Detections
Analytics

Amazon Linux AMI : ntp (ALAS-2015-593)

high Nessus Plugin ID 85751

Language:

Synopsis

The remote Amazon Linux AMI host is missing a security update.

Description

As discussed upstream, a flaw was found in the way ntpd processed certain remote configuration packets. Note that remote configuration is disabled by default in NTP. (CVE-2015-5146)

It was found that the :config command can be used to set the pidfile and driftfile paths without any restrictions. A remote attacker could use this flaw to overwrite a file on the file system with a file containing the pid of the ntpd process (immediately) or the current estimated drift of the system clock (in hourly intervals).
(CVE-2015-7703)

It was found that ntpd could crash due to an uninitialized variable when processing malformed logconfig configuration commands.
(CVE-2015-5194)

It was found that ntpd exits with a segmentation fault when a statistics type that was not enabled during compilation (e.g.
timingstats) is referenced by the statistics or filegen configuration command. (CVE-2015-5195)

It was discovered that sntp would hang in an infinite loop when a crafted NTP packet was received, related to the conversion of the precision value in the packet to double. (CVE-2015-5219)

A flaw was found in the way the ntp-keygen utility generated MD5 symmetric keys on big-endian systems. An attacker could possibly use this flaw to guess generated MD5 keys, which could then be used to spoof an NTP client or server. (CVE-2015-3405)

Solution

Run 'yum update ntp' to update your system.

See Also

http://www.nessus.org/u?e1d497be

https://alas.aws.amazon.com/ALAS-2015-593.html

Plugin Details

Severity: High

ID: 85751

File Name: ala_ALAS-2015-593.nasl

Version: 2.10

Type: local

Agent: unix

Published: 9/3/2015

Updated: 6/22/2020

Supported Sensors: Agentless Assessment, Continuous Assessment, Frictionless Assessment Agent, Frictionless Assessment AWS, Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Low

Score: 3.6

CVSS v2

Risk Factor: Medium

Base Score: 5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:N/A:N

CVSS v3

Risk Factor: High

Base Score: 7.5

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Vulnerability Information

CPE: p-cpe:/a:amazon:linux:ntpdate, p-cpe:/a:amazon:linux:ntp, p-cpe:/a:amazon:linux:ntp-debuginfo, p-cpe:/a:amazon:linux:ntp-perl, cpe:/o:amazon:linux, p-cpe:/a:amazon:linux:ntp-doc

Required KB Items: Host/local_checks_enabled, Host/AmazonLinux/release, Host/AmazonLinux/rpm-list

Patch Publication Date: 2/9/2016

Vulnerability Publication Date: 7/21/2017

Reference Information

CVE: CVE-2015-3405, CVE-2015-5146, CVE-2015-5194, CVE-2015-5195, CVE-2015-5219, CVE-2015-7703

ALAS: 2015-593