversal Vulnerability
(bsc#952611).
CVE-2015-7850: Clients that receive a KoD now validate the origin
timestamp field (bsc#952611).
CVE-2015-7849: Prevent use-after-free trusted key (bsc#952611).
CVE-2015-7848: Prevent mode 7 loop counter underrun (bsc#952611).
CVE-2015-7701: Slow memory leak in CRYPTO_ASSOC (bsc#952611).
CVE-2015-7703: Configuration directives 'pidfile' and 'driftfile'
should only be allowed locally (bsc#943221).
CVE-2015-7704: Clients that receive a KoD should validate the origin
timestamp field (bsc#952611).
CVE-2015-7705: Clients that receive a KoD should validate the origin
timestamp field (bsc#952611).
CVE-2015-7691: Incomplete autokey data packet length checks
(bsc#952611).
CVE-2015-7692: Incomplete autokey data packet length checks
(bsc#952611).
CVE-2015-7702: Incomplete autokey data packet length checks
(bsc#952611).
CVE-2015-1798: The symmetric-key feature in the receive function in
ntp_proto.c in ntpd in NTP required a correct MAC only if the MAC
field has a nonzero length, which made it easier for man-in-the-middle
attackers to spoof packets by omitting the MAC (bsc#924202).
CVE-2015-1799: The symmetric-key feature in the receive function in
ntp_proto.c in ntpd in NTP performed state-variable updates upon
receiving certain invalid packets, which made it easier for
man-in-the-middle attackers to cause a denial of service
(synchronization loss) by spoofing the source IP address of a peer
(bsc#924202).
The update package also includes non-security fixes. See advisory for
details.
Note that Tenable Network Security has extracted the preceding
description block directly from the SUSE security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues."
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=782060"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=784760"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=905885"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=910063"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=916617"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=920183"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=920238"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=920893"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=920895"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=920905"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=924202"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=926510"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=936327"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=943218"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=943221"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=944300"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=951351"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=951559"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=951629"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=952611"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=957226"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=962318"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=962784"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=962802"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=962960"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=962966"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=962970"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=962988"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=962995"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=963000"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=963002"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=975496"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=977450"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=977451"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=977452"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=977455"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=977457"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=977458"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=977459"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=977461"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=977464"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=979302"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=981422"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=982056"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=982064"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=982065"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=982066"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=982067"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=982068"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=988417"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=988558"
);
script_set_attribute(
attribute:"see_also",
value:"https://bugzilla.suse.com/show_bug.cgi?id=988565"
);
# https://download.suse.com/patch/finder/?keywords=e7685b9a0cc48dfc1cea383e011b438b
script_set_attribute(
attribute:"see_also",
value:"http://www.nessus.org/u?802995db"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.suse.com/security/cve/CVE-2015-1798/"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.suse.com/security/cve/CVE-2015-1799/"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.suse.com/security/cve/CVE-2015-5194/"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.suse.com/security/cve/CVE-2015-5300/"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.suse.com/security/cve/CVE-2015-7691/"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.suse.com/security/cve/CVE-2015-7692/"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.suse.com/security/cve/CVE-2015-7701/"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.suse.com/security/cve/CVE-2015-7702/"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.suse.com/security/cve/CVE-2015-7703/"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.suse.com/security/cve/CVE-2015-7704/"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.suse.com/security/cve/CVE-2015-7705/"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.suse.com/security/cve/CVE-2015-7848/"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.suse.com/security/cve/CVE-2015-7849/"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.suse.com/security/cve/CVE-2015-7850/"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.suse.com/security/cve/CVE-2015-7851/"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.suse.com/security/cve/CVE-2015-7852/"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.suse.com/security/cve/CVE-2015-7853/"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.suse.com/security/cve/CVE-2015-7854/"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.suse.com/security/cve/CVE-2015-7855/"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.suse.com/security/cve/CVE-2015-7871/"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.suse.com/security/cve/CVE-2015-7973/"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.suse.com/security/cve/CVE-2015-7974/"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.suse.com/security/cve/CVE-2015-7975/"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.suse.com/security/cve/CVE-2015-7976/"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.suse.com/security/cve/CVE-2015-7977/"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.suse.com/security/cve/CVE-2015-7978/"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.suse.com/security/cve/CVE-2015-7979/"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.suse.com/security/cve/CVE-2015-8138/"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.suse.com/security/cve/CVE-2015-8158/"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.suse.com/security/cve/CVE-2016-1547/"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.suse.com/security/cve/CVE-2016-1548/"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.suse.com/security/cve/CVE-2016-1549/"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.suse.com/security/cve/CVE-2016-1550/"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.suse.com/security/cve/CVE-2016-1551/"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.suse.com/security/cve/CVE-2016-2516/"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.suse.com/security/cve/CVE-2016-2517/"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.suse.com/security/cve/CVE-2016-2518/"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.suse.com/security/cve/CVE-2016-2519/"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.suse.com/security/cve/CVE-2016-4953/"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.suse.com/security/cve/CVE-2016-4954/"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.suse.com/security/cve/CVE-2016-4955/"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.suse.com/security/cve/CVE-2016-4956/"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.suse.com/security/cve/CVE-2016-4957/"
);
# https://www.suse.com/support/update/announcement/2016/suse-su-20161912-1/
script_set_attribute(
attribute:"see_also",
value:"http://www.nessus.org/u?8cdea8cd"
);
script_set_attribute(
attribute:"see_also",
value:"https://www.tenable.com/security/research/tra-2015-04"
);
script_set_attribute(attribute:"solution", value:"Update the affected ntp packages");
script_set_cvss_base_vector("CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P");
script_set_cvss_temporal_vector("CVSS2#E:POC/RL:OF/RC:C");
script_set_cvss3_base_vector("CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H");
script_set_cvss3_temporal_vector("CVSS:3.0/E:P/RL:O/RC:C");
script_set_attribute(attribute:"exploitability_ease", value:"Exploits are available");
script_set_attribute(attribute:"exploit_available", value:"true");
script_set_attribute(attribute:"plugin_type", value:"local");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:ntp");
script_set_attribute(attribute:"cpe", value:"p-cpe:/a:novell:suse_linux:ntp-doc");
script_set_attribute(attribute:"cpe", value:"cpe:/o:novell:suse_linux:10");
script_set_attribute(attribute:"vuln_publication_date", value:"2015/04/08");
script_set_attribute(attribute:"patch_publication_date", value:"2016/07/29");
script_set_attribute(attribute:"plugin_publication_date", value:"2016/08/29");
script_set_attribute(attribute:"generated_plugin", value:"current");
script_end_attributes();
script_category(ACT_GATHER_INFO);
script_copyright(english:"This script is Copyright (C) 2016-2021 and is owned by Tenable, Inc. or an Affiliate thereof.");
script_family(english:"SuSE Local Security Checks");
script_dependencies("ssh_get_info.nasl");
script_require_keys("Host/local_checks_enabled", "Host/cpu", "Host/SuSE/release", "Host/SuSE/rpm-list");
exit(0);
}
include("audit.inc");
include("global_settings.inc");
include("rpm.inc");
if (!get_kb_item("Host/local_checks_enabled")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/SuSE/release");
if (isnull(release) || release !~ "^(SLED|SLES)") audit(AUDIT_OS_NOT, "SUSE");
os_ver = pregmatch(pattern: "^(SLE(S|D)\d+)", string:release);
if (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, "SUSE");
os_ver = os_ver[1];
if (! preg(pattern:"^(SLES10)$", string:os_ver)) audit(AUDIT_OS_NOT, "SUSE SLES10", "SUSE " + os_ver);
if (!get_kb_item("Host/SuSE/rpm-list")) audit(AUDIT_PACKAGE_LIST_MISSING);
cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if (cpu !~ "^i[3-6]86$" && "x86_64" >!< cpu && "s390x" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "SUSE " + os_ver, cpu);
sp = get_kb_item("Host/SuSE/patchlevel");
if (isnull(sp)) sp = "0";
if (os_ver == "SLES10" && (! preg(pattern:"^(4)$", string:sp))) audit(AUDIT_OS_NOT, "SLES10 SP4", os_ver + " SP" + sp);
flag = 0;
if (rpm_check(release:"SLES10", sp:"4", reference:"ntp-4.2.8p8-0.7.1")) flag++;
if (rpm_check(release:"SLES10", sp:"4", reference:"ntp-doc-4.2.8p8-0.7.1")) flag++;
if (flag)
{
if (report_verbosity > 0) security_hole(port:0, extra:rpm_report_get());
else security_hole(0);
exit(0);
}
else
{
tested = pkg_tests_get();
if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
else audit(AUDIT_PACKAGE_NOT_INSTALLED, "ntp");
}
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1798
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-1799
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5194
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5300
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7691
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7692
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7701
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7702
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7703
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7704
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7705
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7848
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7849
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7850
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7851
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7852
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7853
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7854
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7855
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7871
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7973
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7974
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7975
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7976
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7977
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7978
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7979
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8138
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8158
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1547
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1548
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1549
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1550
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1551
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2516
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2517
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2518
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2519
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4953
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4954
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4955
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4956
cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4957
www.nessus.org/u?802995db
www.nessus.org/u?8cdea8cd
bugzilla.suse.com/show_bug.cgi?id=782060
bugzilla.suse.com/show_bug.cgi?id=784760
bugzilla.suse.com/show_bug.cgi?id=905885
bugzilla.suse.com/show_bug.cgi?id=910063
bugzilla.suse.com/show_bug.cgi?id=916617
bugzilla.suse.com/show_bug.cgi?id=920183
bugzilla.suse.com/show_bug.cgi?id=920238
bugzilla.suse.com/show_bug.cgi?id=920893
bugzilla.suse.com/show_bug.cgi?id=920895
bugzilla.suse.com/show_bug.cgi?id=920905
bugzilla.suse.com/show_bug.cgi?id=924202
bugzilla.suse.com/show_bug.cgi?id=926510
bugzilla.suse.com/show_bug.cgi?id=936327
bugzilla.suse.com/show_bug.cgi?id=943218
bugzilla.suse.com/show_bug.cgi?id=943221
bugzilla.suse.com/show_bug.cgi?id=944300
bugzilla.suse.com/show_bug.cgi?id=951351
bugzilla.suse.com/show_bug.cgi?id=951559
bugzilla.suse.com/show_bug.cgi?id=951629
bugzilla.suse.com/show_bug.cgi?id=952611
bugzilla.suse.com/show_bug.cgi?id=957226
bugzilla.suse.com/show_bug.cgi?id=962318
bugzilla.suse.com/show_bug.cgi?id=962784
bugzilla.suse.com/show_bug.cgi?id=962802
bugzilla.suse.com/show_bug.cgi?id=962960
bugzilla.suse.com/show_bug.cgi?id=962966
bugzilla.suse.com/show_bug.cgi?id=962970
bugzilla.suse.com/show_bug.cgi?id=962988
bugzilla.suse.com/show_bug.cgi?id=962995
bugzilla.suse.com/show_bug.cgi?id=963000
bugzilla.suse.com/show_bug.cgi?id=963002
bugzilla.suse.com/show_bug.cgi?id=975496
bugzilla.suse.com/show_bug.cgi?id=977450
bugzilla.suse.com/show_bug.cgi?id=977451
bugzilla.suse.com/show_bug.cgi?id=977452
bugzilla.suse.com/show_bug.cgi?id=977455
bugzilla.suse.com/show_bug.cgi?id=977457
bugzilla.suse.com/show_bug.cgi?id=977458
bugzilla.suse.com/show_bug.cgi?id=977459
bugzilla.suse.com/show_bug.cgi?id=977461
bugzilla.suse.com/show_bug.cgi?id=977464
bugzilla.suse.com/show_bug.cgi?id=979302
bugzilla.suse.com/show_bug.cgi?id=981422
bugzilla.suse.com/show_bug.cgi?id=982056
bugzilla.suse.com/show_bug.cgi?id=982064
bugzilla.suse.com/show_bug.cgi?id=982065
bugzilla.suse.com/show_bug.cgi?id=982066
bugzilla.suse.com/show_bug.cgi?id=982067
bugzilla.suse.com/show_bug.cgi?id=982068
bugzilla.suse.com/show_bug.cgi?id=988417
bugzilla.suse.com/show_bug.cgi?id=988558
bugzilla.suse.com/show_bug.cgi?id=988565
www.suse.com/security/cve/CVE-2015-1798/
www.suse.com/security/cve/CVE-2015-1799/
www.suse.com/security/cve/CVE-2015-5194/
www.suse.com/security/cve/CVE-2015-5300/
www.suse.com/security/cve/CVE-2015-7691/
www.suse.com/security/cve/CVE-2015-7692/
www.suse.com/security/cve/CVE-2015-7701/
www.suse.com/security/cve/CVE-2015-7702/
www.suse.com/security/cve/CVE-2015-7703/
www.suse.com/security/cve/CVE-2015-7704/
www.suse.com/security/cve/CVE-2015-7705/
www.suse.com/security/cve/CVE-2015-7848/
www.suse.com/security/cve/CVE-2015-7849/
www.suse.com/security/cve/CVE-2015-7850/
www.suse.com/security/cve/CVE-2015-7851/
www.suse.com/security/cve/CVE-2015-7852/
www.suse.com/security/cve/CVE-2015-7853/
www.suse.com/security/cve/CVE-2015-7854/
www.suse.com/security/cve/CVE-2015-7855/
www.suse.com/security/cve/CVE-2015-7871/
www.suse.com/security/cve/CVE-2015-7973/
www.suse.com/security/cve/CVE-2015-7974/
www.suse.com/security/cve/CVE-2015-7975/
www.suse.com/security/cve/CVE-2015-7976/
www.suse.com/security/cve/CVE-2015-7977/
www.suse.com/security/cve/CVE-2015-7978/
www.suse.com/security/cve/CVE-2015-7979/
www.suse.com/security/cve/CVE-2015-8138/
www.suse.com/security/cve/CVE-2015-8158/
www.suse.com/security/cve/CVE-2016-1547/
www.suse.com/security/cve/CVE-2016-1548/
www.suse.com/security/cve/CVE-2016-1549/
www.suse.com/security/cve/CVE-2016-1550/
www.suse.com/security/cve/CVE-2016-1551/
www.suse.com/security/cve/CVE-2016-2516/
www.suse.com/security/cve/CVE-2016-2517/
www.suse.com/security/cve/CVE-2016-2518/
www.suse.com/security/cve/CVE-2016-2519/
www.suse.com/security/cve/CVE-2016-4953/
www.suse.com/security/cve/CVE-2016-4954/
www.suse.com/security/cve/CVE-2016-4955/
www.suse.com/security/cve/CVE-2016-4956/
www.suse.com/security/cve/CVE-2016-4957/
www.tenable.com/security/research/tra-2015-04
CVSS2
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
CVSS3
Attack Vector
NETWORK
Attack Complexity
LOW
Privileges Required
NONE
User Interaction
NONE
Scope
UNCHANGED
Confidentiality Impact
HIGH
Integrity Impact
HIGH
Availability Impact
HIGH
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H
EPSS
Percentile
99.8%