Risk | Medium |
Patch available | YES |
Number of vulnerabilities | 5 |
CVE-ID | CVE-2017-6464 CVE-2017-6458 CVE-2017-6451 CVE-2017-6463 CVE-2017-6462 |
CWE-ID | CWE-20 CWE-120 CWE-787 CWE-16 |
Exploitation vector | Network |
Public exploit | N/A |
Vulnerable software Subscribe |
Amazon Linux AMI Operating systems & Components / Operating system |
Vendor | Amazon Web Services |
Security Bulletin
This security bulletin contains information about 5 vulnerabilities.
EUVDB-ID: #VU7390
Risk: Medium
CVSSv3.1: 6.7 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2017-6464
CWE-ID:
CWE-20 - Improper input validation
Exploit availability: No
DescriptionThe vulnerability allows a remote authenticated attacker to cause DoS condition.
The weakness exists due to improper input validation. A remote attacker can use malformed mode configuration directive to trigger memory corruption and cause the system to crash.
Successful exploitation of the vulnerability results in denial of service.
Update the affected packages.
i686:Vulnerable software versions
ntp-4.2.6p5-44.34.amzn1.i686
ntpdate-4.2.6p5-44.34.amzn1.i686
ntp-debuginfo-4.2.6p5-44.34.amzn1.i686
noarch:
ntp-doc-4.2.6p5-44.34.amzn1.noarch
ntp-perl-4.2.6p5-44.34.amzn1.noarch
src:
ntp-4.2.6p5-44.34.amzn1.src
x86_64:
ntpdate-4.2.6p5-44.34.amzn1.x86_64
ntp-4.2.6p5-44.34.amzn1.x86_64
ntp-debuginfo-4.2.6p5-44.34.amzn1.x86_64
Amazon Linux AMI: All versions
External linkshttp://alas.aws.amazon.com/ALAS-2017-816.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU7386
Risk: Low
CVSSv3.1: 3.8 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2017-6458
CWE-ID:
CWE-120 - Buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a remote authenticated attacker to cause DoS condition.
The weakness exists due to multiple buffer overflows in the ctl_put() functions in NTP. A remote attacker can an overly long string argument, trigger memory corruption and cause the application to crash.
Successful exploitation of the vulnerability results in denial of service.
Update the affected packages.
i686:Vulnerable software versions
ntp-4.2.6p5-44.34.amzn1.i686
ntpdate-4.2.6p5-44.34.amzn1.i686
ntp-debuginfo-4.2.6p5-44.34.amzn1.i686
noarch:
ntp-doc-4.2.6p5-44.34.amzn1.noarch
ntp-perl-4.2.6p5-44.34.amzn1.noarch
src:
ntp-4.2.6p5-44.34.amzn1.src
x86_64:
ntpdate-4.2.6p5-44.34.amzn1.x86_64
ntp-4.2.6p5-44.34.amzn1.x86_64
ntp-debuginfo-4.2.6p5-44.34.amzn1.x86_64
Amazon Linux AMI: All versions
External linkshttp://alas.aws.amazon.com/ALAS-2017-816.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU7385
Risk: Low
CVSSv3.1: 7.7 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:C/C:H/I:H/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2017-6451
CWE-ID:
CWE-787 - Out-of-bounds write
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to execute arbitrary code on the target system.
The weakness exists due to improper handling of the return value of the snprintf function by the mx4200_send function in the legacy MX4200 refclock in NTP. A local attacker can trigger out-of-bounds memory write and execute arbitrary code with root privileges.
Successful exploitation of the vulnerability may result in system compromise.
Update the affected packages.
i686:Vulnerable software versions
ntp-4.2.6p5-44.34.amzn1.i686
ntpdate-4.2.6p5-44.34.amzn1.i686
ntp-debuginfo-4.2.6p5-44.34.amzn1.i686
noarch:
ntp-doc-4.2.6p5-44.34.amzn1.noarch
ntp-perl-4.2.6p5-44.34.amzn1.noarch
src:
ntp-4.2.6p5-44.34.amzn1.src
x86_64:
ntpdate-4.2.6p5-44.34.amzn1.x86_64
ntp-4.2.6p5-44.34.amzn1.x86_64
ntp-debuginfo-4.2.6p5-44.34.amzn1.x86_64
Amazon Linux AMI: All versions
External linkshttp://alas.aws.amazon.com/ALAS-2017-816.html
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU12125
Risk: Medium
CVSSv3.1: 6.7 [CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:N/A:H/E:U/RL:O/RC:C]
CVE-ID: CVE-2017-6463
CWE-ID:
CWE-16 - Configuration
Exploit availability: No
DescriptionThe vulnerability allows a remote authenticated attacker to cause DoS condition on the target system.
The weakness exists in the unpeer option due to the NTP server's parsing of configuration directives. A remote attacker can submit a specially crafted message and cause the service to crash.
Update the affected packages.
i686:Vulnerable software versions
ntp-4.2.6p5-44.34.amzn1.i686
ntpdate-4.2.6p5-44.34.amzn1.i686
ntp-debuginfo-4.2.6p5-44.34.amzn1.i686
noarch:
ntp-doc-4.2.6p5-44.34.amzn1.noarch
ntp-perl-4.2.6p5-44.34.amzn1.noarch
src:
ntp-4.2.6p5-44.34.amzn1.src
x86_64:
ntpdate-4.2.6p5-44.34.amzn1.x86_64
ntp-4.2.6p5-44.34.amzn1.x86_64
ntp-debuginfo-4.2.6p5-44.34.amzn1.x86_64
Amazon Linux AMI: All versions
External linkshttp://alas.aws.amazon.com/ALAS-2017-816.html
Q & A
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.
EUVDB-ID: #VU7389
Risk: Low
CVSSv3.1: 2.9 [CVSS:3.1/AV:L/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:L/E:U/RL:O/RC:C]
CVE-ID: CVE-2017-6462
CWE-ID:
CWE-120 - Buffer overflow
Exploit availability: No
DescriptionThe vulnerability allows a local attacker to cause DoS condition.
The weakness exists due to buffer overflow in the legacy Datum Programmable Time Server (DPTS) refclock driver in NTP. A remote attacker can send specially crafted packets, trigger memory corruption and cause the application to crash.
Successful exploitation of the vulnerability results in denial of service.
Update the affected packages.
i686:Vulnerable software versions
ntp-4.2.6p5-44.34.amzn1.i686
ntpdate-4.2.6p5-44.34.amzn1.i686
ntp-debuginfo-4.2.6p5-44.34.amzn1.i686
noarch:
ntp-doc-4.2.6p5-44.34.amzn1.noarch
ntp-perl-4.2.6p5-44.34.amzn1.noarch
src:
ntp-4.2.6p5-44.34.amzn1.src
x86_64:
ntpdate-4.2.6p5-44.34.amzn1.x86_64
ntp-4.2.6p5-44.34.amzn1.x86_64
ntp-debuginfo-4.2.6p5-44.34.amzn1.x86_64
Amazon Linux AMI: All versions
External linkshttp://alas.aws.amazon.com/ALAS-2017-816.html
Q & A
Can this vulnerability be exploited remotely?
No. This vulnerability can be exploited locally. The attacker should have authentication credentials and successfully authenticate on the system.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.