Stay Secure with the Latest Linux Advisories
Refine advisories
X Clear Filters
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Loading...
Explore Latest Linux Security advisories
We found -3 articles for you...
198
security advisorymedium severityarbitrary code executionArch Linux: ASA-201810-2 Medium: NTP Arbitrary Code Execution
The package ntp before version 4.2.8.p12-1 is vulnerable to arbitrary code execution. . Arch Linux Security Advisory ASA-201810-2 ======================================== Severity: Medium Date : 2018-10-01 CVE-ID : CVE-2018-12327 Package : ntp Type : arbitrary code execution Remote : No Link : https://security.archlinux.org/AVG-723 Summary ====== The package ntp before version 4.2.8.p12-1 is vulnerable to arbitrary code execution. Resolution ========= Upgrade to 4.2.8.p12-1. # pacman -Syu "ntp> =4.2.8.p12-1" The problem has been fixed upstream in version 4.2.8.p12. Workaround ========= None. Description ========== Stack-based buffer overflow in ntpq and ntpdc of NTP version 4.2.8p11 allows an attacker to achieve code execution or escalate to higher privileges via a long string as the argument for an IPv4 or IPv6 command-line parameter. Impact ===== A local attacker is able to execute arbitrary code via specially crafted command line options. References ========= https://gist.github.com/fakhrizulkifli/9b58ed8e0354e8deee50b0eebd1c011f ;REV=5b3ba863G-42Ac2TFzCy-PZ8vqNfVA https://security.archlinux.org/CVE-2018-12327 . Debian Security Advisory DSA-2023-1234 discusses the openssl package flaw that could lead to unauthorized data exposure.. arbitrary code execution, ntp security patch, arch linux advisory. . Severity: Medium. LinuxSecurity.com Team
Oct 01, 2018
•Medium
ArchLinux
198
security advisorydenial of servicehigh severityArch Linux: 201606-4 High Severity: Ntp DDoS Amplification Risk
The package ntp before version 4.2.8.p8-1 can be used to amplify distributed denial of service (DDoS) attacks. . Arch Linux Security Advisory ASA-201606-4 ======================================== Severity: High Date : 2016-06-04 CVE-ID : CVE-2016-4953 CVE-2016-4954 CVE-2016-4955 CVE-2016-4956 CVE-2016-4957 Package : ntp Type : distributed denial of service amplification Remote : Yes Link : https://wiki.archlinux.org/title/CVE Summary ====== The package ntp before version 4.2.8.p8-1 can be used to amplify distributed denial of service (DDoS) attacks. Resolution ========= Upgrade to 4.2.8.p8-1. # pacman -Syu "ntp> =4.2.8.p8-1" The problem has been fixed upstream in version 4.2.8.p8. Workaround ========= Implement ingress and egress filtering through BCP38. Description ========== - CVE-2016-4953 (distributed denial of service amplification) An attacker who knows the origin timestamp and can send a spoofed packet containing a CRYPTO-NAK to an ephemeral peer target before any other response is sent can demobilize that association. Credit to Miroslav Lichvar of Red Hat - CVE-2016-4954 (distributed denial of service amplification) An attacker who is able to spoof packets with correct origin timestamps from enough servers before the expected response packets arrive at the target machine can affect some peer variables and, for example, cause a false leap indication to be set. Credit to Jakub Prokes of Red Hat - CVE-2016-4955 (distributed denial of service amplification) An attacker who is able to spoof a packet with a correct origin timestamp before the expected response packet arrives at the target machine can send a CRYPTO_NAK or a bad MAC and cause the association's peer variables to be cleared. If this can be done often enough, it will prevent that association from working. Credit to Miroslav Lichvar of Red Hat - CVE-2016-4956 (distributed denial of service amplification) The fix for NtpBug2978 does not cover broadcastassociations, so broadcast clients can be triggered to flip into interleave mode. Credit to Miroslav Lichvar of Red Hat - CVE-2016-4957 (distributed denial of service amplification) The fix for Sec 3007 in ntp-4.2.8p7 contained a bug that could cause ntpd to crash. Credit to Nicolas Edet of Cisco Impact ===== A remote attacker can utilize unpatched or improperly filtered NTP servers as participants in distributed denial of service attacks (DDoS). References ========= http://www.ntp.org/support/securitynotice/ntpbug3042/ https://access.redhat.com/security/cve/cve-2016-4956 http://www.ntp.org/support/securitynotice/ntpbug3043/ https://access.redhat.com/security/cve/cve-2016-4955 http://www.ntp.org/support/securitynotice/ntpbug3044/ https://access.redhat.com/security/cve/cve-2016-4954 http://www.ntp.org/support/securitynotice/ntpbug3045/ https://access.redhat.com/security/cve/cve-2016-4953 http://www.ntp.org/support/securitynotice/ntpbug3046/ https://access.redhat.com/security/cve/cve-2016-4957 . Critical Arch Linux announcement regarding ntp package vulnerabilities, focusing on potential DDoS amplification threats and recommended actions for users to mitigate risks.. DDoS Attacks,Ntp Package Security,Arch Linux Advisory,Denial Of Service,Network Security. . LinuxSecurity.com Team
Jun 04, 2016
ArchLinux
99
security advisoryslackwaremoderate riskSlackware 14.1: 2015-188-04 Moderate: NTP Remote Configuration Issue
New ntp packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix a security issue. . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] ntp (SSA:2015-188-03) New ntp packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix a security issue. Here are the details from the Slackware 14.1 ChangeLog: +--------------------------+ patches/packages/ntp-4.2.8p3-i486-1_slack14.1.txz: Upgraded. This update fixes a security issue where under specific circumstances an attacker can send a crafted packet to cause a vulnerable ntpd instance to crash. Since this requires 1) ntpd set up to allow remote configuration (not allowed by default), and 2) knowledge of the configuration password, and 3) access to a computer entrusted to perform remote configuration, the vulnerability is considered low-risk. For more information, see: https://www.cve.org/CVERecord?id=CVE-2015-5146 (* Security fix *) +--------------------------+ Where to find the new packages: +-----------------------------+ Thanks to the friendly folks at the OSU Open Source Lab (https://osuosl.org/) for donating FTP and rsync hosting to the Slackware project! :-) Also see the "Get Slack" section on http://www.slackware.com/ for additional mirror sites near you. Updated package for Slackware 13.0: Updated package for Slackware x86_64 13.0: Updated package for Slackware 13.1: Updated package for Slackware x86_64 13.1: Updated package for Slackware 13.37: Updated package for Slackware x86_64 13.37: Updated package for Slackware 14.0: Updated package for Slackware x86_64 14.0: Updated package for Slackware 14.1: Updated package for Slackware x86_64 14.1: Updated package for Slackware -current: Updated package for Slackware x86_64 -current: MD5 signatures: +-------------+ Slackware 13.0 package: a1780621556bf581833f0a46c21812cd ntp-4.2.8p3-i486-1_slack13.0.txz Slackware x86_64 13.0 package: fbece86086ef7e84e02e959cfab92883 ntp-4.2.8p3-x86_64-1_slack13.0.txz Slackware 13.1 package: 020367073707b66ec4992de74b315f0f ntp-4.2.8p3-i486-1_slack13.1.txz Slackware x86_64 13.1 package: 87663d4a7c7699df446fc93705442681 ntp-4.2.8p3-x86_64-1_slack13.1.txz Slackware 13.37 package: c9a263e726932d81eab293725b4cb84f ntp-4.2.8p3-i486-1_slack13.37.txz Slackware x86_64 13.37 package: d2cdaf7078872c162161c5356af82057 ntp-4.2.8p3-x86_64-1_slack13.37.txz Slackware 14.0 package: db95841f80cd3e019109416636e6e8bd ntp-4.2.8p3-i486-1_slack14.0.txz Slackware x86_64 14.0 package: 7f6094e35e892e4d77201602b04430b7 ntp-4.2.8p3-x86_64-1_slack14.0.txz Slackware 14.1 package: cb60dd8aa75c7ac9e7a3a38cc055df9b ntp-4.2.8p3-i486-1_slack14.1.txz Slackware x86_64 14.1 package: bba510875648be7eb2e6f206947824a7 ntp-4.2.8p3-x86_64-1_slack14.1.txz Slackware -current package: db3a89a88447f5886a4b4fe4f24680a7 n/ntp-4.2.8p3-i486-1.txz Slackware x86_64 -current package: feff97f062bf9e536e4ebf31c7bd2361 n/ntp-4.2.8p3-x86_64-1.txz Installation instructions: +------------------------+ Upgrade the package as root: # upgradepkg ntp-4.2.8p3-i486-1_slack14.1.txz Then, restart the NTP daemon: # sh /etc/rc.d/rc.ntpd restart +-----+ . Update the ntp software on different releases of Slackware to address a minor security vulnerability and improve overall system protection.. Slackware Security, ntp Update, Package Management. . LinuxSecurity.com Team
Jul 08, 2015
Slackware
198
security advisorydenial of servicelow severityArch Linux: ASA-201507-6 Low Severity: NTP Buffer Overflow
The package ntp before version 4.2.8.p3-1 is vulnerable to denial of service. . Arch Linux Security Advisory ASA-201507-5 ======================================== Severity: Low Date : 2015-07-07 CVE-ID : CVE-2015-5146 Package : ntp Type : denial of service Remote : Yes Link : https://wiki.archlinux.org/title/CVE Summary ====== The package ntp before version 4.2.8.p3-1 is vulnerable to denial of service. Resolution ========= Upgrade to 4.2.8.p3-1. # pacman -Syu "ntp> =4.2.8.p3-1" The problem has been fixed upstream in version 4.2.8.p3. Workaround ========= Configure ntpd to not allow remote configuration (default setting). Description ========== Under limited and specific circumstances an attacker can send a crafted remote-configuration packet containing a NUL-byte to cause a vulnerable ntpd instance to crash. This requires each of the following to be true: - ntpd set up to allow for remote configuration (not allowed by default) - knowledge of the configuration password - access to a computer entrusted to perform remote configuration Impact ===== A remote attacker is able to send a specially crafted remote-configuration packet that is leading to an application crash resulting in denial of service. References ========= http://www.ntp.org/support/securitynotice/ https://access.redhat.com/security/cve/CVE-2015-5146 . Debian Security Notice: openvpn prior to version 2.4.9-1 is susceptible to remote information exposure vulnerabilities with moderate severity.. Arch Linux, NTP Denial of Service, Security Advisory. . Severity: Low. LinuxSecurity.com Team
Jul 07, 2015
•Low
ArchLinux
99
security advisorysecurity issueupdateSlackware: 2014-356-01 High-Severity Ntp Security Fix for 13.x
New ntp packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix security issues. . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] ntp (SSA:2014-356-01) New ntp packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix security issues. Here are the details from the Slackware 14.1 ChangeLog: +--------------------------+ patches/packages/ntp-4.2.8-i486-1_slack14.1.txz: Upgraded. In addition to bug fixes and enhancements, this release fixes several high-severity vulnerabilities discovered by Neel Mehta and Stephen Roettger of the Google Security Team. For more information, see: https://www.kb.cert.org/vuls/id/852879 https://www.cve.org/CVERecord?id=CVE-2014-9293 https://www.cve.org/CVERecord?id=CVE-2014-9294 https://www.cve.org/CVERecord?id=CVE-2014-9295 https://www.cve.org/CVERecord?id=CVE-2014-9296 (* Security fix *) +--------------------------+ Where to find the new packages: +-----------------------------+ Thanks to the friendly folks at the OSU Open Source Lab (https://osuosl.org/) for donating FTP and rsync hosting to the Slackware project! :-) Also see the "Get Slack" section on http://www.slackware.com/ for additional mirror sites near you. Updated package for Slackware 13.0: Updated package for Slackware x86_64 13.0: Updated package for Slackware 13.1: Updated package for Slackware x86_64 13.1: Updated package for Slackware 13.37: Updated package for Slackware x86_64 13.37: Updated package for Slackware 14.0: Updated package for Slackware x86_64 14.0: Updated package for Slackware 14.1: Updated package for Slackware x86_64 14.1: Updated package for Slackware -current: Updated package for Slackware x86_64 -current: MD5 signatures: +-------------+ Slackware 13.0 package: 18d7f09e90cf2434f59d7e9f11478fba ntp-4.2.8-i486-1_slack13.0.txz Slackware x86_64 13.0 package: edd178e3d2636433dd18f52331af17a5 ntp-4.2.8-x86_64-1_slack13.0.txz Slackware 13.1package: 4b6da6fa564b1fe00920d402ff97bd43 ntp-4.2.8-i486-1_slack13.1.txz Slackware x86_64 13.1 package: 292ae7dbd3ea593c5e28cbba7c2b71fa ntp-4.2.8-x86_64-1_slack13.1.txz Slackware 13.37 package: 294b8197d360f9a3cf8186619b60b73c ntp-4.2.8-i486-1_slack13.37.txz Slackware x86_64 13.37 package: 7cd5b63f8371b1cc369bc56e4b4efd5a ntp-4.2.8-x86_64-1_slack13.37.txz Slackware 14.0 package: 32eab67538c33e4669bda9200799a497 ntp-4.2.8-i486-1_slack14.0.txz Slackware x86_64 14.0 package: 33ecf4845fa8533a12a98879815bde08 ntp-4.2.8-x86_64-1_slack14.0.txz Slackware 14.1 package: f2b45a45c846a909ae201176ce359939 ntp-4.2.8-i486-1_slack14.1.txz Slackware x86_64 14.1 package: 12d7ab6e2541af4d1282621d3773e7f7 ntp-4.2.8-x86_64-1_slack14.1.txz Slackware -current package: 5b2150cee9840d8bb547098cccde879a n/ntp-4.2.8-i486-1.txz Slackware x86_64 -current package: 9ce09c5d6a60d3e2117988e4551e4af1 n/ntp-4.2.8-x86_64-1.txz Installation instructions: +------------------------+ Upgrade the package as root: # upgradepkg ntp-4.2.8-i486-1_slack14.1.txz Then, restart the NTP daemon: # sh /etc/rc.d/rc.ntpd restart +-----+ . Recent ntp updates for Slackware address numerous critical security vulnerabilities, improving overall safety.. Ntp Packages, Slackware Security, Package Updates. . LinuxSecurity.com Team
Dec 23, 2014
Slackware
99
security advisorybuffer overflowcritical updateSlackware 7.1: Urgent Patch for xntp3 Buffer Overflow Vulnerability
The version of xntp3 that shipped with Slackware 7.1 as well as the version that was in Slackware -current contains a buffer overflow bug that could lead to a root compromise.. The version of xntp3 that shipped with Slackware 7.1 as well as the version that was in Slackware -current contains a buffer overflow bug that could lead to a root compromise. Slackware 7.1 and Slackware -current users are urged to upgrade to the new packages available for their release. The updated package available for Slackware 7.1 is a patched version of xntp3. The -current tree has been upgraded to ntp4, which also fixes the problem. If you want to continue using xntp3 on -current, you can use the updated package from the Slackware 7.1 tree and it will work. The updates available are: FOR SLACKWARE 7.1: =============================== xntp3-5.93e AVAILABLE (xntp.tgz) =============================== Patched xntp3-5.93e against recently reported buffer overflow problem. All sites running xntp from Slackware 7.1 should either upgrade to this package or ensure that their /etc/ntp.conf does not allow connections from untrusted hosts. To deny people access to your time daemon (not a bad idea anyway if you're only running ntp to keep your own clock updated) use this in /etc/ntp.conf: # Don't serve time or stats to anyone else restrict default ignore The buffer overflow problem can be fixed by upgrading to this package: --------------------------------------------------------------------- For verification purposes, we provide the following checksums: ------------------------------------------------------------- 16-bit "sum" checksum: 39955 509 xntp.tgz 128-bit MD5 message digest: aefbeb1a1c8d2af8e1d1906f823368bd xntp.tgz Installation instructions for the xntp.tgz package: -------------------------------------------------- Make sure you are not running xntpd on your system. This command should stop the daemon: killall xntpd Check to make sure it's not running: ps -ef | grep xntpd Once you have stopped the daemon, upgrade the package using upgradepkg: upgradepkg xntp.tgz Then you can restart the daemon: /usr/sbin/xntpd FOR SLACKWARE -CURRENT: ================================= ntp-4.0.99k23 AVAILABLE (ntp4.tgz) ================================= This package replaces the xntp.tgz package (which contained xntp3-5.93e). The older version (and all versions prior to ntp-4.0.99k23, which was released yesterday) contain a buffer overflow bug which could lead to a root compromise on sites offering ntp service. The buffer overflow can be fixed by upgrading to the new ntp4.tgz package: ------------------------------------------------------------------------- For verification purposes, we provide the following checksums: ------------------------------------------------------------- 16-bit "sum" checksum: 12988 1167 ntp4.tgz 128-bit MD5 message digest: 8dc3ec08fc63500ff75f640a1894bdd0 ntp4.tgz Installation instructions for the ntp4.tgz package: -------------------------------------------------- Make sure you are not running xntpd on your system. This command should stop the daemon: killall xntpd Check to make sure it's not running: ps -ef | grep xntpd Once you have stopped the daemon, upgrade the package using upgradepkg: upgradepkg xntp%ntp4 Then you can restart the daemon: /usr/sbin/ntpd Remember, it's also a good idea to backup configuration files before upgrading packages. - Slackware Linux Security Team The Slackware Linux Project . The version of xntp3 that shipped with Slackware 7.1 as well as the version that was in Slackware -c. version, slackware, xntp3, shipped. . Severity: Critical. LinuxSecurity.com Team
Apr 09, 2001
•Critical
Slackware
Get the latest News and Insights
Get the latest Linux and open source security news straight to your inbox.
Community Poll
What got you started with Linux?
Search Topics
Powered By
Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases
QUICK LINKS
subscribe to newsletters!
Like staying secure? So do we.
Sign up for updates, tips, and alerts!