Ubuntu 867-1: Ntp vulnerability

    Date08 Dec 2009
    CategoryUbuntu
    55
    Posted ByLinuxSecurity Advisories
    Robin Park and Dmitri Vinokurov discovered a logic error in ntpd. A remoteattacker could send a crafted NTP mode 7 packet with a spoofed IP addressof an affected server and cause a denial of service via CPU and diskresource consumption. [More...]
    ===========================================================
    Ubuntu Security Notice USN-867-1          December 08, 2009
    ntp vulnerability
    CVE-2009-3563
    ===========================================================
    
    A security issue affects the following Ubuntu releases:
    
    Ubuntu 6.06 LTS
    Ubuntu 8.04 LTS
    Ubuntu 8.10
    Ubuntu 9.04
    Ubuntu 9.10
    
    This advisory also applies to the corresponding versions of
    Kubuntu, Edubuntu, and Xubuntu.
    
    The problem can be corrected by upgrading your system to the
    following package versions:
    
    Ubuntu 6.06 LTS:
      ntp                             1:4.2.0a+stable-8.1ubuntu6.3
      ntp-server                      1:4.2.0a+stable-8.1ubuntu6.3
    
    Ubuntu 8.04 LTS:
      ntp                             1:4.2.4p4+dfsg-3ubuntu2.3
    
    Ubuntu 8.10:
      ntp                             1:4.2.4p4+dfsg-6ubuntu2.4
    
    Ubuntu 9.04:
      ntp                             1:4.2.4p4+dfsg-7ubuntu5.2
    
    Ubuntu 9.10:
      ntp                             1:4.2.4p6+dfsg-1ubuntu5.1
    
    In general, a standard system upgrade is sufficient to effect the
    necessary changes.
    
    Details follow:
    
    Robin Park and Dmitri Vinokurov discovered a logic error in ntpd. A remote
    attacker could send a crafted NTP mode 7 packet with a spoofed IP address
    of an affected server and cause a denial of service via CPU and disk
    resource consumption.
    
    
    Updated packages for Ubuntu 6.06 LTS:
    
      Source archives:
    
        http://security.ubuntu.com/ubuntu/pool/main/n/ntp/ntp_4.2.0a+stable-8.1ubuntu6.3.diff.gz
          Size/MD5:   262833 1fdb567debfe1ce10ffc44ec492d4aa5
        http://security.ubuntu.com/ubuntu/pool/main/n/ntp/ntp_4.2.0a+stable-8.1ubuntu6.3.dsc
          Size/MD5:      872 a6f59fefbf4050684aa38de8b24c54b3
        http://security.ubuntu.com/ubuntu/pool/main/n/ntp/ntp_4.2.0a+stable.orig.tar.gz
          Size/MD5:  2272395 30f8b3d5b970c14dce5c6d8c922afa3e
    
      Architecture independent packages:
    
        http://security.ubuntu.com/ubuntu/pool/main/n/ntp/ntp-doc_4.2.0a+stable-8.1ubuntu6.3_all.deb
          Size/MD5:   891204 35969710cca05eabef8399e53de0bdb5
    
      amd64 architecture (Athlon64, Opteron, EM64T Xeon):
    
        http://security.ubuntu.com/ubuntu/pool/main/n/ntp/ntp-server_4.2.0a+stable-8.1ubuntu6.3_amd64.deb
          Size/MD5:    35022 cf299ac36cb52399b7b80a7aa6b00c77
        http://security.ubuntu.com/ubuntu/pool/main/n/ntp/ntp-simple_4.2.0a+stable-8.1ubuntu6.3_amd64.deb
          Size/MD5:   136402 14d2d9f6ec9a8f4edb2d674538b642a8
        http://security.ubuntu.com/ubuntu/pool/main/n/ntp/ntp_4.2.0a+stable-8.1ubuntu6.3_amd64.deb
          Size/MD5:   270524 05dfaa4fdf895ebfdf61ee43d97ef9c6
        http://security.ubuntu.com/ubuntu/pool/main/n/ntp/ntpdate_4.2.0a+stable-8.1ubuntu6.3_amd64.deb
          Size/MD5:    47932 ee2a72cdc8d20e545443bbcf086c6f82
        http://security.ubuntu.com/ubuntu/pool/universe/n/ntp/ntp-refclock_4.2.0a+stable-8.1ubuntu6.3_amd64.deb
          Size/MD5:   224268 d9daac981b2dd6d16d69d4bfc0f1d4bf
    
      i386 architecture (x86 compatible Intel/AMD):
    
        http://security.ubuntu.com/ubuntu/pool/main/n/ntp/ntp-server_4.2.0a+stable-8.1ubuntu6.3_i386.deb
          Size/MD5:    33926 4a79ecdb4d1fa3d407fca23c00292a9d
        http://security.ubuntu.com/ubuntu/pool/main/n/ntp/ntp-simple_4.2.0a+stable-8.1ubuntu6.3_i386.deb
          Size/MD5:   121710 77db2cb6c9daa84d6174fbe277a96c44
        http://security.ubuntu.com/ubuntu/pool/main/n/ntp/ntp_4.2.0a+stable-8.1ubuntu6.3_i386.deb
          Size/MD5:   256764 7aeb8e664a3ff16608fc880a108a8645
        http://security.ubuntu.com/ubuntu/pool/main/n/ntp/ntpdate_4.2.0a+stable-8.1ubuntu6.3_i386.deb
          Size/MD5:    44598 1e3067b9f7fee43a3f0b18ec9d4b356b
        http://security.ubuntu.com/ubuntu/pool/universe/n/ntp/ntp-refclock_4.2.0a+stable-8.1ubuntu6.3_i386.deb
          Size/MD5:   198516 a0066ee286571189f7f6099bd8a2c220
    
      powerpc architecture (Apple Macintosh G3/G4/G5):
    
        http://security.ubuntu.com/ubuntu/pool/main/n/ntp/ntp-server_4.2.0a+stable-8.1ubuntu6.3_powerpc.deb
          Size/MD5:    37162 3b19f883b00809d36ae9bd79114955c1
        http://security.ubuntu.com/ubuntu/pool/main/n/ntp/ntp-simple_4.2.0a+stable-8.1ubuntu6.3_powerpc.deb
          Size/MD5:   135184 d1419b2d9aff1392c78bab2911114c2a
        http://security.ubuntu.com/ubuntu/pool/main/n/ntp/ntp_4.2.0a+stable-8.1ubuntu6.3_powerpc.deb
          Size/MD5:   271468 856ffca2e1d79bfd730aec3bcc1ce497
        http://security.ubuntu.com/ubuntu/pool/main/n/ntp/ntpdate_4.2.0a+stable-8.1ubuntu6.3_powerpc.deb
          Size/MD5:    49266 2cee0d14d9d1deafb78b26041d1ed05a
        http://security.ubuntu.com/ubuntu/pool/universe/n/ntp/ntp-refclock_4.2.0a+stable-8.1ubuntu6.3_powerpc.deb
          Size/MD5:   222168 42ef5dfaddb9e1fe9b9933119cdbe9ab
    
      sparc architecture (Sun SPARC/UltraSPARC):
    
        http://security.ubuntu.com/ubuntu/pool/main/n/ntp/ntp-server_4.2.0a+stable-8.1ubuntu6.3_sparc.deb
          Size/MD5:    34428 09539a35a435d11f12ed9f5bd9534771
        http://security.ubuntu.com/ubuntu/pool/main/n/ntp/ntp-simple_4.2.0a+stable-8.1ubuntu6.3_sparc.deb
          Size/MD5:   126814 8e2066b695d32e08355bfdc0f571c705
        http://security.ubuntu.com/ubuntu/pool/main/n/ntp/ntp_4.2.0a+stable-8.1ubuntu6.3_sparc.deb
          Size/MD5:   261652 1e4142216eb7ff527ce1f59b2ad2d0af
        http://security.ubuntu.com/ubuntu/pool/main/n/ntp/ntpdate_4.2.0a+stable-8.1ubuntu6.3_sparc.deb
          Size/MD5:    46790 7d456f67bea9e6c3f2452a5d6a847f67
        http://security.ubuntu.com/ubuntu/pool/universe/n/ntp/ntp-refclock_4.2.0a+stable-8.1ubuntu6.3_sparc.deb
          Size/MD5:   207566 433dca719ea61cca73b993a530299fae
    
    Updated packages for Ubuntu 8.04 LTS:
    
      Source archives:
    
        http://security.ubuntu.com/ubuntu/pool/main/n/ntp/ntp_4.2.4p4+dfsg-3ubuntu2.3.diff.gz
          Size/MD5:   287172 dfb60aa2cd60f61907856f5b50c8fc46
        http://security.ubuntu.com/ubuntu/pool/main/n/ntp/ntp_4.2.4p4+dfsg-3ubuntu2.3.dsc
          Size/MD5:     1046 251a7ead6fcf835535176b89ed7cc3d4
        http://security.ubuntu.com/ubuntu/pool/main/n/ntp/ntp_4.2.4p4+dfsg.orig.tar.gz
          Size/MD5:  2835029 dc2b3ac9cc04b0f29df35467514c9884
    
      Architecture independent packages:
    
        http://security.ubuntu.com/ubuntu/pool/main/n/ntp/ntp-doc_4.2.4p4+dfsg-3ubuntu2.3_all.deb
          Size/MD5:   928116 28eb96c89717c9fdfe39b3f140428484
    
      amd64 architecture (Athlon64, Opteron, EM64T Xeon):
    
        http://security.ubuntu.com/ubuntu/pool/main/n/ntp/ntp_4.2.4p4+dfsg-3ubuntu2.3_amd64.deb
          Size/MD5:   477388 bc91b335e5963954d4284d0b57b37c40
        http://security.ubuntu.com/ubuntu/pool/main/n/ntp/ntpdate_4.2.4p4+dfsg-3ubuntu2.3_amd64.deb
          Size/MD5:    65194 185195f8e2df78f7dfbba5b88be482ce
    
      i386 architecture (x86 compatible Intel/AMD):
    
        http://security.ubuntu.com/ubuntu/pool/main/n/ntp/ntp_4.2.4p4+dfsg-3ubuntu2.3_i386.deb
          Size/MD5:   432592 0ec673d7b4507cb992091a7b63007826
        http://security.ubuntu.com/ubuntu/pool/main/n/ntp/ntpdate_4.2.4p4+dfsg-3ubuntu2.3_i386.deb
          Size/MD5:    61224 fbf4533c390ea05b7149e370815983e1
    
      lpia architecture (Low Power Intel Architecture):
    
        http://ports.ubuntu.com/pool/main/n/ntp/ntp_4.2.4p4+dfsg-3ubuntu2.3_lpia.deb
          Size/MD5:   435450 1be0d440cf6bcf5048139c856b85106b
        http://ports.ubuntu.com/pool/main/n/ntp/ntpdate_4.2.4p4+dfsg-3ubuntu2.3_lpia.deb
          Size/MD5:    61184 a1b2a4c34beee7210e322b2f05d94095
    
      powerpc architecture (Apple Macintosh G3/G4/G5):
    
        http://ports.ubuntu.com/pool/main/n/ntp/ntp_4.2.4p4+dfsg-3ubuntu2.3_powerpc.deb
          Size/MD5:   490538 e6adb5a7bde67fc04b543664e6ef748f
        http://ports.ubuntu.com/pool/main/n/ntp/ntpdate_4.2.4p4+dfsg-3ubuntu2.3_powerpc.deb
          Size/MD5:    66780 35b709a20016e07b383362610ae2b45a
    
      sparc architecture (Sun SPARC/UltraSPARC):
    
        http://ports.ubuntu.com/pool/main/n/ntp/ntp_4.2.4p4+dfsg-3ubuntu2.3_sparc.deb
          Size/MD5:   442346 212fc209067ce419756fa2d6f486fd33
        http://ports.ubuntu.com/pool/main/n/ntp/ntpdate_4.2.4p4+dfsg-3ubuntu2.3_sparc.deb
          Size/MD5:    61964 7937872f5231323d82c98f0ace751a79
    
    Updated packages for Ubuntu 8.10:
    
      Source archives:
    
        http://security.ubuntu.com/ubuntu/pool/main/n/ntp/ntp_4.2.4p4+dfsg-6ubuntu2.4.diff.gz
          Size/MD5:   305723 ea6556c8f4053f2abd79e4cf96633a65
        http://security.ubuntu.com/ubuntu/pool/main/n/ntp/ntp_4.2.4p4+dfsg-6ubuntu2.4.dsc
          Size/MD5:     1555 fa669b54aac2751215e1fbac226bf51e
        http://security.ubuntu.com/ubuntu/pool/main/n/ntp/ntp_4.2.4p4+dfsg.orig.tar.gz
          Size/MD5:  2835029 dc2b3ac9cc04b0f29df35467514c9884
    
      Architecture independent packages:
    
        http://security.ubuntu.com/ubuntu/pool/main/n/ntp/ntp-doc_4.2.4p4+dfsg-6ubuntu2.4_all.deb
          Size/MD5:   928754 eaa802a30b795ce27417c0f8fd612564
    
      amd64 architecture (Athlon64, Opteron, EM64T Xeon):
    
        http://security.ubuntu.com/ubuntu/pool/main/n/ntp/ntp_4.2.4p4+dfsg-6ubuntu2.4_amd64.deb
          Size/MD5:   487270 83aef0ae73d841ca98c1aff95b68b974
        http://security.ubuntu.com/ubuntu/pool/main/n/ntp/ntpdate_4.2.4p4+dfsg-6ubuntu2.4_amd64.deb
          Size/MD5:    66118 b1d338d727c1fbb479a0298e67cf920c
    
      i386 architecture (x86 compatible Intel/AMD):
    
        http://security.ubuntu.com/ubuntu/pool/main/n/ntp/ntp_4.2.4p4+dfsg-6ubuntu2.4_i386.deb
          Size/MD5:   442316 9441f50fefcd831651417c8e66353769
        http://security.ubuntu.com/ubuntu/pool/main/n/ntp/ntpdate_4.2.4p4+dfsg-6ubuntu2.4_i386.deb
          Size/MD5:    62320 67f26e8efd2233911b3ee5d5c779da52
    
      lpia architecture (Low Power Intel Architecture):
    
        http://ports.ubuntu.com/pool/main/n/ntp/ntp_4.2.4p4+dfsg-6ubuntu2.4_lpia.deb
          Size/MD5:   441714 cc6ffa5cf9f82b707ebf77291c0c7c2b
        http://ports.ubuntu.com/pool/main/n/ntp/ntpdate_4.2.4p4+dfsg-6ubuntu2.4_lpia.deb
          Size/MD5:    62086 d4c4d6efa2ae6c85b400d73bd39cac8d
    
      powerpc architecture (Apple Macintosh G3/G4/G5):
    
        http://ports.ubuntu.com/pool/main/n/ntp/ntp_4.2.4p4+dfsg-6ubuntu2.4_powerpc.deb
          Size/MD5:   491332 f4016ec402c0665df5241555af9a04ed
        http://ports.ubuntu.com/pool/main/n/ntp/ntpdate_4.2.4p4+dfsg-6ubuntu2.4_powerpc.deb
          Size/MD5:    67198 47c3dd10eae821a9d1abcf77a85d6651
    
      sparc architecture (Sun SPARC/UltraSPARC):
    
        http://ports.ubuntu.com/pool/main/n/ntp/ntp_4.2.4p4+dfsg-6ubuntu2.4_sparc.deb
          Size/MD5:   449572 4a168bf44988c1da63a39bd14b17b682
        http://ports.ubuntu.com/pool/main/n/ntp/ntpdate_4.2.4p4+dfsg-6ubuntu2.4_sparc.deb
          Size/MD5:    62834 0ae1f43f7f327de4ab787c911f0fd1ca
    
    Updated packages for Ubuntu 9.04:
    
      Source archives:
    
        http://security.ubuntu.com/ubuntu/pool/main/n/ntp/ntp_4.2.4p4+dfsg-7ubuntu5.2.diff.gz
          Size/MD5:   306032 90b99d80d9e52e4db7e30b96002834b4
        http://security.ubuntu.com/ubuntu/pool/main/n/ntp/ntp_4.2.4p4+dfsg-7ubuntu5.2.dsc
          Size/MD5:     1556 b6f57df7732c6fd3a29de6d4c65c421d
        http://security.ubuntu.com/ubuntu/pool/main/n/ntp/ntp_4.2.4p4+dfsg.orig.tar.gz
          Size/MD5:  2835029 dc2b3ac9cc04b0f29df35467514c9884
    
      Architecture independent packages:
    
        http://security.ubuntu.com/ubuntu/pool/main/n/ntp/ntp-doc_4.2.4p4+dfsg-7ubuntu5.2_all.deb
          Size/MD5:   929066 4230567b7ef012596cd5e291df13df76
    
      amd64 architecture (Athlon64, Opteron, EM64T Xeon):
    
        http://security.ubuntu.com/ubuntu/pool/main/n/ntp/ntp_4.2.4p4+dfsg-7ubuntu5.2_amd64.deb
          Size/MD5:   487628 3789b894fe98014ed8b62fc910088d2a
        http://security.ubuntu.com/ubuntu/pool/main/n/ntp/ntpdate_4.2.4p4+dfsg-7ubuntu5.2_amd64.deb
          Size/MD5:    66442 b43e6e46f0c035961fa2e382bd883fe2
    
      i386 architecture (x86 compatible Intel/AMD):
    
        http://security.ubuntu.com/ubuntu/pool/main/n/ntp/ntp_4.2.4p4+dfsg-7ubuntu5.2_i386.deb
          Size/MD5:   442634 efaf8cc0f84114fe6d426827f22e3db4
        http://security.ubuntu.com/ubuntu/pool/main/n/ntp/ntpdate_4.2.4p4+dfsg-7ubuntu5.2_i386.deb
          Size/MD5:    62642 7c9ce030867f9809b49634bdcc2a57a3
    
      lpia architecture (Low Power Intel Architecture):
    
        http://ports.ubuntu.com/pool/main/n/ntp/ntp_4.2.4p4+dfsg-7ubuntu5.2_lpia.deb
          Size/MD5:   442086 4dd3ea7d09c746a592b0b622f4fcb753
        http://ports.ubuntu.com/pool/main/n/ntp/ntpdate_4.2.4p4+dfsg-7ubuntu5.2_lpia.deb
          Size/MD5:    62410 77fa9c143489ea55da37adcd9f268e6b
    
      powerpc architecture (Apple Macintosh G3/G4/G5):
    
        http://ports.ubuntu.com/pool/main/n/ntp/ntp_4.2.4p4+dfsg-7ubuntu5.2_powerpc.deb
          Size/MD5:   491526 d04d12ed5ebc7968a90894d92ca094c6
        http://ports.ubuntu.com/pool/main/n/ntp/ntpdate_4.2.4p4+dfsg-7ubuntu5.2_powerpc.deb
          Size/MD5:    67530 55cffc037f6a88b24abd399925e700c3
    
      sparc architecture (Sun SPARC/UltraSPARC):
    
        http://ports.ubuntu.com/pool/main/n/ntp/ntp_4.2.4p4+dfsg-7ubuntu5.2_sparc.deb
          Size/MD5:   449666 7dbdc0aa05e90a9363dfcae003c3e531
        http://ports.ubuntu.com/pool/main/n/ntp/ntpdate_4.2.4p4+dfsg-7ubuntu5.2_sparc.deb
          Size/MD5:    63156 4647b041df35cabb86fb0789e3a083ce
    
    Updated packages for Ubuntu 9.10:
    
      Source archives:
    
        http://security.ubuntu.com/ubuntu/pool/main/n/ntp/ntp_4.2.4p6+dfsg-1ubuntu5.1.diff.gz
          Size/MD5:   344395 26dd6961151053346b36474a18d6412f
        http://security.ubuntu.com/ubuntu/pool/main/n/ntp/ntp_4.2.4p6+dfsg-1ubuntu5.1.dsc
          Size/MD5:     1575 c86cc4fe026ee6830d6564cabeaedc61
        http://security.ubuntu.com/ubuntu/pool/main/n/ntp/ntp_4.2.4p6+dfsg.orig.tar.gz
          Size/MD5:  2836728 bddc66cdc7c35c0cb22cc84cad770c65
    
      Architecture independent packages:
    
        http://security.ubuntu.com/ubuntu/pool/main/n/ntp/ntp-doc_4.2.4p6+dfsg-1ubuntu5.1_all.deb
          Size/MD5:   931324 bcc11545b9399ca7e09268a85fd6eabf
    
      amd64 architecture (Athlon64, Opteron, EM64T Xeon):
    
        http://security.ubuntu.com/ubuntu/pool/main/n/ntp/ntp_4.2.4p6+dfsg-1ubuntu5.1_amd64.deb
          Size/MD5:   529994 c766915925a1cccbd27332232a45e016
        http://security.ubuntu.com/ubuntu/pool/main/n/ntp/ntpdate_4.2.4p6+dfsg-1ubuntu5.1_amd64.deb
          Size/MD5:    70098 968cdde0e47a775cf13b922c7f2308f5
    
      i386 architecture (x86 compatible Intel/AMD):
    
        http://security.ubuntu.com/ubuntu/pool/main/n/ntp/ntp_4.2.4p6+dfsg-1ubuntu5.1_i386.deb
          Size/MD5:   490892 83e3785020b3cb659b6559cb51632333
        http://security.ubuntu.com/ubuntu/pool/main/n/ntp/ntpdate_4.2.4p6+dfsg-1ubuntu5.1_i386.deb
          Size/MD5:    66770 34bd54ff829c032049dc8d7340984b4c
    
      lpia architecture (Low Power Intel Architecture):
    
        http://ports.ubuntu.com/pool/main/n/ntp/ntp_4.2.4p6+dfsg-1ubuntu5.1_lpia.deb
          Size/MD5:   487552 f7ad919e64533aed59112c2fe5c49fd9
        http://ports.ubuntu.com/pool/main/n/ntp/ntpdate_4.2.4p6+dfsg-1ubuntu5.1_lpia.deb
          Size/MD5:    66316 4a2cd9cdf5cfa46ad3784c37f7c29502
    
      powerpc architecture (Apple Macintosh G3/G4/G5):
    
        http://ports.ubuntu.com/pool/main/n/ntp/ntp_4.2.4p6+dfsg-1ubuntu5.1_powerpc.deb
          Size/MD5:   528880 401e4a455acdf2a14c5f556e8cae1911
        http://ports.ubuntu.com/pool/main/n/ntp/ntpdate_4.2.4p6+dfsg-1ubuntu5.1_powerpc.deb
          Size/MD5:    69390 9e0e3535fbe3ffe61be245ddd22e5d6c
    
      sparc architecture (Sun SPARC/UltraSPARC):
    
        http://ports.ubuntu.com/pool/main/n/ntp/ntp_4.2.4p6+dfsg-1ubuntu5.1_sparc.deb
          Size/MD5:   499646 6059b8a5f9f216b8de00eed901af902e
        http://ports.ubuntu.com/pool/main/n/ntp/ntpdate_4.2.4p6+dfsg-1ubuntu5.1_sparc.deb
          Size/MD5:    67272 8d04c1e93ca4acd7a4eaac04008326b3
    
    You are not authorised to post comments.

    Comments powered by CComment

    LinuxSecurity Poll

    What do you think of the articles on LinuxSecurity?

    No answer selected. Please try again.
    Please select either existing option or enter your own, however not both.
    Please select minimum 0 answer(s) and maximum 3 answer(s).
    /main-polls/24-what-do-you-think-of-the-quality-of-the-articles-on-linuxsecurity?task=poll.vote&format=json
    24
    radio
    [{"id":"87","title":"Excellent, don't change a thing!","votes":"64","type":"x","order":"1","pct":57.14,"resources":[]},{"id":"88","title":"Should be more technical","votes":"15","type":"x","order":"2","pct":13.39,"resources":[]},{"id":"89","title":"Should include more HOWTOs","votes":"33","type":"x","order":"3","pct":29.46,"resources":[]}]["#ff5b00","#4ac0f2","#b80028","#eef66c","#60bb22","#b96a9a","#62c2cc"]["rgba(255,91,0,0.7)","rgba(74,192,242,0.7)","rgba(184,0,40,0.7)","rgba(238,246,108,0.7)","rgba(96,187,34,0.7)","rgba(185,106,154,0.7)","rgba(98,194,204,0.7)"]350
    bottom200

    We use cookies to provide and improve our services. By using our site, you consent to our Cookie Policy.