ntp-4.2.6p5-10.1.0.1.AXS4
エラータID: AXSA:2016-472:03
リリース日:
2016/06/08 Wednesday - 15:04
題名:
ntp-4.2.6p5-10.1.0.1.AXS4
影響のあるチャネル:
Asianux Server 4 for x86_64
Asianux Server 4 for x86
Severity:
Moderate
Description:
以下項目について対処しました。
[Security Fix]
- 現時点では CVE-2015-7979,CVE-2016-1547, CVE-2016-1548, CVE-2016-1550, CVE-2016-2518 の情報が公開されておりません。
CVE の情報が公開され次第情報をアップデートいたします。
一部CVEの翻訳文はJVNからの引用になります。
http://jvndb.jvn.jp/
解決策:
パッケージをアップデートしてください。
CVE:
CVE-2015-7979
NTP before 4.2.8p6 and 4.3.x before 4.3.90 allows remote attackers to cause a denial of service (client-server association tear down) by sending broadcast packets with invalid authentication to a broadcast client.
NTP before 4.2.8p6 and 4.3.x before 4.3.90 allows remote attackers to cause a denial of service (client-server association tear down) by sending broadcast packets with invalid authentication to a broadcast client.
CVE-2016-1547
An off-path attacker can cause a preemptible client association to be demobilized in NTP 4.2.8p4 and earlier and NTPSec a5fb34b9cc89b92a8fef2f459004865c93bb7f92 by sending a crypto NAK packet to a victim client with a spoofed source address of an existing associated peer. This is true even if authentication is enabled.
An off-path attacker can cause a preemptible client association to be demobilized in NTP 4.2.8p4 and earlier and NTPSec a5fb34b9cc89b92a8fef2f459004865c93bb7f92 by sending a crypto NAK packet to a victim client with a spoofed source address of an existing associated peer. This is true even if authentication is enabled.
CVE-2016-1548
An attacker can spoof a packet from a legitimate ntpd server with an origin timestamp that matches the peer->dst timestamp recorded for that server. After making this switch, the client in NTP 4.2.8p4 and earlier and NTPSec aa48d001683e5b791a743ec9c575aaf7d867a2b0c will reject all future legitimate server responses. It is possible to force the victim client to move time after the mode has been changed. ntpq gives no indication that the mode has been switched.
An attacker can spoof a packet from a legitimate ntpd server with an origin timestamp that matches the peer->dst timestamp recorded for that server. After making this switch, the client in NTP 4.2.8p4 and earlier and NTPSec aa48d001683e5b791a743ec9c575aaf7d867a2b0c will reject all future legitimate server responses. It is possible to force the victim client to move time after the mode has been changed. ntpq gives no indication that the mode has been switched.
CVE-2016-1550
An exploitable vulnerability exists in the message authentication functionality of libntp in ntp 4.2.8p4 and NTPSec a5fb34b9cc89b92a8fef2f459004865c93bb7f92. An attacker can send a series of crafted messages to attempt to recover the message digest key.
An exploitable vulnerability exists in the message authentication functionality of libntp in ntp 4.2.8p4 and NTPSec a5fb34b9cc89b92a8fef2f459004865c93bb7f92. An attacker can send a series of crafted messages to attempt to recover the message digest key.
CVE-2016-2518
The MATCH_ASSOC function in NTP before version 4.2.8p9 and 4.3.x before 4.3.92 allows remote attackers to cause an out-of-bounds reference via an addpeer request with a large hmode value.
The MATCH_ASSOC function in NTP before version 4.2.8p9 and 4.3.x before 4.3.92 allows remote attackers to cause an out-of-bounds reference via an addpeer request with a large hmode value.
追加情報:
N/A
ダウンロード:
SRPMS
- ntp-4.2.6p5-10.1.0.1.AXS4.src.rpm
MD5: b982c80f60dd772f7a191612e08e1a9e
SHA-256: 578f35412e1c19375a1a068c03e94d00db9393b0c6aa6bd1ad4ab7f6e1231f9c
Size: 4.12 MB
Asianux Server 4 for x86
- ntp-4.2.6p5-10.1.0.1.AXS4.i686.rpm
MD5: cb857734e19dd12f82ba99cce2d44fe4
SHA-256: f265603c21958ea2a49b90ade0a1f2743d5fabd5d0c273045c9b02d657a9dea0
Size: 592.48 kB - ntpdate-4.2.6p5-10.1.0.1.AXS4.i686.rpm
MD5: befc99c0672a972c345cb49682d1a0d1
SHA-256: 90b187e16839acbffd3c92ab34e62086ce8c9d1af820565936314687e53fa095
Size: 77.20 kB
Asianux Server 4 for x86_64
- ntp-4.2.6p5-10.1.0.1.AXS4.x86_64.rpm
MD5: b8bab674aa041e8e22e87c36ffc9b858
SHA-256: a4dc1753e4417e528cf11821bd545a6a6e8060e7ff6e39c30c0c0157edcb98f2
Size: 597.59 kB - ntpdate-4.2.6p5-10.1.0.1.AXS4.x86_64.rpm
MD5: 1d2efc402a209ad76462e26bc1630c7b
SHA-256: 4188b3376c2e079ce5ba4d0de4fbec7b6585558437e3006b1ba026344886cf4d
Size: 77.30 kB
English