Alerts This Week
Warning Icon 1 1,154
Alerts This Week
Warning Icon 1 1,154

Ubuntu 12.04 ESM: USN-3707-2 Moderate: NTP Service Denial of Service

ubuntu
Calendar Grey January 23, 2019
Dist Ubuntu Esm H88
=========================================================================Ubuntu Security Notice USN-
Several security issues were fixed in NTP.

Summary

Several security issues were fixed in NTP.

Software Description:

- ntp: Network Time Protocol daemon and utility programs

Details:

USN-3707-1 and USN-3349-1 fixed several vulnerabilities in NTP. This

update provides the corresponding update for Ubuntu 12.04 ESM.

Original advisory details:

 Miroslav Lichvar discovered that NTP incorrectly handled certain

 spoofed addresses when performing rate limiting. A remote attacker

 could possibly use this issue to perform a denial of service.

 (CVE-2016-7426)

 Matthew Van Gundy discovered that NTP incorrectly handled certain

 crafted broadcast mode packets. A remote attacker could possibly use

 this issue to perform a denial of service. 

 (CVE-2016-7427, CVE-2016-7428)

 Matthew Van Gundy discovered that NTP incorrectly handled certain

 control mode packets. A remote attacker could use this issue to set or

 unset traps. (CVE-2016-9310)

 Matthew Van Gundy discovered that NTP incorrectly handled th...

Read the Full Advisory

Update Instructions

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 12.04 ESM:
  ntp                             1:4.2.6.p3+dfsg-1ubuntu3.12

In general, a standard system update will make all the necessary
changes.

References

  https://ubuntu.com/security/notices/USN-3707-2

  https://ubuntu.com/security/notices/USN-3707-1

  CVE-2016-7426, CVE-2016-7427, CVE-2016-7428, CVE-2016-9310,

  CVE-2016-9311, CVE-2017-6462, CVE-2017-6463, CVE-2018-7183,

  CVE-2018-7185

January 23, 2019

Package Information

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Your message here