SB2017010405 - Amazon Linux AMI update for ntp

CSH
CYBERSECURITY HELP
Sign In REGISTER

Main Vulnerability Database SB2017010405

SB2017010405 - Amazon Linux AMI update for ntp

Published: January 4, 2017

Security Bulletin ID SB2017010405
Severity
Medium
Patch available
YES
Number of vulnerabilities 5
Exploitation vector Remote access
Highest impact Denial of service

Breakdown by Severity

Medium 80% Low 20%
  • Low
  • Medium
  • High
  • Critical

Description

This security bulletin contains information about 5 secuirty vulnerabilities.


1) Data handling (CVE-ID: CVE-2016-7429)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The weakness exists due to changing the peer structure to the interface NTP receives the response from a source. A remote attacker can send a response for a source to an interface the source does not use and cause the service to crash.

2) Resource management errors (CVE-ID: CVE-2016-7426)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The weakness exists due to rate limits responses received from the configured sources when rate limiting for all associations is enabled. A remote attacker can send responses with a spoofed source address and cause the service to crash.

3) NULL pointer dereference (CVE-ID: CVE-2016-9311)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The weakness exists in ntpd due to NULL pointer dereference when the trap service is enabled. A remote attacker can submit a specially crafted packet and cause the service to crash.

4) Incorrect calcualtion (CVE-ID: CVE-2016-7433)

The vulnerability allows a remote attacker to cause DoS condition on the target system.

The weakness exists due to improper performance of the initial sync calculations. A remote attacker can cause the service to crash via unknown vectors, related to a "root distance that did not include the peer dispersion."

5) Improper access control (CVE-ID: CVE-2016-9310)

The vulnerability allows a remote attacker to obtain potentially sensitive information and cause DoS condition on the target system.

The weakness exists in the control mode (mode 6) functionality in ntpd due to improper access control. A remote attacker can set or unset traps via a specially crafted control mode packet, gain access to potentially sensitive information and cause the service to crash.

Remediation

Install update from vendor's website.

References