Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
nessusUbuntu Security Notice (C) 2009-2019 Canonical, Inc. / NASL script (C) 2009-2018 and is owned by Tenable, Inc. or an Affiliate thereof.UBUNTU_USN-777-1.NASL
HistoryMay 20, 2009 - 12:00 a.m.

Ubuntu 6.06 LTS / 8.04 LTS / 8.10 / 9.04 : ntp vulnerabilities (USN-777-1)

2009-05-2000:00:00
Ubuntu Security Notice (C) 2009-2019 Canonical, Inc. / NASL script (C) 2009-2018 and is owned by Tenable, Inc. or an Affiliate thereof.
www.tenable.com
21
JSON

A stack-based buffer overflow was discovered in ntpq. If a user were tricked into connecting to a malicious ntp server, a remote attacker could cause a denial of service in ntpq, or possibly execute arbitrary code with the privileges of the user invoking the program.
(CVE-2009-0159)

Chris Ries discovered a stack-based overflow in ntp. If ntp was configured to use autokey, a remote attacker could send a crafted packet to cause a denial of service, or possibly execute arbitrary code. (CVE-2009-1252).

Note that Tenable Network Security has extracted the preceding description block directly from the Ubuntu security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.

#%NASL_MIN_LEVEL 70300
#
# (C) Tenable Network Security, Inc.
#
# The descriptive text and package checks in this plugin were
# extracted from Ubuntu Security Notice USN-777-1. The text 
# itself is copyright (C) Canonical, Inc. See 
# <http://www.ubuntu.com/usn/>. Ubuntu(R) is a registered 
# trademark of Canonical, Inc.
#

include('deprecated_nasl_level.inc');
include('compat.inc');

if (description)
{
  script_id(38848);
  script_version("1.13");
  script_set_attribute(attribute:"plugin_modification_date", value:"2021/01/19");

  script_cve_id("CVE-2009-0159", "CVE-2009-1252");
  script_bugtraq_id(35017);
  script_xref(name:"USN", value:"777-1");

  script_name(english:"Ubuntu 6.06 LTS / 8.04 LTS / 8.10 / 9.04 : ntp vulnerabilities (USN-777-1)");
  script_summary(english:"Checks dpkg output for updated packages.");

  script_set_attribute(
    attribute:"synopsis", 
    value:
"The remote Ubuntu host is missing one or more security-related
patches."
  );
  script_set_attribute(
    attribute:"description", 
    value:
"A stack-based buffer overflow was discovered in ntpq. If a user were
tricked into connecting to a malicious ntp server, a remote attacker
could cause a denial of service in ntpq, or possibly execute arbitrary
code with the privileges of the user invoking the program.
(CVE-2009-0159)

Chris Ries discovered a stack-based overflow in ntp. If ntp was
configured to use autokey, a remote attacker could send a crafted
packet to cause a denial of service, or possibly execute arbitrary
code. (CVE-2009-1252).

Note that Tenable Network Security has extracted the preceding
description block directly from the Ubuntu security advisory. Tenable
has attempted to automatically clean and format it as much as possible
without introducing additional issues."
  );
  script_set_attribute(
    attribute:"see_also",
    value:"https://usn.ubuntu.com/777-1/"
  );
  script_set_attribute(attribute:"solution", value:"Update the affected packages.");
  script_set_cvss_base_vector("CVSS2#AV:N/AC:M/Au:N/C:P/I:P/A:P");
  script_set_cvss_temporal_vector("CVSS2#E:U/RL:OF/RC:C");
  script_set_attribute(attribute:"exploitability_ease", value:"No known exploits are available");
  script_set_attribute(attribute:"exploit_available", value:"false");
  script_cwe_id(119);

  script_set_attribute(attribute:"plugin_type", value:"local");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:ntp");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:ntp-doc");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:ntp-refclock");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:ntp-server");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:ntp-simple");
  script_set_attribute(attribute:"cpe", value:"p-cpe:/a:canonical:ubuntu_linux:ntpdate");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:6.06:-:lts");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:8.04:-:lts");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:8.10");
  script_set_attribute(attribute:"cpe", value:"cpe:/o:canonical:ubuntu_linux:9.04");

  script_set_attribute(attribute:"patch_publication_date", value:"2009/05/19");
  script_set_attribute(attribute:"plugin_publication_date", value:"2009/05/20");
  script_end_attributes();

  script_category(ACT_GATHER_INFO);
  script_copyright(english:"Ubuntu Security Notice (C) 2009-2019 Canonical, Inc. / NASL script (C) 2009-2018 and is owned by Tenable, Inc. or an Affiliate thereof.");
  script_family(english:"Ubuntu Local Security Checks");

  script_dependencies("ssh_get_info.nasl");
  script_require_keys("Host/cpu", "Host/Ubuntu", "Host/Ubuntu/release", "Host/Debian/dpkg-l");

  exit(0);
}


include("audit.inc");
include("ubuntu.inc");
include("misc_func.inc");

if ( ! get_kb_item("Host/local_checks_enabled") ) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);
release = get_kb_item("Host/Ubuntu/release");
if ( isnull(release) ) audit(AUDIT_OS_NOT, "Ubuntu");
release = chomp(release);
if (! ereg(pattern:"^(6\.06|8\.04|8\.10|9\.04)$", string:release)) audit(AUDIT_OS_NOT, "Ubuntu 6.06 / 8.04 / 8.10 / 9.04", "Ubuntu " + release);
if ( ! get_kb_item("Host/Debian/dpkg-l") ) audit(AUDIT_PACKAGE_LIST_MISSING);

cpu = get_kb_item("Host/cpu");
if (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);
if ("x86_64" >!< cpu && cpu !~ "^i[3-6]86$") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, "Ubuntu", cpu);

flag = 0;

if (ubuntu_check(osver:"6.06", pkgname:"ntp", pkgver:"1:4.2.0a+stable-8.1ubuntu6.2")) flag++;
if (ubuntu_check(osver:"6.06", pkgname:"ntp-doc", pkgver:"4.2.0a+stable-8.1ubuntu6.2")) flag++;
if (ubuntu_check(osver:"6.06", pkgname:"ntp-refclock", pkgver:"4.2.0a+stable-8.1ubuntu6.2")) flag++;
if (ubuntu_check(osver:"6.06", pkgname:"ntp-server", pkgver:"1:4.2.0a+stable-8.1ubuntu6.2")) flag++;
if (ubuntu_check(osver:"6.06", pkgname:"ntp-simple", pkgver:"4.2.0a+stable-8.1ubuntu6.2")) flag++;
if (ubuntu_check(osver:"6.06", pkgname:"ntpdate", pkgver:"4.2.0a+stable-8.1ubuntu6.2")) flag++;
if (ubuntu_check(osver:"8.04", pkgname:"ntp", pkgver:"1:4.2.4p4+dfsg-3ubuntu2.2")) flag++;
if (ubuntu_check(osver:"8.04", pkgname:"ntp-doc", pkgver:"4.2.4p4+dfsg-3ubuntu2.2")) flag++;
if (ubuntu_check(osver:"8.04", pkgname:"ntpdate", pkgver:"4.2.4p4+dfsg-3ubuntu2.2")) flag++;
if (ubuntu_check(osver:"8.10", pkgname:"ntp", pkgver:"1:4.2.4p4+dfsg-6ubuntu2.3")) flag++;
if (ubuntu_check(osver:"8.10", pkgname:"ntp-doc", pkgver:"4.2.4p4+dfsg-6ubuntu2.3")) flag++;
if (ubuntu_check(osver:"8.10", pkgname:"ntpdate", pkgver:"4.2.4p4+dfsg-6ubuntu2.3")) flag++;
if (ubuntu_check(osver:"9.04", pkgname:"ntp", pkgver:"1:4.2.4p4+dfsg-7ubuntu5.1")) flag++;
if (ubuntu_check(osver:"9.04", pkgname:"ntp-doc", pkgver:"4.2.4p4+dfsg-7ubuntu5.1")) flag++;
if (ubuntu_check(osver:"9.04", pkgname:"ntpdate", pkgver:"4.2.4p4+dfsg-7ubuntu5.1")) flag++;

if (flag)
{
  security_report_v4(
    port       : 0,
    severity   : SECURITY_WARNING,
    extra      : ubuntu_report_get()
  );
  exit(0);
}
else
{
  tested = ubuntu_pkg_tests_get();
  if (tested) audit(AUDIT_PACKAGE_NOT_AFFECTED, tested);
  else audit(AUDIT_PACKAGE_NOT_INSTALLED, "ntp / ntp-doc / ntp-refclock / ntp-server / ntp-simple / ntpdate");
}
VendorProductVersionCPE
canonicalubuntu_linuxntpp-cpe:/a:canonical:ubuntu_linux:ntp
canonicalubuntu_linuxntp-docp-cpe:/a:canonical:ubuntu_linux:ntp-doc
canonicalubuntu_linuxntp-refclockp-cpe:/a:canonical:ubuntu_linux:ntp-refclock
canonicalubuntu_linuxntp-serverp-cpe:/a:canonical:ubuntu_linux:ntp-server
canonicalubuntu_linuxntp-simplep-cpe:/a:canonical:ubuntu_linux:ntp-simple
canonicalubuntu_linuxntpdatep-cpe:/a:canonical:ubuntu_linux:ntpdate
canonicalubuntu_linux6.06cpe:/o:canonical:ubuntu_linux:6.06:-:lts
canonicalubuntu_linux8.04cpe:/o:canonical:ubuntu_linux:8.04:-:lts
canonicalubuntu_linux8.10cpe:/o:canonical:ubuntu_linux:8.10
canonicalubuntu_linux9.04cpe:/o:canonical:ubuntu_linux:9.04

Related

openvas 68
nessus 40
debian 1
securityvulns 6
freebsd 1
redhat 3
gentoo 1
oraclelinux 3
slackware 1
centos 3
ubuntu 1
osv 1
fedora 5
seebug 2
cert 1
prion 2
f5 2
ubuntucve 2
debiancve 2
cve 2
freebsd_advisory 1
veracode 2
checkpoint_advisories 1
vmware 2
openvas
openvas
CentOS Security Advisory CESA-2009:1039 (ntp)
2009-05-25 00:00:00
Slackware Advisory SSA:2009-154-01 ntp
2012-09-11 00:00:00
SLES11: Security update for ntp
2009-10-11 00:00:00
nessus
nessus
Slackware 10.0 / 10.1 / 10.2 / 11.0 / 12.0 / 12.1 / 12.2 / 8.1 / 9.0 / 9.1 / current : ntp (SSA:2009-154-01)
2009-06-04 00:00:00
Debian DSA-1801-1 : ntp - buffer overflows
2009-05-20 00:00:00
Mandriva Linux Security Advisory : ntp (MDVSA-2009:309)
2009-12-04 00:00:00
debian
debian
[SECURITY] [DSA 1801-1] New ntp packages fix several vulnerabilities
2009-05-19 13:55:33
securityvulns
securityvulns
[ GLSA 200905-08 ] NTP: Remote execution of arbitrary code
2009-05-26 00:00:00
ntpd buffer overflow
2009-05-26 00:00:00
ntp client buffer overflow
2009-04-14 00:00:00
freebsd
freebsd
ntp -- stack-based buffer overflow
2009-05-06 00:00:00
redhat
redhat
(RHSA-2009:1039) Important: ntp security update
2009-05-18 00:00:00
(RHSA-2009:1040) Critical: ntp security update
2009-05-18 00:00:00
(RHSA-2009:1651) Moderate: ntp security update
2009-12-08 00:00:00
gentoo
gentoo
NTP: Remote execution of arbitrary code
2009-05-26 00:00:00
oraclelinux
oraclelinux
ntp security update
2009-05-18 00:00:00
ntp security update
2009-05-22 00:00:00
ntp security update
2009-12-08 00:00:00
slackware
slackware
ntp
2009-06-03 20:44:43
centos
centos
ntp security update
2009-05-21 14:43:18
ntp security update
2009-05-19 15:07:14
ntp security update
2009-12-08 22:18:02
ubuntu
ubuntu
Ntp vulnerabilities
2009-05-19 00:00:00
osv
osv
ntp - several vulnerabilities
2009-05-19 00:00:00
fedora
fedora
[SECURITY] Fedora 10 Update: ntp-4.2.4p7-1.fc10
2009-05-30 02:28:09
[SECURITY] Fedora 9 Update: ntp-4.2.4p7-1.fc9
2009-05-30 02:32:59
[SECURITY] Fedora 10 Update: ntp-4.2.4p7-2.fc10
2009-12-11 18:32:53
seebug
seebug
NTP 'ntpd' Autokey栈缓冲区溢出漏洞
2009-05-21 00:00:00
NTP ntpq命令远程栈溢出溢出漏洞
2009-04-13 00:00:00
cert
cert
ntpd autokey stack buffer overflow
2009-05-18 00:00:00
prion
prion
Stack overflow
2009-05-19 19:30:00
Stack overflow
2009-04-14 15:30:00
f5
f5
SOL15928 - Network Time Protocol vulnerability CVE-2009-1252
2014-12-23 00:00:00
K15928 : Network Time Protocol vulnerability CVE-2009-1252
2014-12-23 00:00:00
ubuntucve
ubuntucve
CVE-2009-1252
2009-05-19 00:00:00
CVE-2009-0159
2009-04-14 00:00:00
debiancve
debiancve
CVE-2009-1252
2009-05-19 19:30:00
CVE-2009-0159
2009-04-14 15:30:00
cve
cve
CVE-2009-1252
2009-05-19 19:30:00
CVE-2009-0159
2009-04-14 15:30:00
freebsd_advisory
freebsd_advisory
FreeBSD-SA-09:11.ntpd
2009-06-10 00:00:00
veracode
veracode
Arbitrary Code Execution
2020-04-10 00:32:10
Stack-based Buffer Overflow
2020-04-10 00:32:10
checkpoint_advisories
checkpoint_advisories
NTP Daemon Autokey Stack Buffer Overflow (CVE-2009-1252)
2009-05-25 00:00:00
vmware
vmware
VMware vCenter and ESX update release and vMA patch release address multiple security issues in third party components.
2009-11-20 00:00:00
VMware vCenter and ESX update release and vMA patch release address multiple security issues in third party components
2009-11-20 00:00:00
JSON
Related for UBUNTU_USN-777-1.NASL
openvas68nessus40debian1securityvulns6freebsd1redhat3gentoo1oraclelinux3slackware1centos3ubuntu1osv1fedora5seebug2cert1prion2f52ubuntucve2debiancve2cve2freebsd_advisory1veracode2checkpoint_advisories1vmware2