{"id": "UBUNTU_USN-4563-1.NASL", "bulletinFamily": "scanner", "title": "Ubuntu 18.04 LTS : NTP vulnerability (USN-4563-1)", "description": "The remote Ubuntu 18.04 LTS host has packages installed that are affected by a vulnerability as referenced in the\nUSN-4563-1 advisory.\n\n - NTP through 4.2.8p12 has a NULL Pointer Dereference. (CVE-2019-8936)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.", "published": "2020-10-02T00:00:00", "modified": "2020-10-02T00:00:00", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "href": "https://www.tenable.com/plugins/nessus/141110", "reporter": "Ubuntu Security Notice (C) 2020 Canonical, Inc. / NASL script (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.", "references": ["https://ubuntu.com/security/notices/USN-4563-1"], "cvelist": ["CVE-2019-8936"], "type": "nessus", "lastseen": "2020-11-25T15:14:35", "edition": 2, "viewCount": 7, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2019-8936"]}, {"type": "f5", "idList": ["F5:K61363039"]}, {"type": "fedora", "idList": ["FEDORA:B6F06606E5A6", "FEDORA:28E0D60491B0", "FEDORA:118CD6075D9F"]}, {"type": "slackware", "idList": ["SSA-2019-067-01"]}, {"type": "openvas", "idList": ["OPENVAS:1361412562311220191878", "OPENVAS:1361412562310875924", "OPENVAS:1361412562311220201457", "OPENVAS:1361412562311220191769", "OPENVAS:1361412562311220191860", "OPENVAS:1361412562311220191356", "OPENVAS:1361412562310852406", "OPENVAS:1361412562310875556", "OPENVAS:1361412562311220191938", "OPENVAS:1361412562310852390"]}, {"type": "nessus", "idList": ["ALA_ALAS-2019-1206.NASL", "PHOTONOS_PHSA-2019-3_0-0024_NTP.NASL", "EULEROS_SA-2019-1356.NASL", "EULEROS_SA-2019-1938.NASL", "SUSE_SU-2019-0775-1.NASL", "OPENSUSE-2019-1143.NASL", "SUSE_SU-2019-0777-1.NASL", "EULEROS_SA-2019-1769.NASL", "SUSE_SU-2019-13991-1.NASL", "OPENSUSE-2019-1158.NASL"]}, {"type": "amazon", "idList": ["ALAS-2019-1206"]}, {"type": "suse", "idList": ["OPENSUSE-SU-2019:1143-1", "OPENSUSE-SU-2019:1158-1"]}, {"type": "freebsd", "idList": ["C2576E14-36E2-11E9-9EDA-206A8A720317"]}, {"type": "aix", "idList": ["NTP_ADVISORY12.ASC"]}, {"type": "ubuntu", "idList": ["USN-4563-1"]}, {"type": "gentoo", "idList": ["GLSA-201903-15"]}], "modified": "2020-11-25T15:14:35", "rev": 2}, "score": {"value": 5.9, "vector": "NONE", "modified": "2020-11-25T15:14:35", "rev": 2}, "vulnersScore": 5.9}, "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Ubuntu Security Notice USN-4563-1. The text\n# itself is copyright (C) Canonical, Inc. See\n# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered\n# trademark of Canonical, Inc.\n#\n\ninclude('compat.inc');\n\nif (description)\n{\n script_id(141110);\n script_version(\"1.2\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/11/24\");\n\n script_cve_id(\"CVE-2019-8936\");\n script_bugtraq_id(107337);\n script_xref(name:\"USN\", value:\"4563-1\");\n\n script_name(english:\"Ubuntu 18.04 LTS : NTP vulnerability (USN-4563-1)\");\n script_summary(english:\"Checks the dpkg output for the updated packages\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote Ubuntu host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"The remote Ubuntu 18.04 LTS host has packages installed that are affected by a vulnerability as referenced in the\nUSN-4563-1 advisory.\n\n - NTP through 4.2.8p12 has a NULL Pointer Dereference. (CVE-2019-8936)\n\nNote that Nessus has not tested for this issue but has instead relied only on the application's self-reported version\nnumber.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://ubuntu.com/security/notices/USN-4563-1\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected ntp, ntpdate and / or sntp packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-8936\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/05/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2020/10/01\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2020/10/02\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:canonical:ubuntu_linux:18.04:-:lts\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:ntp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:ntpdate\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:canonical:ubuntu_linux:sntp\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Ubuntu Local Security Checks\");\n\n script_copyright(english:\"Ubuntu Security Notice (C) 2020 Canonical, Inc. / NASL script (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/cpu\", \"Host/Ubuntu\", \"Host/Ubuntu/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\ninclude('audit.inc');\ninclude('ubuntu.inc');\ninclude('misc_func.inc');\n\nif ( ! get_kb_item('Host/local_checks_enabled') ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item('Host/Ubuntu/release');\nif ( isnull(release) ) audit(AUDIT_OS_NOT, 'Ubuntu');\nrelease = chomp(release);\nif (! preg(pattern:\"^(18\\.04)$\", string:release)) audit(AUDIT_OS_NOT, 'Ubuntu 18.04', 'Ubuntu ' + release);\nif ( ! get_kb_item('Host/Debian/dpkg-l') ) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item('Host/cpu');\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif ('x86_64' >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, 'Ubuntu', cpu);\n\n\npkgs = [\n {'osver': '18.04', 'pkgname': 'ntp', 'pkgver': '1:4.2.8p10+dfsg-5ubuntu7.3'},\n {'osver': '18.04', 'pkgname': 'ntpdate', 'pkgver': '1:4.2.8p10+dfsg-5ubuntu7.3'},\n {'osver': '18.04', 'pkgname': 'sntp', 'pkgver': '1:4.2.8p10+dfsg-5ubuntu7.3'}\n];\n\nflag = 0;\nforeach package_array ( pkgs ) {\n osver = NULL;\n pkgname = NULL;\n pkgver = NULL;\n if (!empty_or_null(package_array['osver'])) osver = package_array['osver'];\n if (!empty_or_null(package_array['pkgname'])) pkgname = package_array['pkgname'];\n if (!empty_or_null(package_array['pkgver'])) pkgver = package_array['pkgver'];\n if (osver && pkgname && pkgver) {\n if (ubuntu_check(osver:osver, pkgname:pkgname, pkgver:pkgver)) flag++;\n }\n}\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : ubuntu_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = ubuntu_pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, 'ntp / ntpdate / sntp');\n}", "naslFamily": "Ubuntu Local Security Checks", "pluginID": "141110", "cpe": ["p-cpe:/a:canonical:ubuntu_linux:ntp", "cpe:/o:canonical:ubuntu_linux:18.04:-:lts", "p-cpe:/a:canonical:ubuntu_linux:sntp", "p-cpe:/a:canonical:ubuntu_linux:ntpdate"], "cvss3": {"score": 7.5, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "scheme": null}

{"cve": [{"lastseen": "2020-12-09T21:41:58", "description": "NTP through 4.2.8p12 has a NULL Pointer Dereference.", "edition": 13, "cvss3": {"exploitabilityScore": 3.9, "cvssV3": {"baseSeverity": "HIGH", "confidentialityImpact": "NONE", "attackComplexity": "LOW", "scope": "UNCHANGED", "attackVector": "NETWORK", "availabilityImpact": "HIGH", "integrityImpact": "NONE", "baseScore": 7.5, "privilegesRequired": "NONE", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "userInteraction": "NONE", "version": "3.1"}, "impactScore": 3.6}, "published": "2019-05-15T16:29:00", "title": "CVE-2019-8936", "type": "cve", "cwe": ["CWE-476"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 10.0, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "LOW", "confidentialityImpact": "NONE", "availabilityImpact": "PARTIAL", "integrityImpact": "NONE", "baseScore": 5.0, "vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "acInsufInfo": false, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2019-8936"], "modified": "2020-10-07T16:15:00", "cpe": ["cpe:/o:netapp:data_ontap:-", "cpe:/o:opensuse:leap:15.0", "cpe:/o:fedoraproject:fedora:29", "cpe:/o:fedoraproject:fedora:30", "cpe:/o:opensuse:leap:42.3", "cpe:/a:ntp:ntp:4.2.8", "cpe:/o:fedoraproject:fedora:28"], "id": "CVE-2019-8936", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2019-8936", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}, "cpe23": ["cpe:2.3:o:opensuse:leap:42.3:*:*:*:*:*:*:*", "cpe:2.3:a:ntp:ntp:4.2.8:p8:*:*:*:*:*:*", "cpe:2.3:a:ntp:ntp:4.2.8:p4:*:*:*:*:*:*", "cpe:2.3:o:fedoraproject:fedora:29:*:*:*:*:*:*:*", "cpe:2.3:a:ntp:ntp:4.2.8:p1-beta1:*:*:*:*:*:*", "cpe:2.3:a:ntp:ntp:4.2.8:p3:*:*:*:*:*:*", "cpe:2.3:a:ntp:ntp:4.2.8:p11:*:*:*:*:*:*", "cpe:2.3:a:ntp:ntp:4.2.8:p1-rc1:*:*:*:*:*:*", "cpe:2.3:a:ntp:ntp:4.2.8:p1-beta3:*:*:*:*:*:*", "cpe:2.3:a:ntp:ntp:4.2.8:p3-rc2:*:*:*:*:*:*", "cpe:2.3:a:ntp:ntp:4.2.8:p1-beta5:*:*:*:*:*:*", "cpe:2.3:a:ntp:ntp:4.2.8:p3-rc3:*:*:*:*:*:*", "cpe:2.3:a:ntp:ntp:4.2.8:p2-rc2:*:*:*:*:*:*", "cpe:2.3:a:ntp:ntp:4.2.8:p2-rc3:*:*:*:*:*:*", "cpe:2.3:a:ntp:ntp:4.2.8:p1-rc2:*:*:*:*:*:*", "cpe:2.3:a:ntp:ntp:4.2.8:p10:*:*:*:*:*:*", "cpe:2.3:o:fedoraproject:fedora:30:*:*:*:*:*:*:*", "cpe:2.3:a:ntp:ntp:4.2.8:p5:*:*:*:*:*:*", "cpe:2.3:a:ntp:ntp:4.2.8:p1-beta4:*:*:*:*:*:*", "cpe:2.3:a:ntp:ntp:4.2.8:p3-rc1:*:*:*:*:*:*", "cpe:2.3:a:ntp:ntp:4.2.8:p7:*:*:*:*:*:*", "cpe:2.3:a:ntp:ntp:4.2.8:-:*:*:*:*:*:*", "cpe:2.3:o:opensuse:leap:15.0:*:*:*:*:*:*:*", "cpe:2.3:o:fedoraproject:fedora:28:*:*:*:*:*:*:*", "cpe:2.3:o:netapp:data_ontap:-:*:*:*:*:7-mode:*:*", "cpe:2.3:a:ntp:ntp:4.2.8:p1:*:*:*:*:*:*", "cpe:2.3:a:ntp:ntp:4.2.8:p2:*:*:*:*:*:*", "cpe:2.3:a:ntp:ntp:4.2.8:p1-beta2:*:*:*:*:*:*", "cpe:2.3:a:ntp:ntp:4.2.8:p9:*:*:*:*:*:*", "cpe:2.3:a:ntp:ntp:4.2.8:p12:*:*:*:*:*:*", "cpe:2.3:a:ntp:ntp:4.2.8:p2-rc1:*:*:*:*:*:*", "cpe:2.3:a:ntp:ntp:4.2.8:p6:*:*:*:*:*:*"]}], "f5": [{"lastseen": "2020-04-06T22:40:20", "bulletinFamily": "software", "cvelist": ["CVE-2019-8936"], "description": "\nF5 Product Development has evaluated the currently supported releases for potential vulnerability, and no F5 products were found to be vulnerable.\n\nNone\n\n * [K51812227: Understanding Security Advisory versioning](<https://support.f5.com/csp/article/K51812227>)\n * [K41942608: Overview of AskF5 Security Advisory articles](<https://support.f5.com/csp/article/K41942608>)\n * [K4602: Overview of the F5 security vulnerability response policy](<https://support.f5.com/csp/article/K4602>)\n * [K9970: Subscribing to email notifications regarding F5 products](<https://support.f5.com/csp/article/K9970>)\n * [K9957: Creating a custom RSS feed to view new and updated documents](<https://support.f5.com/csp/article/K9957>)\n", "edition": 1, "modified": "2019-05-31T19:29:00", "published": "2019-05-31T19:29:00", "id": "F5:K61363039", "href": "https://support.f5.com/csp/article/K61363039", "title": "NTP vulnerability CVE-2019-8936", "type": "f5", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "fedora": [{"lastseen": "2020-12-21T08:17:55", "bulletinFamily": "unix", "cvelist": ["CVE-2019-8936"], "description": "The Network Time Protocol (NTP) is used to synchronize a computer's time with another reference time source. This package includes ntpd (a daemon which continuously adjusts system time) and utilities used to query and configure the ntpd daemon. Perl scripts are in the ntp-perl package, ntpdate is in the ntpdate package and sntp is in the sntp package. The documentation in HTML format is in the ntp-doc package. ", "modified": "2019-04-07T00:01:35", "published": "2019-04-07T00:01:35", "id": "FEDORA:28E0D60491B0", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 30 Update: ntp-4.2.8p13-1.fc30", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-12-21T08:17:55", "bulletinFamily": "unix", "cvelist": ["CVE-2019-8936"], "description": "The Network Time Protocol (NTP) is used to synchronize a computer's time with another reference time source. This package includes ntpd (a daemon which continuously adjusts system time) and utilities used to query and configure the ntpd daemon. Perl scripts are in the ntp-perl package, ntpdate is in the ntpdate package and sntp is in the sntp package. The documentation in HTML format is in the ntp-doc package. ", "modified": "2019-04-07T04:19:56", "published": "2019-04-07T04:19:56", "id": "FEDORA:118CD6075D9F", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 29 Update: ntp-4.2.8p13-1.fc29", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-12-21T08:17:55", "bulletinFamily": "unix", "cvelist": ["CVE-2018-12327", "CVE-2018-7170", "CVE-2019-8936"], "description": "The Network Time Protocol (NTP) is used to synchronize a computer's time with another reference time source. This package includes ntpd (a daemon which continuously adjusts system time) and utilities used to query and configure the ntpd daemon. Perl scripts are in the ntp-perl package, ntpdate is in the ntpdate package and sntp is in the sntp package. The documentation in HTML format is in the ntp-doc package. ", "modified": "2019-04-07T01:47:38", "published": "2019-04-07T01:47:38", "id": "FEDORA:B6F06606E5A6", "href": "", "type": "fedora", "title": "[SECURITY] Fedora 28 Update: ntp-4.2.8p13-1.fc28", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "slackware": [{"lastseen": "2020-10-25T16:36:16", "bulletinFamily": "unix", "cvelist": ["CVE-2019-8936"], "description": "New ntp packages are available for Slackware 14.0, 14.1, 14.2, and -current to\nfix a security issue.\n\n\nHere are the details from the Slackware 14.2 ChangeLog:\n\npatches/packages/ntp-4.2.8p13-i586-1_slack14.2.txz: Upgraded.\n This release fixes a bug that allows an attacker with access to an explicitly\n trusted source to send a crafted malicious mode 6 (ntpq) packet that can\n trigger a NULL pointer dereference, crashing ntpd.\n It also provides 17 other bugfixes and 1 other improvement.\n For more information, see:\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8936\n (* Security fix *)\n\nWhere to find the new packages:\n\nThanks to the friendly folks at the OSU Open Source Lab\n(http://osuosl.org) for donating FTP and rsync hosting\nto the Slackware project! :-)\n\nAlso see the \"Get Slack\" section on http://slackware.com for\nadditional mirror sites near you.\n\nUpdated package for Slackware 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/ntp-4.2.8p13-i486-1_slack14.0.txz\n\nUpdated package for Slackware x86_64 14.0:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/ntp-4.2.8p13-x86_64-1_slack14.0.txz\n\nUpdated package for Slackware 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/ntp-4.2.8p13-i486-1_slack14.1.txz\n\nUpdated package for Slackware x86_64 14.1:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/ntp-4.2.8p13-x86_64-1_slack14.1.txz\n\nUpdated package for Slackware 14.2:\nftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/ntp-4.2.8p13-i586-1_slack14.2.txz\n\nUpdated package for Slackware x86_64 14.2:\nftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/ntp-4.2.8p13-x86_64-1_slack14.2.txz\n\nUpdated package for Slackware -current:\nftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/ntp-4.2.8p13-i586-1.txz\n\nUpdated package for Slackware x86_64 -current:\nftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/ntp-4.2.8p13-x86_64-1.txz\n\n\nMD5 signatures:\n\nSlackware 14.0 package:\n5f793a49c125f84588f35f3188bc66a5 ntp-4.2.8p13-i486-1_slack14.0.txz\n\nSlackware x86_64 14.0 package:\n7e267fa9417e49dc12419be62dde2fbe ntp-4.2.8p13-x86_64-1_slack14.0.txz\n\nSlackware 14.1 package:\nad9f93989093f0e000a4f412cee01104 ntp-4.2.8p13-i486-1_slack14.1.txz\n\nSlackware x86_64 14.1 package:\n57959b70be4e6aa471ccff83d25ba172 ntp-4.2.8p13-x86_64-1_slack14.1.txz\n\nSlackware 14.2 package:\na88168ed545465b2ec789127c83d70be ntp-4.2.8p13-i586-1_slack14.2.txz\n\nSlackware x86_64 14.2 package:\n7756b9440efee21ff1f61b94beaafa66 ntp-4.2.8p13-x86_64-1_slack14.2.txz\n\nSlackware -current package:\na6498ca0614e59cfc456077ffd4cdf16 n/ntp-4.2.8p13-i586-1.txz\n\nSlackware x86_64 -current package:\nc028aff712c76be79c4a85b05884f988 n/ntp-4.2.8p13-x86_64-1.txz\n\n\nInstallation instructions:\n\nUpgrade the package as root:\n > upgradepkg ntp-4.2.8p13-i586-1_slack14.2.txz\n\nThen, restart the NTP daemon:\n\n > sh /etc/rc.d/rc.ntpd restart", "modified": "2019-03-08T19:15:33", "published": "2019-03-08T19:15:33", "id": "SSA-2019-067-01", "href": "http://www.slackware.com/security/viewer.php?l=slackware-security&y=2019&m=slackware-security.435412", "type": "slackware", "title": "[slackware-security] ntp", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "openvas": [{"lastseen": "2020-01-31T16:53:51", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-8936"], "description": "The remote host is missing an update for the ", "modified": "2020-01-31T00:00:00", "published": "2019-04-05T00:00:00", "id": "OPENVAS:1361412562310852390", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310852390", "type": "openvas", "title": "openSUSE: Security Advisory for ntp (openSUSE-SU-2019:1143-1)", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.852390\");\n script_version(\"2020-01-31T08:04:39+0000\");\n script_cve_id(\"CVE-2019-8936\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:04:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-04-05 02:00:34 +0000 (Fri, 05 Apr 2019)\");\n script_name(\"openSUSE: Security Advisory for ntp (openSUSE-SU-2019:1143-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSELeap15\\.0\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2019:1143-1\");\n script_xref(name:\"URL\", value:\"https://lists.opensuse.org/opensuse-security-announce/2019-04/msg00032.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'ntp'\n package(s) announced via the openSUSE-SU-2019:1143-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This update for ntp fixes the following issues:\n\n Security issue fixed:\n\n - CVE-2019-8936: Fixed a null pointer exception which could allow an\n authenticated attcker to cause segmentation fault to ntpd (bsc#1128525).\n\n Other issues addressed:\n\n - Fixed several bugs in the BANCOMM reclock driver.\n\n - Fixed ntp_loopfilter.c snprintf compilation warnings.\n\n - Fixed spurious initgroups() error message.\n\n - Fixed STA_NANO struct timex units.\n\n - Fixed GPS week rollover in libparse.\n\n - Fixed incorrect poll interval in packet.\n\n - Added a missing check for ENABLE_CMAC.\n\n This update was imported from the SUSE:SLE-15:Update update project.\n\n Patch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended\n installation methods\n like YaST online_update or 'zypper patch'.\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 15.0:\n\n zypper in -t patch openSUSE-2019-1143=1\");\n\n script_tag(name:\"affected\", value:\"'ntp' package(s) on openSUSE Leap 15.0.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSELeap15.0\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"ntp\", rpm:\"ntp~4.2.8p13~lp150.8.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"ntp-debuginfo\", rpm:\"ntp-debuginfo~4.2.8p13~lp150.8.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"ntp-debugsource\", rpm:\"ntp-debugsource~4.2.8p13~lp150.8.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"ntp-doc\", rpm:\"ntp-doc~4.2.8p13~lp150.8.1\", rls:\"openSUSELeap15.0\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-01-27T18:36:09", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-8936"], "description": "The remote host is missing an update for the Huawei EulerOS\n ", "modified": "2020-01-23T00:00:00", "published": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220191938", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220191938", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for ntp (EulerOS-SA-2019-1938)", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2019.1938\");\n script_version(\"2020-01-23T12:27:39+0000\");\n script_cve_id(\"CVE-2019-8936\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 12:27:39 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 12:27:39 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for ntp (EulerOS-SA-2019-1938)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROSVIRTARM64-3\\.0\\.2\\.0\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2019-1938\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1938\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'ntp' package(s) announced via the EulerOS-SA-2019-1938 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"NTP through 4.2.8p12 has a NULL Pointer Dereference.(CVE-2019-8936)\");\n\n script_tag(name:\"affected\", value:\"'ntp' package(s) on Huawei EulerOS Virtualization for ARM 64 3.0.2.0.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROSVIRTARM64-3.0.2.0\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"ntp\", rpm:\"ntp~4.2.6p5~28.h9\", rls:\"EULEROSVIRTARM64-3.0.2.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"ntpdate\", rpm:\"ntpdate~4.2.6p5~28.h9\", rls:\"EULEROSVIRTARM64-3.0.2.0\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"sntp\", rpm:\"sntp~4.2.6p5~28.h9\", rls:\"EULEROSVIRTARM64-3.0.2.0\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-01-27T18:34:22", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-8936"], "description": "The remote host is missing an update for the Huawei EulerOS\n ", "modified": "2020-01-23T00:00:00", "published": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220191860", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220191860", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for ntp (EulerOS-SA-2019-1860)", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2019.1860\");\n script_version(\"2020-01-23T12:24:57+0000\");\n script_cve_id(\"CVE-2019-8936\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 12:24:57 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 12:24:57 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for ntp (EulerOS-SA-2019-1860)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP2\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2019-1860\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1860\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'ntp' package(s) announced via the EulerOS-SA-2019-1860 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"NTP through 4.2.8p12 has a NULL Pointer Dereference.(CVE-2019-8936)\");\n\n script_tag(name:\"affected\", value:\"'ntp' package(s) on Huawei EulerOS V2.0SP2.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP2\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"ntp\", rpm:\"ntp~4.2.6p5~25.1.h18\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"ntpdate\", rpm:\"ntpdate~4.2.6p5~25.1.h18\", rls:\"EULEROS-2.0SP2\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-01-27T18:38:51", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-8936"], "description": "The remote host is missing an update for the Huawei EulerOS\n ", "modified": "2020-01-23T00:00:00", "published": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220191769", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220191769", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for ntp (EulerOS-SA-2019-1769)", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2019.1769\");\n script_version(\"2020-01-23T12:21:57+0000\");\n script_cve_id(\"CVE-2019-8936\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 12:21:57 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 12:21:57 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for ntp (EulerOS-SA-2019-1769)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP8\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2019-1769\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1769\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'ntp' package(s) announced via the EulerOS-SA-2019-1769 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"NTP through 4.2.8p12 has a NULL Pointer Dereference.(CVE-2019-8936)\");\n\n script_tag(name:\"affected\", value:\"'ntp' package(s) on Huawei EulerOS V2.0SP8.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP8\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"ntp\", rpm:\"ntp~4.2.8p12~1.h3.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"ntpdate\", rpm:\"ntpdate~4.2.8p12~1.h3.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"sntp\", rpm:\"sntp~4.2.8p12~1.h3.eulerosv2r8\", rls:\"EULEROS-2.0SP8\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-01-31T16:53:47", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-8936"], "description": "The remote host is missing an update for the ", "modified": "2020-01-31T00:00:00", "published": "2019-04-06T00:00:00", "id": "OPENVAS:1361412562310852406", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310852406", "type": "openvas", "title": "openSUSE: Security Advisory for ntp (openSUSE-SU-2019:1158-1)", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.852406\");\n script_version(\"2020-01-31T08:04:39+0000\");\n script_cve_id(\"CVE-2019-8936\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-31 08:04:39 +0000 (Fri, 31 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2019-04-06 02:01:19 +0000 (Sat, 06 Apr 2019)\");\n script_name(\"openSUSE: Security Advisory for ntp (openSUSE-SU-2019:1158-1)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"SuSE Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/suse\", \"ssh/login/rpms\", re:\"ssh/login/release=openSUSELeap42\\.3\");\n\n script_xref(name:\"openSUSE-SU\", value:\"2019:1158-1\");\n script_xref(name:\"URL\", value:\"https://lists.opensuse.org/opensuse-security-announce/2019-04/msg00036.html\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'ntp'\n package(s) announced via the openSUSE-SU-2019:1158-1 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"This update for ntp fixes the following issues:\n\n Security issue fixed:\n\n - CVE-2019-8936: Fixed a null pointer exception which could allow an\n authenticated attcker to cause segmentation fault to ntpd (bsc#1128525).\n\n Other isses addressed:\n\n - Fixed an issue which caused openSSL mismatch (bsc#1125401)\n\n - Fixed several bugs in the BANCOMM reclock driver.\n\n - Fixed ntp_loopfilter.c snprintf compilation warnings.\n\n - Fixed spurious initgroups() error message.\n\n - Fixed STA_NANO struct timex units.\n\n - Fixed GPS week rollover in libparse.\n\n - Fixed incorrect poll interval in packet.\n\n - Added a missing check for ENABLE_CMAC.\n\n This update was imported from the SUSE:SLE-12-SP1:Update update project.\n\n Patch Instructions:\n\n To install this openSUSE Security Update use the SUSE recommended\n installation methods\n like YaST online_update or 'zypper patch'.\n\n Alternatively you can run the command listed for your product:\n\n - openSUSE Leap 42.3:\n\n zypper in -t patch openSUSE-2019-1158=1\");\n\n script_tag(name:\"affected\", value:\"'ntp' package(s) on openSUSE Leap 42.3.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"openSUSELeap42.3\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"ntp\", rpm:\"ntp~4.2.8p13~31.9.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"ntp-debuginfo\", rpm:\"ntp-debuginfo~4.2.8p13~31.9.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"ntp-debugsource\", rpm:\"ntp-debugsource~4.2.8p13~31.9.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"ntp-doc\", rpm:\"ntp-doc~4.2.8p13~31.9.1\", rls:\"openSUSELeap42.3\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if(__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-01-27T18:33:53", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-8936"], "description": "The remote host is missing an update for the Huawei EulerOS\n ", "modified": "2020-01-23T00:00:00", "published": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220191878", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220191878", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for ntp (EulerOS-SA-2019-1878)", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2019.1878\");\n script_version(\"2020-01-23T12:25:40+0000\");\n script_cve_id(\"CVE-2019-8936\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 12:25:40 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 12:25:40 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for ntp (EulerOS-SA-2019-1878)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROS-2\\.0SP5\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2019-1878\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1878\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'ntp' package(s) announced via the EulerOS-SA-2019-1878 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"NTP through 4.2.8p12 has a NULL Pointer Dereference.(CVE-2019-8936)\");\n\n script_tag(name:\"affected\", value:\"'ntp' package(s) on Huawei EulerOS V2.0SP5.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROS-2.0SP5\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"ntp\", rpm:\"ntp~4.2.6p5~28.h9.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"ntpdate\", rpm:\"ntpdate~4.2.6p5~28.h9.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"sntp\", rpm:\"sntp~4.2.6p5~28.h9.eulerosv2r7\", rls:\"EULEROS-2.0SP5\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-01-27T18:41:25", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-8936"], "description": "The remote host is missing an update for the Huawei EulerOS\n ", "modified": "2020-01-23T00:00:00", "published": "2020-01-23T00:00:00", "id": "OPENVAS:1361412562311220191356", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220191356", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for ntp (EulerOS-SA-2019-1356)", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2019.1356\");\n script_version(\"2020-01-23T11:40:17+0000\");\n script_cve_id(\"CVE-2019-8936\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-01-23 11:40:17 +0000 (Thu, 23 Jan 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-01-23 11:40:17 +0000 (Thu, 23 Jan 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for ntp (EulerOS-SA-2019-1356)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROSVIRT-2\\.5\\.3\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2019-1356\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1356\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'ntp' package(s) announced via the EulerOS-SA-2019-1356 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"NTP through 4.2.8p12 has a NULL Pointer Dereference.CVE-2019-8936\");\n\n script_tag(name:\"affected\", value:\"'ntp' package(s) on Huawei EulerOS Virtualization 2.5.3.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROSVIRT-2.5.3\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"ntp\", rpm:\"ntp~4.2.6p5~25.0.1.h20\", rls:\"EULEROSVIRT-2.5.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"ntpdate\", rpm:\"ntpdate~4.2.6p5~25.0.1.h20\", rls:\"EULEROSVIRT-2.5.3\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"sntp\", rpm:\"sntp~4.2.6p5~25.0.1.h20\", rls:\"EULEROSVIRT-2.5.3\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:32:17", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-8936"], "description": "The remote host is missing an update for the ", "modified": "2019-05-23T00:00:00", "published": "2019-05-07T00:00:00", "id": "OPENVAS:1361412562310875924", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310875924", "type": "openvas", "title": "Fedora Update for ntp FEDORA-2019-f781d5c4c6", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.875924\");\n script_version(\"2019-05-23T07:06:55+0000\");\n script_cve_id(\"CVE-2019-8936\");\n script_tag(name:\"cvss_base\", value:\"5.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-05-23 07:06:55 +0000 (Thu, 23 May 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-05-07 02:27:56 +0000 (Tue, 07 May 2019)\");\n script_name(\"Fedora Update for ntp FEDORA-2019-f781d5c4c6\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC29\");\n\n script_xref(name:\"FEDORA\", value:\"2019-f781d5c4c6\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2NVS2CSG2TQ663CXOZZUJN4STQPMENNP\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the 'ntp'\n package(s) announced via the FEDORA-2019-f781d5c4c6 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The Network Time Protocol (NTP) is used to synchronize a computer&#39, s\ntime with another reference time source. This package includes ntpd\n(a daemon which continuously adjusts system time) and utilities used\nto query and configure the ntpd daemon.\n\nPerl scripts are in the ntp-perl package, ntpdate is in the ntpdate\npackage and sntp is in the sntp package. The documentation in HTML\nformat is in the ntp-doc package.\");\n\n script_tag(name:\"affected\", value:\"'ntp' package(s) on Fedora 29.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC29\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"ntp\", rpm:\"ntp~4.2.8p13~1.fc29\", rls:\"FC29\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2019-05-29T18:32:13", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-8936", "CVE-2018-12327", "CVE-2018-7170"], "description": "The remote host is missing an update for\n the ", "modified": "2019-04-07T00:00:00", "published": "2019-04-07T00:00:00", "id": "OPENVAS:1361412562310875556", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562310875556", "type": "openvas", "title": "Fedora Update for ntp FEDORA-2019-694e3aa4e8", "sourceData": "# Copyright (C) 2019 Greenbone Networks GmbH\n# Text descriptions are largely excerpted from the referenced\n# advisory, and are Copyright (C) the respective author(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.875556\");\n script_version(\"2019-04-07T02:08:25+0000\");\n script_cve_id(\"CVE-2019-8936\", \"CVE-2018-12327\", \"CVE-2018-7170\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2019-04-07 02:08:25 +0000 (Sun, 07 Apr 2019)\");\n script_tag(name:\"creation_date\", value:\"2019-04-07 02:08:25 +0000 (Sun, 07 Apr 2019)\");\n script_name(\"Fedora Update for ntp FEDORA-2019-694e3aa4e8\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2019 Greenbone Networks GmbH\");\n script_family(\"Fedora Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/fedora\", \"ssh/login/rpms\", re:\"ssh/login/release=FC28\");\n\n script_xref(name:\"FEDORA\", value:\"2019-694e3aa4e8\");\n script_xref(name:\"URL\", value:\"https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JBGXY7OKWOLT6X6JAPVZRFEP4FLCGGST\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for\n the 'ntp' package(s) announced via the FEDORA-2019-694e3aa4e8 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version\n is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"The Network Time Protocol (NTP) is used to\n synchronize a computer&#39, s time with another reference time source. This\n package includes ntpd (a daemon which continuously adjusts system time) and\n utilities used to query and configure the ntpd daemon.\n\nPerl scripts are in the ntp-perl package, ntpdate is in the ntpdate\npackage and sntp is in the sntp package. The documentation in HTML\nformat is in the ntp-doc package.\");\n\n script_tag(name:\"affected\", value:\"'ntp' package(s) on Fedora 28.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"FC28\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"ntp\", rpm:\"ntp~4.2.8p13~1.fc28\", rls:\"FC28\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);\n", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}, {"lastseen": "2020-04-17T16:58:26", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-8936", "CVE-2018-7184", "CVE-2015-5146", "CVE-2015-7973", "CVE-2015-7704", "CVE-2018-7183"], "description": "The remote host is missing an update for the Huawei EulerOS\n ", "modified": "2020-04-16T00:00:00", "published": "2020-04-16T00:00:00", "id": "OPENVAS:1361412562311220201457", "href": "http://plugins.openvas.org/nasl.php?oid=1361412562311220201457", "type": "openvas", "title": "Huawei EulerOS: Security Advisory for ntp (EulerOS-SA-2020-1457)", "sourceData": "# Copyright (C) 2020 Greenbone Networks GmbH\n# Some text descriptions might be excerpted from the referenced\n# advisories, and are Copyright (C) by the respective right holder(s)\n#\n# SPDX-License-Identifier: GPL-2.0-or-later\n#\n# This program is free software; you can redistribute it and/or\n# modify it under the terms of the GNU General Public License\n# as published by the Free Software Foundation; either version 2\n# of the License, or (at your option) any later version.\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.1.2.2020.1457\");\n script_version(\"2020-04-16T05:55:39+0000\");\n script_cve_id(\"CVE-2015-5146\", \"CVE-2015-7973\", \"CVE-2018-7183\", \"CVE-2018-7184\", \"CVE-2019-8936\");\n script_tag(name:\"cvss_base\", value:\"7.5\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:P/I:P/A:P\");\n script_tag(name:\"last_modification\", value:\"2020-04-16 05:55:39 +0000 (Thu, 16 Apr 2020)\");\n script_tag(name:\"creation_date\", value:\"2020-04-16 05:55:39 +0000 (Thu, 16 Apr 2020)\");\n script_name(\"Huawei EulerOS: Security Advisory for ntp (EulerOS-SA-2020-1457)\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"Copyright (C) 2020 Greenbone Networks GmbH\");\n script_family(\"Huawei EulerOS Local Security Checks\");\n script_dependencies(\"gb_huawei_euleros_consolidation.nasl\");\n script_mandatory_keys(\"ssh/login/euleros\", \"ssh/login/rpms\", re:\"ssh/login/release=EULEROSVIRT-3\\.0\\.2\\.2\");\n\n script_xref(name:\"EulerOS-SA\", value:\"2020-1457\");\n script_xref(name:\"URL\", value:\"https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2020-1457\");\n\n script_tag(name:\"summary\", value:\"The remote host is missing an update for the Huawei EulerOS\n 'ntp' package(s) announced via the EulerOS-SA-2020-1457 advisory.\");\n\n script_tag(name:\"vuldetect\", value:\"Checks if a vulnerable package version is present on the target host.\");\n\n script_tag(name:\"insight\", value:\"NTP through 4.2.8p12 has a NULL Pointer Dereference.(CVE-2019-8936)\n\nntpd in ntp 4.2.8p4 before 4.2.8p11 drops bad packets before updating the 'received' timestamp, which allows remote attackers to cause a denial of service (disruption) by sending a packet with a zero-origin timestamp causing the association to reset and setting the contents of the packet as the most recent timestamp. This issue is a result of an incomplete fix for CVE-2015-7704.(CVE-2018-7184)\n\nBuffer overflow in the decodearr function in ntpq in ntp 4.2.8p6 through 4.2.8p10 allows remote attackers to execute arbitrary code by leveraging an ntpq query and sending a response with a crafted array.(CVE-2018-7183)\n\nNTP before 4.2.8p6 and 4.3.x before 4.3.90, when configured in broadcast mode, allows man-in-the-middle attackers to conduct replay attacks by sniffing the network.(CVE-2015-7973)\n\nntpd in ntp before 4.2.8p3 with remote configuration enabled allows remote authenticated users with knowledge of the configuration password and access to a computer entrusted to perform remote configuration to cause a denial of service (service crash) via a NULL byte in a crafted configuration directive packet.(CVE-2015-5146)\");\n\n script_tag(name:\"affected\", value:\"'ntp' package(s) on Huawei EulerOS Virtualization 3.0.2.2.\");\n\n script_tag(name:\"solution\", value:\"Please install the updated package(s).\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"package\");\n\n exit(0);\n}\n\ninclude(\"revisions-lib.inc\");\ninclude(\"pkg-lib-rpm.inc\");\n\nrelease = rpm_get_ssh_release();\nif(!release)\n exit(0);\n\nres = \"\";\nreport = \"\";\n\nif(release == \"EULEROSVIRT-3.0.2.2\") {\n\n if(!isnull(res = isrpmvuln(pkg:\"ntp\", rpm:\"ntp~4.2.6p5~28.h12.eulerosv2r7\", rls:\"EULEROSVIRT-3.0.2.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"ntpdate\", rpm:\"ntpdate~4.2.6p5~28.h12.eulerosv2r7\", rls:\"EULEROSVIRT-3.0.2.2\"))) {\n report += res;\n }\n\n if(!isnull(res = isrpmvuln(pkg:\"sntp\", rpm:\"sntp~4.2.6p5~28.h12.eulerosv2r7\", rls:\"EULEROSVIRT-3.0.2.2\"))) {\n report += res;\n }\n\n if(report != \"\") {\n security_message(data:report);\n } else if (__pkg_match) {\n exit(99);\n }\n exit(0);\n}\n\nexit(0);", "cvss": {"score": 7.5, "vector": "AV:N/AC:L/Au:N/C:P/I:P/A:P"}}], "nessus": [{"lastseen": "2021-01-01T01:20:14", "description": "NTP has a NULL pointer dereference attack in an authenticated mode 6\npacket. (CVE-2019-8936)", "edition": 17, "cvss3": {"score": 7.5, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2019-05-21T00:00:00", "title": "Amazon Linux AMI : ntp (ALAS-2019-1206)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-8936"], "modified": "2021-01-02T00:00:00", "cpe": ["p-cpe:/a:amazon:linux:ntp-perl", "p-cpe:/a:amazon:linux:ntp-doc", "p-cpe:/a:amazon:linux:ntpdate", "p-cpe:/a:amazon:linux:ntp", "p-cpe:/a:amazon:linux:ntp-debuginfo", "cpe:/o:amazon:linux"], "id": "ALA_ALAS-2019-1206.NASL", "href": "https://www.tenable.com/plugins/nessus/125292", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from Amazon Linux AMI Security Advisory ALAS-2019-1206.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(125292);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2020/01/15\");\n\n script_cve_id(\"CVE-2019-8936\");\n script_xref(name:\"ALAS\", value:\"2019-1206\");\n\n script_name(english:\"Amazon Linux AMI : ntp (ALAS-2019-1206)\");\n script_summary(english:\"Checks rpm output for the updated packages\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Amazon Linux AMI host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"NTP has a NULL pointer dereference attack in an authenticated mode 6\npacket. (CVE-2019-8936)\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://alas.aws.amazon.com/ALAS-2019-1206.html\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Run 'yum update ntp' to update your system.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:ntp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:ntp-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:ntp-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:ntp-perl\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:amazon:linux:ntpdate\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:amazon:linux\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/05/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/05/20\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/05/21\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Amazon Linux Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/AmazonLinux/release\", \"Host/AmazonLinux/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/AmazonLinux/release\");\nif (isnull(release) || !strlen(release)) audit(AUDIT_OS_NOT, \"Amazon Linux\");\nos_ver = pregmatch(pattern: \"^AL(A|\\d)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Amazon Linux\");\nos_ver = os_ver[1];\nif (os_ver != \"A\")\n{\n if (os_ver == 'A') os_ver = 'AMI';\n audit(AUDIT_OS_NOT, \"Amazon Linux AMI\", \"Amazon Linux \" + os_ver);\n}\n\nif (!get_kb_item(\"Host/AmazonLinux/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (rpm_check(release:\"ALA\", reference:\"ntp-4.2.8p12-1.41.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"ntp-debuginfo-4.2.8p12-1.41.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"ntp-doc-4.2.8p12-1.41.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"ntp-perl-4.2.8p12-1.41.amzn1\")) flag++;\nif (rpm_check(release:\"ALA\", reference:\"ntpdate-4.2.8p12-1.41.amzn1\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ntp / ntp-debuginfo / ntp-doc / ntp-perl / ntpdate\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-07T08:59:14", "description": "According to the version of the ntp packages installed, the EulerOS\nVirtualization for ARM 64 installation on the remote host is affected\nby the following vulnerability :\n\n - NTP through 4.2.8p12 has a NULL Pointer\n Dereference.(CVE-2019-8936)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 17, "cvss3": {"score": 7.5, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2019-09-17T00:00:00", "title": "EulerOS Virtualization for ARM 64 3.0.2.0 : ntp (EulerOS-SA-2019-1938)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-8936"], "modified": "2019-09-17T00:00:00", "cpe": ["cpe:/o:huawei:euleros:uvp:3.0.2.0", "p-cpe:/a:huawei:euleros:ntpdate", "p-cpe:/a:huawei:euleros:ntp", "p-cpe:/a:huawei:euleros:sntp"], "id": "EULEROS_SA-2019-1938.NASL", "href": "https://www.tenable.com/plugins/nessus/128941", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(128941);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\n \"CVE-2019-8936\"\n );\n\n script_name(english:\"EulerOS Virtualization for ARM 64 3.0.2.0 : ntp (EulerOS-SA-2019-1938)\");\n script_summary(english:\"Checks the rpm output for the updated package.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote EulerOS Virtualization for ARM 64 host is missing a security update.\");\n script_set_attribute(attribute:\"description\", value:\n\"According to the version of the ntp packages installed, the EulerOS\nVirtualization for ARM 64 installation on the remote host is affected\nby the following vulnerability :\n\n - NTP through 4.2.8p12 has a NULL Pointer\n Dereference.(CVE-2019-8936)\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the EulerOS security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\");\n # https://developer.huaweicloud.com/ict/en/site-euleros/euleros/security-advisories/EulerOS-SA-2019-1938\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?8b0d55c4\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected ntp package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/09/16\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/09/17\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:ntp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:ntpdate\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:huawei:euleros:sntp\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:huawei:euleros:uvp:3.0.2.0\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Huawei Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/EulerOS/release\", \"Host/EulerOS/rpm-list\", \"Host/EulerOS/uvp_version\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/EulerOS/release\");\nif (isnull(release) || release !~ \"^EulerOS\") audit(AUDIT_OS_NOT, \"EulerOS\");\nuvp = get_kb_item(\"Host/EulerOS/uvp_version\");\nif (uvp != \"3.0.2.0\") audit(AUDIT_OS_NOT, \"EulerOS Virtualization 3.0.2.0\");\nif (!get_kb_item(\"Host/EulerOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\" && \"aarch64\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"EulerOS\", cpu);\nif (\"aarch64\" >!< cpu) audit(AUDIT_ARCH_NOT, \"aarch64\", cpu);\n\nflag = 0;\n\npkgs = [\"ntp-4.2.6p5-28.h9\",\n \"ntpdate-4.2.6p5-28.h9\",\n \"sntp-4.2.6p5-28.h9\"];\n\nforeach (pkg in pkgs)\n if (rpm_check(release:\"EulerOS-2.0\", reference:pkg)) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ntp\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-01T01:08:35", "description": "An update of the ntp package has been released.", "edition": 17, "cvss3": {"score": 7.5, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2019-08-26T00:00:00", "title": "Photon OS 3.0: Ntp PHSA-2019-3.0-0024", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-8936"], "modified": "2021-01-02T00:00:00", "cpe": ["p-cpe:/a:vmware:photonos:ntp", "cpe:/o:vmware:photonos:3.0"], "id": "PHOTONOS_PHSA-2019-3_0-0024_NTP.NASL", "href": "https://www.tenable.com/plugins/nessus/128156", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\n# The descriptive text and package checks in this plugin were\n# extracted from VMware Security Advisory PHSA-2019-3.0-0024. The text\n# itself is copyright (C) VMware, Inc.\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(128156);\n script_version(\"1.2\");\n script_cvs_date(\"Date: 2020/01/02\");\n\n script_cve_id(\"CVE-2019-8936\");\n\n script_name(english:\"Photon OS 3.0: Ntp PHSA-2019-3.0-0024\");\n script_summary(english:\"Checks the rpm output for the updated packages.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote PhotonOS host is missing multiple security updates.\");\n script_set_attribute(attribute:\"description\", value:\n\"An update of the ntp package has been released.\");\n script_set_attribute(attribute:\"see_also\", value:\"https://github.com/vmware/photon/wiki/Security-Updates-3.0-0024.md\");\n script_set_attribute(attribute:\"solution\", value:\n\"Update the affected Linux packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-8936\");\n\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/05/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/07/31\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/08/26\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:vmware:photonos:ntp\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:vmware:photonos:3.0\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"PhotonOS Local Security Checks\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/PhotonOS/release\", \"Host/PhotonOS/rpm-list\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\n\nrelease = get_kb_item(\"Host/PhotonOS/release\");\nif (isnull(release) || release !~ \"^VMware Photon\") audit(AUDIT_OS_NOT, \"PhotonOS\");\nif (release !~ \"^VMware Photon (?:Linux|OS) 3\\.0(\\D|$)\") audit(AUDIT_OS_NOT, \"PhotonOS 3.0\");\n\nif (!get_kb_item(\"Host/PhotonOS/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"PhotonOS\", cpu);\n\nflag = 0;\n\nif (rpm_check(release:\"PhotonOS-3.0\", reference:\"ntp-4.2.8p13-1.ph3\")) flag++;\nif (rpm_check(release:\"PhotonOS-3.0\", reference:\"ntp-debuginfo-4.2.8p13-1.ph3\")) flag++;\nif (rpm_check(release:\"PhotonOS-3.0\", reference:\"ntp-perl-4.2.8p13-1.ph3\")) flag++;\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ntp\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-20T14:59:24", "description": "This update for ntp fixes the following issues :\n\nSecurity issue fixed :\n\nCVE-2019-8936: Fixed a NULL pointer exception which could allow an\nauthenticated attcker to cause segmentation fault to ntpd\n(bsc#1128525).\n\nOther issues addressed: Make sure that SLE12 version is higher than\nthe one in SLE11 (bsc#1001182).\n\nFixed several bugs in the BANCOMM reclock driver.\n\nFixed ntp_loopfilter.c snprintf compilation warnings.\n\nFixed spurious initgroups() error message.\n\nFixed STA_NANO struct timex units.\n\nFixed GPS week rollover in libparse.\n\nFixed incorrect poll interval in packet.\n\nAdded a missing check for ENABLE_CMAC.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 15, "cvss3": {"score": 7.5, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2019-03-28T00:00:00", "title": "SUSE SLES11 Security Update : ntp (SUSE-SU-2019:13991-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-8936"], "modified": "2019-03-28T00:00:00", "cpe": ["p-cpe:/a:novell:suse_linux:ntp-doc", "cpe:/o:novell:suse_linux:11", "p-cpe:/a:novell:suse_linux:ntp"], "id": "SUSE_SU-2019-13991-1.NASL", "href": "https://www.tenable.com/plugins/nessus/123454", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2019:13991-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(123454);\n script_version(\"1.6\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2019-8936\");\n\n script_name(english:\"SUSE SLES11 Security Update : ntp (SUSE-SU-2019:13991-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for ntp fixes the following issues :\n\nSecurity issue fixed :\n\nCVE-2019-8936: Fixed a NULL pointer exception which could allow an\nauthenticated attcker to cause segmentation fault to ntpd\n(bsc#1128525).\n\nOther issues addressed: Make sure that SLE12 version is higher than\nthe one in SLE11 (bsc#1001182).\n\nFixed several bugs in the BANCOMM reclock driver.\n\nFixed ntp_loopfilter.c snprintf compilation warnings.\n\nFixed spurious initgroups() error message.\n\nFixed STA_NANO struct timex units.\n\nFixed GPS week rollover in libparse.\n\nFixed incorrect poll interval in packet.\n\nAdded a missing check for ENABLE_CMAC.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1001182\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1128525\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-8936/\"\n );\n # https://www.suse.com/support/update/announcement/2019/suse-su-201913991-1.html\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?80312181\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Server 11-SP4:zypper in -t patch\nslessp4-ntp-13991=1\n\nSUSE Linux Enterprise Debuginfo 11-SP4:zypper in -t patch\ndbgsp4-ntp-13991=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:ntp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:ntp-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:11\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/05/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/03/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/03/28\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES11)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES11\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES11\" && (! preg(pattern:\"^(4)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES11 SP4\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"ntp-4.2.8p13-64.13.1\")) flag++;\nif (rpm_check(release:\"SLES11\", sp:\"4\", reference:\"ntp-doc-4.2.8p13-64.13.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ntp\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-20T12:40:42", "description": "This update for ntp fixes the following issues :\n\nSecurity issue fixed: &#9; \n\n - CVE-2019-8936: Fixed a NULL pointer exception which\n could allow an authenticated attcker to cause\n segmentation fault to ntpd (bsc#1128525).\n\nOther issues addressed :\n\n - Fixed several bugs in the BANCOMM reclock driver.\n\n - Fixed ntp_loopfilter.c snprintf compilation warnings.\n\n - Fixed spurious initgroups() error message.\n\n - Fixed STA_NANO struct timex units.\n\n - Fixed GPS week rollover in libparse.\n\n - Fixed incorrect poll interval in packet.\n\n - Added a missing check for ENABLE_CMAC.\n\nThis update was imported from the SUSE:SLE-15:Update update project.", "edition": 15, "cvss3": {"score": 7.5, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2019-04-05T00:00:00", "title": "openSUSE Security Update : ntp (openSUSE-2019-1143)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-8936"], "modified": "2019-04-05T00:00:00", "cpe": ["cpe:/o:novell:opensuse:15.0", "p-cpe:/a:novell:opensuse:ntp-debuginfo", "p-cpe:/a:novell:opensuse:ntp-debugsource", "p-cpe:/a:novell:opensuse:ntp"], "id": "OPENSUSE-2019-1143.NASL", "href": "https://www.tenable.com/plugins/nessus/123773", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2019-1143.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(123773);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2019-8936\");\n\n script_name(english:\"openSUSE Security Update : ntp (openSUSE-2019-1143)\");\n script_summary(english:\"Check for the openSUSE-2019-1143 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for ntp fixes the following issues :\n\nSecurity issue fixed: &#9; \n\n - CVE-2019-8936: Fixed a NULL pointer exception which\n could allow an authenticated attcker to cause\n segmentation fault to ntpd (bsc#1128525).\n\nOther issues addressed :\n\n - Fixed several bugs in the BANCOMM reclock driver.\n\n - Fixed ntp_loopfilter.c snprintf compilation warnings.\n\n - Fixed spurious initgroups() error message.\n\n - Fixed STA_NANO struct timex units.\n\n - Fixed GPS week rollover in libparse.\n\n - Fixed incorrect poll interval in packet.\n\n - Added a missing check for ENABLE_CMAC.\n\nThis update was imported from the SUSE:SLE-15:Update update project.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1128525\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected ntp packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ntp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ntp-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ntp-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:15.0\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/05/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/04/04\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/04/05\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE15\\.0)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"15.0\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE15.0\", reference:\"ntp-4.2.8p13-lp150.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"ntp-debuginfo-4.2.8p13-lp150.8.1\") ) flag++;\nif ( rpm_check(release:\"SUSE15.0\", reference:\"ntp-debugsource-4.2.8p13-lp150.8.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ntp / ntp-debuginfo / ntp-debugsource\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-20T12:40:44", "description": "This update for ntp fixes the following issues :\n\nSecurity issue fixed: &#9; \n\n - CVE-2019-8936: Fixed a NULL pointer exception which\n could allow an authenticated attcker to cause\n segmentation fault to ntpd (bsc#1128525).\n\nOther isses addressed :\n\n - Fixed an issue which caused openSSL mismatch\n (bsc#1125401)\n\n - Fixed several bugs in the BANCOMM reclock driver.\n\n - Fixed ntp_loopfilter.c snprintf compilation warnings.\n\n - Fixed spurious initgroups() error message.\n\n - Fixed STA_NANO struct timex units.\n\n - Fixed GPS week rollover in libparse.\n\n - Fixed incorrect poll interval in packet.\n\n - Added a missing check for ENABLE_CMAC.\n\nThis update was imported from the SUSE:SLE-12-SP1:Update update\nproject.", "edition": 15, "cvss3": {"score": 7.5, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2019-04-08T00:00:00", "title": "openSUSE Security Update : ntp (openSUSE-2019-1158)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-8936"], "modified": "2019-04-08T00:00:00", "cpe": ["p-cpe:/a:novell:opensuse:ntp-debuginfo", "p-cpe:/a:novell:opensuse:ntp-debugsource", "cpe:/o:novell:opensuse:42.3", "p-cpe:/a:novell:opensuse:ntp"], "id": "OPENSUSE-2019-1158.NASL", "href": "https://www.tenable.com/plugins/nessus/123813", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from openSUSE Security Update openSUSE-2019-1158.\n#\n# The text description of this plugin is (C) SUSE LLC.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(123813);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n\n script_cve_id(\"CVE-2019-8936\");\n\n script_name(english:\"openSUSE Security Update : ntp (openSUSE-2019-1158)\");\n script_summary(english:\"Check for the openSUSE-2019-1158 patch\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote openSUSE host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for ntp fixes the following issues :\n\nSecurity issue fixed: &#9; \n\n - CVE-2019-8936: Fixed a NULL pointer exception which\n could allow an authenticated attcker to cause\n segmentation fault to ntpd (bsc#1128525).\n\nOther isses addressed :\n\n - Fixed an issue which caused openSSL mismatch\n (bsc#1125401)\n\n - Fixed several bugs in the BANCOMM reclock driver.\n\n - Fixed ntp_loopfilter.c snprintf compilation warnings.\n\n - Fixed spurious initgroups() error message.\n\n - Fixed STA_NANO struct timex units.\n\n - Fixed GPS week rollover in libparse.\n\n - Fixed incorrect poll interval in packet.\n\n - Added a missing check for ENABLE_CMAC.\n\nThis update was imported from the SUSE:SLE-12-SP1:Update update\nproject.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1125401\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.opensuse.org/show_bug.cgi?id=1128525\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected ntp packages.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ntp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ntp-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:opensuse:ntp-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:opensuse:42.3\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/05/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/04/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/04/08\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\", \"Host/cpu\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release =~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"openSUSE\");\nif (release !~ \"^(SUSE42\\.3)$\") audit(AUDIT_OS_RELEASE_NOT, \"openSUSE\", \"42.3\", release);\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\nourarch = get_kb_item(\"Host/cpu\");\nif (!ourarch) audit(AUDIT_UNKNOWN_ARCH);\nif (ourarch !~ \"^(i586|i686|x86_64)$\") audit(AUDIT_ARCH_NOT, \"i586 / i686 / x86_64\", ourarch);\n\nflag = 0;\n\nif ( rpm_check(release:\"SUSE42.3\", reference:\"ntp-4.2.8p13-31.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"ntp-debuginfo-4.2.8p13-31.9.1\") ) flag++;\nif ( rpm_check(release:\"SUSE42.3\", reference:\"ntp-debugsource-4.2.8p13-31.9.1\") ) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ntp / ntp-debuginfo / ntp-debugsource\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-14T06:17:36", "description": "This update for ntp fixes the following issues :\n\nSecurity issue fixed :\n\nCVE-2019-8936: Fixed a NULL pointer exception which could allow an\nauthenticated attcker to cause segmentation fault to ntpd\n(bsc#1128525).\n\nOther isses addressed: Fixed an issue which caused openSSL mismatch\n(bsc#1125401)\n\nFixed several bugs in the BANCOMM reclock driver.\n\nFixed ntp_loopfilter.c snprintf compilation warnings.\n\nFixed spurious initgroups() error message.\n\nFixed STA_NANO struct timex units.\n\nFixed GPS week rollover in libparse.\n\nFixed incorrect poll interval in packet.\n\nAdded a missing check for ENABLE_CMAC.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 18, "cvss3": {"score": 7.5, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2019-03-29T00:00:00", "title": "SUSE SLED12 / SLES12 Security Update : ntp (SUSE-SU-2019:0789-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-8936"], "modified": "2019-03-29T00:00:00", "cpe": ["cpe:/o:novell:suse_linux:12", "p-cpe:/a:novell:suse_linux:ntp-doc", "p-cpe:/a:novell:suse_linux:ntp-debugsource", "p-cpe:/a:novell:suse_linux:ntp-debuginfo", "p-cpe:/a:novell:suse_linux:ntp"], "id": "SUSE_SU-2019-0789-1.NASL", "href": "https://www.tenable.com/plugins/nessus/123500", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2019:0789-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(123500);\n script_version(\"1.5\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/13\");\n\n script_cve_id(\"CVE-2019-8936\");\n\n script_name(english:\"SUSE SLED12 / SLES12 Security Update : ntp (SUSE-SU-2019:0789-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\",\n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\",\n value:\n\"This update for ntp fixes the following issues :\n\nSecurity issue fixed :\n\nCVE-2019-8936: Fixed a NULL pointer exception which could allow an\nauthenticated attcker to cause segmentation fault to ntpd\n(bsc#1128525).\n\nOther isses addressed: Fixed an issue which caused openSSL mismatch\n(bsc#1125401)\n\nFixed several bugs in the BANCOMM reclock driver.\n\nFixed ntp_loopfilter.c snprintf compilation warnings.\n\nFixed spurious initgroups() error message.\n\nFixed STA_NANO struct timex units.\n\nFixed GPS week rollover in libparse.\n\nFixed incorrect poll interval in packet.\n\nAdded a missing check for ENABLE_CMAC.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1125401\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1128525\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-8936/\"\n );\n # https://www.suse.com/support/update/announcement/2019/suse-su-20190789-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?c7aeff43\"\n );\n script_set_attribute(\n attribute:\"solution\",\n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE OpenStack Cloud 7:zypper in -t patch\nSUSE-OpenStack-Cloud-7-2019-789=1\n\nSUSE Linux Enterprise Server for SAP 12-SP2:zypper in -t patch\nSUSE-SLE-SAP-12-SP2-2019-789=1\n\nSUSE Linux Enterprise Server for SAP 12-SP1:zypper in -t patch\nSUSE-SLE-SAP-12-SP1-2019-789=1\n\nSUSE Linux Enterprise Server 12-SP4:zypper in -t patch\nSUSE-SLE-SERVER-12-SP4-2019-789=1\n\nSUSE Linux Enterprise Server 12-SP3:zypper in -t patch\nSUSE-SLE-SERVER-12-SP3-2019-789=1\n\nSUSE Linux Enterprise Server 12-SP2-LTSS:zypper in -t patch\nSUSE-SLE-SERVER-12-SP2-2019-789=1\n\nSUSE Linux Enterprise Server 12-SP2-BCL:zypper in -t patch\nSUSE-SLE-SERVER-12-SP2-BCL-2019-789=1\n\nSUSE Linux Enterprise Server 12-SP1-LTSS:zypper in -t patch\nSUSE-SLE-SERVER-12-SP1-2019-789=1\n\nSUSE Linux Enterprise Desktop 12-SP4:zypper in -t patch\nSUSE-SLE-DESKTOP-12-SP4-2019-789=1\n\nSUSE Linux Enterprise Desktop 12-SP3:zypper in -t patch\nSUSE-SLE-DESKTOP-12-SP3-2019-789=1\n\nSUSE Enterprise Storage 4:zypper in -t patch SUSE-Storage-4-2019-789=1\n\nSUSE CaaS Platform ALL :\n\nTo install this update, use the SUSE CaaS Platform Velum dashboard. It\nwill inform you if it detects new updates and let you then trigger\nupdating of the complete cluster in a controlled way.\n\nSUSE CaaS Platform 3.0 :\n\nTo install this update, use the SUSE CaaS Platform Velum dashboard. It\nwill inform you if it detects new updates and let you then trigger\nupdating of the complete cluster in a controlled way.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:ntp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:ntp-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:ntp-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:ntp-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/05/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/03/28\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/03/29\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2021 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLED12|SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLED12 / SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(1|2|3|4)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP1/2/3/4\", os_ver + \" SP\" + sp);\nif (os_ver == \"SLED12\" && (! preg(pattern:\"^(3|4)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLED12 SP3/4\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"ntp-4.2.8p13-85.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"ntp-debuginfo-4.2.8p13-85.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"ntp-debugsource-4.2.8p13-85.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"1\", reference:\"ntp-doc-4.2.8p13-85.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"ntp-4.2.8p13-85.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"ntp-debuginfo-4.2.8p13-85.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"ntp-debugsource-4.2.8p13-85.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"4\", reference:\"ntp-doc-4.2.8p13-85.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"ntp-4.2.8p13-85.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"ntp-debuginfo-4.2.8p13-85.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"ntp-debugsource-4.2.8p13-85.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"3\", reference:\"ntp-doc-4.2.8p13-85.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"ntp-4.2.8p13-85.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"ntp-debuginfo-4.2.8p13-85.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"ntp-debugsource-4.2.8p13-85.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"2\", reference:\"ntp-doc-4.2.8p13-85.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"ntp-4.2.8p13-85.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"ntp-debuginfo-4.2.8p13-85.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"ntp-debugsource-4.2.8p13-85.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"4\", cpu:\"x86_64\", reference:\"ntp-doc-4.2.8p13-85.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"ntp-4.2.8p13-85.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"ntp-debuginfo-4.2.8p13-85.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"ntp-debugsource-4.2.8p13-85.1\")) flag++;\nif (rpm_check(release:\"SLED12\", sp:\"3\", cpu:\"x86_64\", reference:\"ntp-doc-4.2.8p13-85.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ntp\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-01T02:27:17", "description": "Security fix for CVE-2019-8936\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.", "edition": 17, "cvss3": {"score": 7.5, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2019-05-02T00:00:00", "title": "Fedora 30 : ntp (2019-b0c7f0d94a)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-8936"], "modified": "2021-01-02T00:00:00", "cpe": ["cpe:/o:fedoraproject:fedora:30", "p-cpe:/a:fedoraproject:fedora:ntp"], "id": "FEDORA_2019-B0C7F0D94A.NASL", "href": "https://www.tenable.com/plugins/nessus/124532", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Fedora Security Advisory FEDORA-2019-b0c7f0d94a.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(124532);\n script_version(\"1.4\");\n script_cvs_date(\"Date: 2020/01/21\");\n\n script_cve_id(\"CVE-2019-8936\");\n script_xref(name:\"FEDORA\", value:\"2019-b0c7f0d94a\");\n\n script_name(english:\"Fedora 30 : ntp (2019-b0c7f0d94a)\");\n script_summary(english:\"Checks rpm output for the updated package.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Fedora host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Security fix for CVE-2019-8936\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the Fedora update system website.\nTenable has attempted to automatically clean and format it as much as\npossible without introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bodhi.fedoraproject.org/updates/FEDORA-2019-b0c7f0d94a\"\n );\n script_set_attribute(attribute:\"solution\", value:\"Update the affected ntp package.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:fedoraproject:fedora:ntp\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:fedoraproject:fedora:30\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/05/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/04/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/05/02\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"Fedora Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/RedHat/release\", \"Host/RedHat/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/RedHat/release\");\nif (isnull(release) || \"Fedora\" >!< release) audit(AUDIT_OS_NOT, \"Fedora\");\nos_ver = pregmatch(pattern: \"Fedora.*release ([0-9]+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"Fedora\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^30([^0-9]|$)\", string:os_ver)) audit(AUDIT_OS_NOT, \"Fedora 30\", \"Fedora \" + os_ver);\n\nif (!get_kb_item(\"Host/RedHat/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (\"x86_64\" >!< cpu && cpu !~ \"^i[3-6]86$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Fedora\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"FC30\", reference:\"ntp-4.2.8p13-1.fc30\")) flag++;\n\n\nif (flag)\n{\n security_report_v4(\n port : 0,\n severity : SECURITY_WARNING,\n extra : rpm_report_get()\n );\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ntp\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2020-09-14T16:32:37", "description": "The version of the remote NTP server is 4.x prior to 4.2.8p13, or is\n4.3.x prior to 4.3.94. It is, therefore, affected by a denial of\nservice vulnerability due to a flaw in handling authenticated mode 6\ntraffic. An authenticated attacker can exploit this issue to cause\napplication crashes.\n\nNote that Nessus has not tested for this issue but has instead relied\nonly on the application's self-reported version number.", "edition": 10, "cvss3": {"score": 7.5, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2019-03-12T00:00:00", "title": "Network Time Protocol Daemon (ntpd) 4.x < 4.2.8p13 / 4.3.x < 4.3.94 DoS", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-8936"], "modified": "2019-03-12T00:00:00", "cpe": ["cpe:/a:ntp:ntp"], "id": "NTP_4_2_8P13.NASL", "href": "https://www.tenable.com/plugins/nessus/122777", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(122777);\n script_version(\"1.4\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2020/04/24\");\n\n script_cve_id(\"CVE-2019-8936\");\n script_bugtraq_id(107337);\n script_xref(name:\"IAVA\", value:\"2019-A-0078-S\");\n\n script_name(english:\"Network Time Protocol Daemon (ntpd) 4.x < 4.2.8p13 / 4.3.x < 4.3.94 DoS\");\n script_summary(english:\"Checks for a vulnerable NTP server.\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"The remote NTP server is affected by a denial of service vulnerability.\");\n script_set_attribute(attribute:\"description\", value:\n\"The version of the remote NTP server is 4.x prior to 4.2.8p13, or is\n4.3.x prior to 4.3.94. It is, therefore, affected by a denial of\nservice vulnerability due to a flaw in handling authenticated mode 6\ntraffic. An authenticated attacker can exploit this issue to cause\napplication crashes.\n\nNote that Nessus has not tested for this issue but has instead relied\nonly on the application's self-reported version number.\");\n # http://support.ntp.org/bin/view/Main/SecurityNotice#March_2019_ntp_4_2_8p13_NTP_Rele\n script_set_attribute(attribute:\"see_also\", value:\"http://www.nessus.org/u?1a6578d4\");\n script_set_attribute(attribute:\"see_also\", value:\"http://support.ntp.org/bin/view/Main/NtpBug3565\");\n script_set_attribute(attribute:\"solution\", value:\n\"Upgrade to NTP version 4.2.8p13, 4.3.94 or later.\");\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"cvss_score_source\", value:\"CVE-2019-8936\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/03/07\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/03/07\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/03/12\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/a:ntp:ntp\");\n script_set_attribute(attribute:\"potential_vulnerability\", value:\"true\");\n script_set_attribute(attribute:\"stig_severity\", value:\"I\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_family(english:\"Misc.\");\n\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n\n script_dependencies(\"ntp_open.nasl\");\n script_require_keys(\"NTP/Running\", \"Settings/ParanoidReport\");\n\n exit(0);\n}\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"misc_func.inc\");\n\n# Paranoia check\nif (report_paranoia < 2) audit(AUDIT_PARANOID);\n\n# Make sure NTP server is running\nget_kb_item_or_exit('NTP/Running');\n\napp_name = \"NTP Server\";\n\nport = get_kb_item(\"Services/udp/ntp\");\nif (empty_or_null(port)) port = 123;\n\nversion = get_kb_item_or_exit(\"Services/ntp/version\");\nif (version == 'unknown') audit(AUDIT_UNKNOWN_APP_VER, app_name);\n\nmatch = pregmatch(string:version, pattern:\"([0-9]+\\.[0-9]+\\.[0-9p]+)\");\nif (empty_or_null(match)) audit(AUDIT_UNKNOWN_APP_VER, app_name);\n\nver = match[1];\nverfields = split(ver, sep:\".\", keep:FALSE);\nmajor = int(verfields[0]);\nminor = int(verfields[1]);\nif ('p' >< verfields[2])\n{\n revpatch = split(verfields[2], sep:\"p\", keep:FALSE);\n rev = int(revpatch[0]);\n patch = int(revpatch[1]);\n}\nelse\n{\n rev = verfields[2];\n patch = 0;\n}\n\n# This vulnerability affects NTP 4.x < 4.2.8p13\n# Check for vuln, else audit out.\nif (\n (major == 4 && minor < 2) ||\n (major == 4 && minor == 2 && rev < 8) ||\n (major == 4 && minor == 2 && rev == 8 && patch < 13)\n)\n{\n fix = \"4.2.8p13\";\n}\nelse if (major == 4 && minor == 3 && rev < 94)\n{\n fix = \"4.3.94\";\n}\nelse audit(AUDIT_INST_VER_NOT_VULN, app_name, version);\n\nreport =\n '\\n Installed version : ' + version +\n '\\n Fixed version : ' + fix +\n '\\n';\n\nsecurity_report_v4(\n port : port,\n proto : \"udp\",\n extra : report,\n severity : SECURITY_WARNING\n);\nexit(0);\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}, {"lastseen": "2021-01-01T06:16:18", "description": "This update for ntp fixes the following issues :\n\nSecurity issue fixed :\n\nCVE-2019-8936: Fixed a NULL pointer exception which could allow an\nauthenticated attcker to cause segmentation fault to ntpd\n(bsc#1128525).\n\nOther issues addressed: Fixed several bugs in the BANCOMM reclock\ndriver.\n\nFixed ntp_loopfilter.c snprintf compilation warnings.\n\nFixed spurious initgroups() error message.\n\nFixed STA_NANO struct timex units.\n\nFixed GPS week rollover in libparse.\n\nFixed incorrect poll interval in packet.\n\nAdded a missing check for ENABLE_CMAC.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.", "edition": 17, "cvss3": {"score": 7.5, "vector": "AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H"}, "published": "2019-03-28T00:00:00", "title": "SUSE SLES12 Security Update : ntp (SUSE-SU-2019:0775-1)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2019-8936"], "modified": "2021-01-02T00:00:00", "cpe": ["cpe:/o:novell:suse_linux:12", "p-cpe:/a:novell:suse_linux:ntp-doc", "p-cpe:/a:novell:suse_linux:ntp-debugsource", "p-cpe:/a:novell:suse_linux:ntp-debuginfo", "p-cpe:/a:novell:suse_linux:ntp"], "id": "SUSE_SU-2019-0775-1.NASL", "href": "https://www.tenable.com/plugins/nessus/123449", "sourceData": "#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were\n# extracted from SUSE update advisory SUSE-SU-2019:0775-1.\n# The text itself is copyright (C) SUSE.\n#\n\ninclude(\"compat.inc\");\n\nif (description)\n{\n script_id(123449);\n script_version(\"1.4\");\n script_cvs_date(\"Date: 2020/01/27\");\n\n script_cve_id(\"CVE-2019-8936\");\n\n script_name(english:\"SUSE SLES12 Security Update : ntp (SUSE-SU-2019:0775-1)\");\n script_summary(english:\"Checks rpm output for the updated packages.\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote SUSE host is missing one or more security updates.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"This update for ntp fixes the following issues :\n\nSecurity issue fixed :\n\nCVE-2019-8936: Fixed a NULL pointer exception which could allow an\nauthenticated attcker to cause segmentation fault to ntpd\n(bsc#1128525).\n\nOther issues addressed: Fixed several bugs in the BANCOMM reclock\ndriver.\n\nFixed ntp_loopfilter.c snprintf compilation warnings.\n\nFixed spurious initgroups() error message.\n\nFixed STA_NANO struct timex units.\n\nFixed GPS week rollover in libparse.\n\nFixed incorrect poll interval in packet.\n\nAdded a missing check for ENABLE_CMAC.\n\nNote that Tenable Network Security has extracted the preceding\ndescription block directly from the SUSE security advisory. Tenable\nhas attempted to automatically clean and format it as much as possible\nwithout introducing additional issues.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugzilla.suse.com/show_bug.cgi?id=1128525\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://www.suse.com/security/cve/CVE-2019-8936/\"\n );\n # https://www.suse.com/support/update/announcement/2019/suse-su-20190775-1/\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.nessus.org/u?bdf1ec04\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"To install this SUSE Security Update use the SUSE recommended\ninstallation methods like YaST online_update or 'zypper patch'.\n\nAlternatively you can run the command listed for your product :\n\nSUSE Linux Enterprise Server 12-LTSS:zypper in -t patch\nSUSE-SLE-SERVER-12-2019-775=1\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:N/I:N/A:P\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_cvss3_base_vector(\"CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H\");\n script_set_cvss3_temporal_vector(\"CVSS:3.0/E:U/RL:O/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:ntp\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:ntp-debuginfo\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:ntp-debugsource\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:novell:suse_linux:ntp-doc\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:novell:suse_linux:12\");\n\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2019/05/15\");\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2019/03/27\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2019/03/28\");\n script_set_attribute(attribute:\"generated_plugin\", value:\"current\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.\");\n script_family(english:\"SuSE Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/SuSE/release\", \"Host/SuSE/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nrelease = get_kb_item(\"Host/SuSE/release\");\nif (isnull(release) || release !~ \"^(SLED|SLES)\") audit(AUDIT_OS_NOT, \"SUSE\");\nos_ver = pregmatch(pattern: \"^(SLE(S|D)\\d+)\", string:release);\nif (isnull(os_ver)) audit(AUDIT_UNKNOWN_APP_VER, \"SUSE\");\nos_ver = os_ver[1];\nif (! preg(pattern:\"^(SLES12)$\", string:os_ver)) audit(AUDIT_OS_NOT, \"SUSE SLES12\", \"SUSE \" + os_ver);\n\nif (!get_kb_item(\"Host/SuSE/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^i[3-6]86$\" && \"x86_64\" >!< cpu && \"s390x\" >!< cpu) audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"SUSE \" + os_ver, cpu);\n\nsp = get_kb_item(\"Host/SuSE/patchlevel\");\nif (isnull(sp)) sp = \"0\";\nif (os_ver == \"SLES12\" && (! preg(pattern:\"^(0)$\", string:sp))) audit(AUDIT_OS_NOT, \"SLES12 SP0\", os_ver + \" SP\" + sp);\n\n\nflag = 0;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"ntp-4.2.8p13-46.32.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"ntp-debuginfo-4.2.8p13-46.32.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"ntp-debugsource-4.2.8p13-46.32.1\")) flag++;\nif (rpm_check(release:\"SLES12\", sp:\"0\", reference:\"ntp-doc-4.2.8p13-46.32.1\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse\n{\n tested = pkg_tests_get();\n if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);\n else audit(AUDIT_PACKAGE_NOT_INSTALLED, \"ntp\");\n}\n", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "amazon": [{"lastseen": "2020-11-10T12:36:02", "bulletinFamily": "unix", "cvelist": ["CVE-2019-8936"], "description": "**Issue Overview:**\n\nNTP has a NULL pointer dereference attack in an authenticated mode 6 packet. ([CVE-2019-8936 __](<https://access.redhat.com/security/cve/CVE-2019-8936>))\n\n \n**Affected Packages:** \n\n\nntp\n\n \n**Issue Correction:** \nRun _yum update ntp_ to update your system. \n\n\n \n\n\n**New Packages:**\n \n \n i686: \n ntp-debuginfo-4.2.8p12-1.41.amzn1.i686 \n ntp-4.2.8p12-1.41.amzn1.i686 \n ntpdate-4.2.8p12-1.41.amzn1.i686 \n \n noarch: \n ntp-doc-4.2.8p12-1.41.amzn1.noarch \n ntp-perl-4.2.8p12-1.41.amzn1.noarch \n \n src: \n ntp-4.2.8p12-1.41.amzn1.src \n \n x86_64: \n ntp-4.2.8p12-1.41.amzn1.x86_64 \n ntp-debuginfo-4.2.8p12-1.41.amzn1.x86_64 \n ntpdate-4.2.8p12-1.41.amzn1.x86_64 \n \n \n", "edition": 5, "modified": "2019-05-16T22:30:00", "published": "2019-05-16T22:30:00", "id": "ALAS-2019-1206", "href": "https://alas.aws.amazon.com/ALAS-2019-1206.html", "title": "Medium: ntp", "type": "amazon", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "suse": [{"lastseen": "2019-04-05T03:13:16", "bulletinFamily": "unix", "cvelist": ["CVE-2019-8936"], "description": "This update for ntp fixes the following issues:\n\n Security issue fixed:\n\n - CVE-2019-8936: Fixed a null pointer exception which could allow an\n authenticated attcker to cause segmentation fault to ntpd (bsc#1128525).\n\n Other issues addressed:\n\n - Fixed several bugs in the BANCOMM reclock driver.\n - Fixed ntp_loopfilter.c snprintf compilation warnings.\n - Fixed spurious initgroups() error message.\n - Fixed STA_NANO struct timex units.\n - Fixed GPS week rollover in libparse.\n - Fixed incorrect poll interval in packet.\n - Added a missing check for ENABLE_CMAC.\n\n This update was imported from the SUSE:SLE-15:Update update project.\n\n", "edition": 1, "modified": "2019-04-05T00:26:27", "published": "2019-04-05T00:26:27", "id": "OPENSUSE-SU-2019:1143-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00032.html", "title": "Security update for ntp (moderate)", "type": "suse", "cvss": {"score": 0.0, "vector": "NONE"}}, {"lastseen": "2019-04-05T17:13:26", "bulletinFamily": "unix", "cvelist": ["CVE-2019-8936"], "description": "This update for ntp fixes the following issues:\n\n Security issue fixed:\n\n - CVE-2019-8936: Fixed a null pointer exception which could allow an\n authenticated attcker to cause segmentation fault to ntpd (bsc#1128525).\n\n Other isses addressed:\n\n - Fixed an issue which caused openSSL mismatch (bsc#1125401)\n - Fixed several bugs in the BANCOMM reclock driver.\n - Fixed ntp_loopfilter.c snprintf compilation warnings.\n - Fixed spurious initgroups() error message.\n - Fixed STA_NANO struct timex units.\n - Fixed GPS week rollover in libparse.\n - Fixed incorrect poll interval in packet.\n - Added a missing check for ENABLE_CMAC.\n\n This update was imported from the SUSE:SLE-12-SP1:Update update project.\n\n", "edition": 1, "modified": "2019-04-05T15:10:38", "published": "2019-04-05T15:10:38", "id": "OPENSUSE-SU-2019:1158-1", "href": "http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00036.html", "title": "Security update for ntp (moderate)", "type": "suse", "cvss": {"score": 0.0, "vector": "NONE"}}], "freebsd": [{"lastseen": "2019-07-30T23:42:56", "bulletinFamily": "unix", "cvelist": ["CVE-2019-8936"], "description": "\nNetwork Time Foundation reports:\n\nA crafted malicious authenticated mode 6 (ntpq) packet from a\n\t permitted network address can trigger a NULL pointer dereference,\n\t crashing ntpd.\nNote that for this attack to work, the sending\n\t system must be on an address that the target's ntpd accepts mode 6\n\t packets from, and must use a private key that is specifically\n\t listed as being used for mode 6 authorization.\nImpact: The ntpd daemon can crash due to the NULL pointer\n\t dereference, causing a denial of service.\nMitigation:\n\nUse restrict noquery to limit addresses that can send mode 6\n\t queries.\nLimit access to the private controlkey in ntp.keys.\nUpgrade to 4.2.8p13, or later.\n\n\n", "edition": 4, "modified": "2019-07-30T00:00:00", "published": "2019-01-15T00:00:00", "id": "C2576E14-36E2-11E9-9EDA-206A8A720317", "href": "https://vuxml.freebsd.org/freebsd/c2576e14-36e2-11e9-9eda-206a8a720317.html", "title": "ntp -- Crafted null dereference attack from a trusted source with an authenticated mode 6 packet", "type": "freebsd", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "aix": [{"lastseen": "2020-07-14T19:24:52", "bulletinFamily": "unix", "cvelist": ["CVE-2019-8936"], "description": "IBM SECURITY ADVISORY\n\nFirst Issued: Mon Aug 19 16:44:22 CDT 2019\n\nThe most recent version of this document is available here:\nhttp://aix.software.ibm.com/aix/efixes/security/ntp_advisory12.asc\nhttps://aix.software.ibm.com/aix/efixes/security/ntp_advisory12.asc\nftp://aix.software.ibm.com/aix/efixes/security/ntp_advisory12.asc\n\nSecurity Bulletin: Vulnerability in NTP affects AIX (CVE-2019-8936)\n\n===============================================================================\n\nSUMMARY:\n\n There is a vulnerability in NTPv3 and NTPv4 that affects AIX.\n\n\n===============================================================================\n\nVULNERABILITY DETAILS:\n\n NTPv3 and NTPv4 are vulnerable to:\n\n CVEID: CVE-2019-8936\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8936\n https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8936\n DESCRIPTION: NTP is vulnerable to a denial of service, caused by a NULL \n pointer dereference in ntp_control.c. By sending specially crafted \n mode 6 packets, a remote authenticated attacker could exploit this \n vulnerability to cause the ntpd daemon to SIGSEGV.\n CVSS Base Score: 5.3\n CVSS Temporal Score: See\n https://exchange.xforce.ibmcloud.com/vulnerabilities/158926\n for the current score\n CVSS Environmental Score*: Undefined\n CVSS Vector: (CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H)\n\n\n AFFECTED PRODUCTS AND VERSIONS:\n \n AIX 7.1, 7.2\n VIOS 2.2, 3.1\n\n The vulnerabilities in the following filesets are being addressed:\n \n key_fileset = aix\n\n For NTPv3:\n\n Fileset Lower Level Upper Level KEY PRODUCT(S) \n ---------------------------------------------------------------------\n bos.net.tcp.client 6.1.9.0 6.1.9.403 key_w_fs NTPv3\n bos.net.tcp.client 7.1.4.0 7.1.4.35 key_w_fs NTPv3\n bos.net.tcp.client 7.1.5.0 7.1.5.33 key_w_fs NTPv3\n bos.net.tcp.ntpd 7.2.1.0 7.2.1.3 key_w_fs NTPv3\n bos.net.tcp.ntpd 7.2.2.0 7.2.2.17 key_w_fs NTPv3\n bos.net.tcp.ntpd 7.2.3.0 7.2.3.15 key_w_fs NTPv3\n\n For NTPv4:\n\n Fileset Lower Level Upper Level KEY PRODUCT(S)\n ---------------------------------------------------------------------\n ntp.rte 7.4.2.8100 7.4.2.8121 key_w_fs NTPv4 \n\n \n To find out whether the affected filesets are installed \n on your systems, refer to the lslpp command found in AIX user's guide.\n\n Example: lslpp -L | grep -i bos.net.tcp.client\n\n\n REMEDIATION:\n\n A. APARS\n \n IBM has assigned the following APARs to this problem:\n\n For NTPv3:\n\n AIX Level APAR Availability SP KEY PRODUCT(S)\n ------------------------------------------------------------\n 7.1.4 IJ17061 ** N/A key_w_apar NTPv3\n 7.1.5 IJ17062 ** SP5 key_w_apar NTPv3\n 7.2.1 IJ17063 ** N/A key_w_apar NTPv3\n 7.2.2 IJ17064 ** SP5 key_w_apar NTPv3\n 7.2.3 IJ17065 ** SP4 key_w_apar NTPv3\n\n VIOS Level APAR Availability SP KEY PRODUCT(S)\n ----------------------------------------------------------------\n 2.2.5 IJ17060 ** N/A key_w_apar NTPv3\n 2.2.6 IJ17060 ** 2.2.6.50 key_w_apar NTPv3\n 3.1.0 IJ17065 ** 3.1.0.30 key_w_apar NTPv3\n\n For NTPv4:\n\n AIX Level APAR Availability SP KEY PRODUCT(S)\n ------------------------------------------------------------\n 7.1.4 IJ17059 ** N/A key_w_apar NTPv4\n 7.1.5 IJ17059 ** SP5 key_w_apar NTPv4\n 7.2.1 IJ17059 ** N/A key_w_apar NTPv4\n 7.2.2 IJ17059 ** SP5 key_w_apar NTPv4\n 7.2.3 IJ17059 ** SP4 key_w_apar NTPv4\n\n VIOS Level APAR Availability SP KEY PRODUCT(S)\n ----------------------------------------------------------------\n 2.2.5 IJ17059 ** N/A key_w_apar NTPv4\n 2.2.6 IJ17059 ** 2.2.6.50 key_w_apar NTPv4\n 3.1.0 IJ17059 ** 3.1.0.30 key_w_apar NTPv4\n\n Subscribe to the APARs here:\n\n http://www.ibm.com/support/docview.wss?uid=isg1IJ17060\n http://www.ibm.com/support/docview.wss?uid=isg1IJ17061\n http://www.ibm.com/support/docview.wss?uid=isg1IJ17062\n http://www.ibm.com/support/docview.wss?uid=isg1IJ17063\n http://www.ibm.com/support/docview.wss?uid=isg1IJ17064\n http://www.ibm.com/support/docview.wss?uid=isg1IJ17065\n http://www.ibm.com/support/docview.wss?uid=isg1IJ17059\n\n https://www.ibm.com/support/docview.wss?uid=isg1IJ17060\n https://www.ibm.com/support/docview.wss?uid=isg1IJ17061\n https://www.ibm.com/support/docview.wss?uid=isg1IJ17062\n https://www.ibm.com/support/docview.wss?uid=isg1IJ17063\n https://www.ibm.com/support/docview.wss?uid=isg1IJ17064\n https://www.ibm.com/support/docview.wss?uid=isg1IJ17065\n https://www.ibm.com/support/docview.wss?uid=isg1IJ17059\n\n By subscribing, you will receive periodic email alerting you\n to the status of the APAR, and a link to download the fix once\n it becomes available.\n\n B. FIXES\n\n AIX and VIOS fixes are available.\n\n The AIX/VIOS fixes can be downloaded via ftp or http from:\n\n ftp://aix.software.ibm.com/aix/efixes/security/ntp_fix12.tar\n http://aix.software.ibm.com/aix/efixes/security/ntp_fix12.tar\n https://aix.software.ibm.com/aix/efixes/security/ntp_fix12.tar \n\n The link above is to a tar file containing this signed\n advisory, fix packages, and OpenSSL signatures for each package.\n The fixes below include prerequisite checking. This will\n enforce the correct mapping between the fixes and AIX\n Technology Levels.\n \n For NTPv3:\n \n AIX Level Interim Fix (*.Z) KEY PRODUCT(S)\n ----------------------------------------------------------\n 7.1.4.6 IJ17061m8a.190628.epkg.Z key_w_fix NTPv3\n 7.1.4.7 IJ17061m8a.190628.epkg.Z key_w_fix NTPv3\n 7.1.4.8 IJ17061m8a.190628.epkg.Z key_w_fix NTPv3\n 7.1.5.2 IJ17062m4a.190628.epkg.Z key_w_fix NTPv3\n 7.1.5.3 IJ17062m4a.190628.epkg.Z key_w_fix NTPv3\n 7.1.5.4 IJ17062m4a.190628.epkg.Z key_w_fix NTPv3\n 7.2.1.4 IJ17063m6a.190701.epkg.Z key_w_fix NTPv3\n 7.2.1.5 IJ17063m6a.190701.epkg.Z key_w_fix NTPv3\n 7.2.1.6 IJ17063m6a.190701.epkg.Z key_w_fix NTPv3\n 7.2.2.2 IJ17064m4a.190701.epkg.Z key_w_fix NTPv3\n 7.2.2.3 IJ17064m4a.190701.epkg.Z key_w_fix NTPv3\n 7.2.2.4 IJ17064m4a.190701.epkg.Z key_w_fix NTPv3\n 7.2.3.1 IJ17065m3a.190701.epkg.Z key_w_fix NTPv3\n 7.2.3.2 IJ17065m3a.190701.epkg.Z key_w_fix NTPv3\n 7.2.3.3 IJ17065m3a.190701.epkg.Z key_w_fix NTPv3\n\n Please note that the above table refers to AIX TL/SP level as\n opposed to fileset level, i.e., 7.2.2.2 is AIX 7200-02-02.\n\n\n VIOS Level Interim Fix (*.Z) KEY PRODUCT(S)\n -----------------------------------------------------------\n 2.2.5.40 IJ17060m9a.190628.epkg.Z key_w_fix NTPv3\n 2.2.5.50 IJ17060m9a.190628.epkg.Z key_w_fix NTPv3\n 2.2.5.60 IJ17060m9a.190628.epkg.Z key_w_fix NTPv3\n 2.2.6.20 IJ17060m9a.190628.epkg.Z key_w_fix NTPv3\n 2.2.6.21 IJ17060m9a.190628.epkg.Z key_w_fix NTPv3\n 2.2.6.23 IJ17060m9a.190628.epkg.Z key_w_fix NTPv3\n 2.2.6.30 IJ17060m9a.190628.epkg.Z key_w_fix NTPv3\n 2.2.6.31 IJ17060m9a.190628.epkg.Z key_w_fix NTPv3\n 2.2.6.32 IJ17060m9a.190628.epkg.Z key_w_fix NTPv3\n 2.2.6.40 IJ17060m9a.190628.epkg.Z key_w_fix NTPv3\n 2.2.6.41 IJ17060m9a.190628.epkg.Z key_w_fix NTPv3\n 3.1.0.0 IJ17065m3a.190701.epkg.Z key_w_fix NTPv3\n 3.1.0.10 IJ17065m3a.190701.epkg.Z key_w_fix NTPv3\n 3.1.0.20 IJ17065m3a.190701.epkg.Z key_w_fix NTPv3\n 3.1.0.21 IJ17065m3a.190701.epkg.Z key_w_fix NTPv3\n\n\n For NTPv4:\n\n AIX Level Interim Fix (*.Z) KEY PRODUCT(S)\n ----------------------------------------------------------\n 7.1.x IJ17059m9b.190719.epkg.Z key_w_fix NTPv4\n 7.2.x IJ17059m9b.190719.epkg.Z key_w_fix NTPv4\n\n VIOS Level Interim Fix (*.Z) KEY PRODUCT(S)\n -----------------------------------------------------------\n 2.2.x IJ17059m9b.190719.epkg.Z key_w_fix NTPv4\n 3.1.0.x IJ17059m9b.190719.epkg.Z key_w_fix NTPv4\n\n To extract the fixes from the tar file:\n\n tar xvf ntp_fix12.tar \n cd ntp_fix12\n\n Verify you have retrieved the fixes intact:\n\n The checksums below were generated using the\n \"openssl dgst -sha256 file\" command as the following:\n\n openssl dgst -sha256 filename KEY\n -----------------------------------------------------------------------------------------------------\n 5543f8cfe79e9b260b1ffd795f1e755d063564cb436e77b56ccf3c806378d2ca IJ17059m9b.190719.epkg.Z key_w_csum\n fa9702b1406fd3b1437ac333f4a5a35cc8c8b6322a83970fbed6cf3f0ea73d5d IJ17060m9a.190628.epkg.Z key_w_csum\n 6b15b60f21f0a6e9506373ac5178aaf6a11e12a54087b27120614641222d0c48 IJ17061m8a.190628.epkg.Z key_w_csum\n 97e5c6ff951552e0b88a7ea61cf4b368844ae9d72721d923176f3c55b7340a0a IJ17062m4a.190628.epkg.Z key_w_csum\n cd980f0e6ef7c69e5d1ad48eeb4bfc6f621a34747af28bf2c3e161e89fce251b IJ17063m6a.190701.epkg.Z key_w_csum\n fa52c67254367424a611a269932b6de63c1d404ed9dd6cfa79eab465b91f11c6 IJ17064m4a.190701.epkg.Z key_w_csum\n 71bfbe4fb5697bc18d5a5d5524c9d64f08040aea04de765d1c1183c532006ef7 IJ17065m3a.190701.epkg.Z key_w_csum\n\n These sums should match exactly. The OpenSSL signatures in the tar\n file and on this advisory can also be used to verify the\n integrity of the fixes. If the sums or signatures cannot be\n confirmed, contact IBM Support at\n http://ibm.com/support/ and describe the discrepancy. \n \n openssl dgst -sha1 -verify [pubkey_file] -signature [advisory_file].sig [advisory_file]\n \n openssl dgst -sha1 -verify [pubkey_file] -signature [ifix_file].sig [ifix_file]\n\n Published advisory OpenSSL signature file location:\n \n http://aix.software.ibm.com/aix/efixes/security/ntp_advisory12.asc.sig\n https://aix.software.ibm.com/aix/efixes/security/ntp_advisory12.asc.sig\n ftp://aix.software.ibm.com/aix/efixes/security/ntp_advisory12.asc.sig \n\n C. FIX AND INTERIM FIX INSTALLATION\n\n If possible, it is recommended that a mksysb backup of the system \n be created. Verify it is both bootable and readable before\n proceeding.\n\n The fix will not take affect until any running xntpd servers\n have been stopped and restarted with the following commands:\n\n stopsrc -s xntpd\n startsrc -s xntpd\n\n To preview a fix installation:\n\n installp -a -d fix_name -p all # where fix_name is the name of the\n # fix package being previewed.\n To install a fix package:\n\n installp -a -d fix_name -X all # where fix_name is the name of the\n # fix package being installed.\n\n After installation the ntp daemon must be restarted:\n\n stopsrc -s xntpd\n startsrc -s xntpd\n\n Interim fixes have had limited functional and regression\n testing but not the full regression testing that takes place\n for Service Packs; however, IBM does fully support them.\n\n Interim fix management documentation can be found at:\n\n http://www14.software.ibm.com/webapp/set2/sas/f/aix.efixmgmt/home.html\n\n To preview an interim fix installation:\n\n emgr -e ipkg_name -p # where ipkg_name is the name of the\n # interim fix package being previewed.\n\n To install an interim fix package:\n\n emgr -e ipkg_name -X # where ipkg_name is the name of the\n # interim fix package being installed.\n\n WORKAROUNDS AND MITIGATIONS:\n\n None.\n\n\n===============================================================================\n\nCONTACT US:\n\n Note: Keywords labeled as KEY in this document are used for parsing\n purposes.\n\n If you would like to receive AIX Security Advisories via email,\n please visit \"My Notifications\":\n\n http://www.ibm.com/support/mynotifications\n\n To view previously issued advisories, please visit:\n\n http://www14.software.ibm.com/webapp/set2/subscriptions/onvdq\n \n Contact IBM Support for questions related to this announcement:\n\n http://ibm.com/support/\n https://ibm.com/support/\n\n To obtain the OpenSSL public key that can be used to verify the\n signed advisories and ifixes:\n\n Download the key from our web page:\n\n ftp://ftp.software.ibm.com/systems/power/AIX/systems_p_os_aix_security_pubkey.txt\n\n Please contact your local IBM AIX support center for any\n assistance.\n\n\nREFERENCES:\n \n Complete CVSS v3 Guide: http://www.first.org/cvss/user-guide\n On-line Calculator v3:\n http://www.first.org/cvss/calculator/3.0\n\n\nRELATED INFORMATION:\n\n IBM Secure Engineering Web Portal\n http://www.ibm.com/security/secure-engineering/bulletins.html\n\n IBM Product Security Incident Response Blog\n https://www.ibm.com/blogs/psirt/\n\n Security Bulletin: Vulnerability in NTP affects AIX (CVE-2019-8936)\n https://www-01.ibm.com/support/docview.wss?uid=ibm10961772\n\nACKNOWLEDGEMENTS:\n\n None.\n\n\nCHANGE HISTORY:\n\n First Issued: Mon Aug 19 16:44:22 CDT 2019\n\n\n===============================================================================\n\n*The CVSS Environment Score is customer environment specific and will \nultimately impact the Overall CVSS Score. Customers can evaluate the impact \nof this vulnerability in their environments by accessing the links in the \nReference section of this Security Bulletin. \n\nDisclaimer\nAccording to the Forum of Incident Response and Security Teams (FIRST), the \nCommon Vulnerability Scoring System (CVSS) is an \"industry open standard \ndesigned to convey vulnerability severity and help to determine urgency and \npriority of response.\" IBM PROVIDES THE CVSS SCORES \"AS IS\" WITHOUT WARRANTY \nOF ANY KIND, INCLUDING THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS \nFOR A PARTICULAR PURPOSE. CUSTOMERS ARE RESPONSIBLE FOR ASSESSING THE IMPACT \nOF ANY ACTUAL OR POTENTIAL SECURITY VULNERABILITY.\n\n\n", "edition": 10, "modified": "2019-08-19T16:44:22", "published": "2019-08-19T16:44:22", "id": "NTP_ADVISORY12.ASC", "href": "https://aix.software.ibm.com/aix/efixes/security/ntp_advisory12.asc", "title": "There are vulnerabilities in NTPv4 that affect AIX.,Vulnerabilities in NTP affect AIX,Vulnerabilities in NTP affect VIOS", "type": "aix", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "ubuntu": [{"lastseen": "2020-10-02T03:05:49", "bulletinFamily": "unix", "cvelist": ["CVE-2019-8936", "CVE-2018-7182"], "description": "It was discovered that the fix for CVE-2018-7182 introduced a NULL pointer \ndereference into NTP. An attacker could use this vulnerability to cause a \ndenial of service (crash).", "edition": 1, "modified": "2020-10-01T00:00:00", "published": "2020-10-01T00:00:00", "id": "USN-4563-1", "href": "https://ubuntu.com/security/notices/USN-4563-1", "title": "NTP vulnerability", "type": "ubuntu", "cvss": {"score": 5.0, "vector": "AV:N/AC:L/Au:N/C:N/I:N/A:P"}}], "gentoo": [{"lastseen": "2019-03-19T08:01:20", "bulletinFamily": "unix", "cvelist": ["CVE-2019-8936", "CVE-2018-12327"], "description": "### Background\n\nNTP contains software for the Network Time Protocol.\n\n### Description\n\nMultiple vulnerabilities have been discovered in NTP. Please review the CVE identifiers referenced below for details. \n\n### Impact\n\nAn attacker could cause a Denial of Service condition, escalate privileges, or remotely execute arbitrary code. \n\n### Workaround\n\nThere is no known workaround at this time.\n\n### Resolution\n\nAll NTP users should upgrade to the latest version:\n \n \n # emerge --sync\n # emerge --ask --oneshot --verbose \">=net-misc/ntp-4.2.8_p13\"", "edition": 1, "modified": "2019-03-19T00:00:00", "published": "2019-03-19T00:00:00", "id": "GLSA-201903-15", "href": "https://security.gentoo.org/glsa/201903-15", "title": "NTP: Multiple vulnerabilities", "type": "gentoo", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}]}