Stay Secure with the Latest Linux Advisories

security advisorydenial of servicecritical

Arch Linux: ASA-202310-15 Significant NTP Security Vulnerability

The package ntp before version 4.2.8-1 is vulnerable to multiple issues including but not limited to arbitrary code execution, denial of service and weak key generation. . Arch Linux Security Advisory ASA-201412-24 ========================================= Severity: Critical Date : 2014-12-22 CVE-ID : CVE-2014-9293 CVE-2014-9294 CVE-2014-9295 CVE-2014-9296 Package : ntp Type : multiple issues Remote : Yes Link : https://wiki.archlinux.org/title/CVE-2014 Summary ====== The package ntp before version 4.2.8-1 is vulnerable to multiple issues including but not limited to arbitrary code execution, denial of service and weak key generation. Resolution ========= Upgrade to 4.2.8-1. # pacman -Syu "ntp> =4.2.8-1" The problems have been fixed upstream in version 4.2.8. Workaround ========= None. Description ========== Keys explicitly generated by "ntp-keygen -M" should be regenerated. - CVE-2014-9293 (weak key generation) ntpd generated a weak key for its internal use, with full administrative privileges. Attackers could use this key to reconfigure ntpd (or to exploit other vulnerabilities). - CVE-2014-9294 (weak key generation) The ntp-keygen utility generated weak MD5 keys with insufficient entropy, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via a brute-force attack. - CVE-2014-9295 (arbitrary code execution) Multiple stack-based buffer overflows in allow remote attackers to execute arbitrary code via a crafted packet, related to (1) the crypto_recv function when the Autokey Authentication feature is used, (2) the ctl_putdata function, and (3) the configure function. - CVE-2014-9296 (unintended association change) The receive function in ntp_proto.c continues to execute after detecting a certain authentication error, which might allow remote attackers to trigger an unintended association change via crafted packets. Impact ===== A remote attacker is able to craft packets leading to arbitrarycode execution, denial of service or make use of a weak key generation flaw to perform cryptographic attacks against the authentication. References ========= https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9293 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9294 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9295 https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9296 https://bugs.ntp.org/show_bug.cgi?id=2665 https://bugs.ntp.org/show_bug.cgi?id=2666 https://bugs.ntp.org/show_bug.cgi?id=2667 https://bugs.ntp.org/show_bug.cgi?id=2670 . The Arch Linux Security Announcement ASA-201501-30 reveals crucial vulnerabilities in OpenSSL tied to memory corruption and poor cryptographic standards, along with a provided fix. Arch Linux Advisory, NTP Security Issues, Critical Vulnerabilities. . Severity: Critical. LinuxSecurity.com Team

Dec 22, 2014 •Critical ArchLinux