漏洞类别:Ubuntu
漏洞等级: 
漏洞信息
It was discovered that NTP incorrectly handled authenticated broadcast mode.
It was discovered that NTP incorrectly verified peer associations of symmetric keys.
It was discovered that the NTP ntpq utility incorrectly handled memory.
It was discovered that the NTP ntpq utility incorrectly handled dangerous characters in filenames.
It was discovered that NTP incorrectly handled large restrict lists.
It was discovered that NTP incorrectly handled authenticated broadcast mode.
It was discovered that NTP incorrectly handled origin timestamp checks.
It was discovered that the NTP ntpq utility did not properly handle certain incorrect values.
It was discovered that the NTP cronjob incorrectly cleaned up the statistics directory.
It was discovered that NTP incorrectly validated crypto-NAKs.
It was discovered that NTP incorrectly handled switching to interleaved symmetric mode.
It was discovered that NTP incorrectly handled message authentication.
It was discovered that NTP incorrectly handled duplicate IPs on unconfig directives.
It was discovered that NTP incorrectly handled certail peer associations.
It was discovered that NTP incorrectly handled certain spoofed packets.
It was discovered that NTP incorrectly handled certain packets when autokey is enabled.
It was discovered that NTP incorrectly handled certain spoofed broadcast packets.
In the default installation, attackers would be isolated by the NTP AppArmor profile.
漏洞危害
A remote attacker could use this issue to perform a replay attack. (CVE-2015-7973)
A remote attacker could use this issue to perform an impersonation attack. (CVE-2015-7974)
An attacker could possibly use this issue to cause ntpq to crash, resulting in a denial of service. This issue only affected Ubuntu 16.04 LTS. (CVE-2015-7975)
An attacker could possibly use this issue to overwrite arbitrary files. (CVE-2015-7976)
An attacker could use this issue to cause NTP to crash, resulting in a denial of service. (CVE-2015-7977, CVE-2015-7978)
A remote attacker could use this issue to cause NTP to crash, resulting in a denial of service. (CVE-2015-7979)
(CVE-2015-8138)
An attacker could possibly use this issue to cause ntpq to hang, resulting in a denial of service. (CVE-2015-8158)
A local attacker could possibly use this to escalate privileges. (CVE-2016-0727)
A remote attacker could possibly use this issue to prevent clients from synchronizing. (CVE-2016-1547)
A remote attacker could possibly use this issue to prevent clients from synchronizing. (CVE-2016-1548)
A remote attacker could possibly use this issue to recover the message digest key. (CVE-2016-1550)
An authenticated remote attacker could possibly use this issue to cause NTP to crash, resulting in a denial of service. (CVE-2016-2516)
A remote attacker could possibly use this issue to cause NTP to crash, resulting in a denial of service. (CVE-2016-2518)
A remote attacker could possibly use this issue to cause a denial of service. (CVE-2016-4954)
A remote attacker could possibly use this issue to cause a denial of service. (CVE-2016-4955)
A remote attacker could possibly use this issue to cause a denial of service. (CVE-2016-4956)
解决方案
Refer to Ubuntu advisory USN-3096-1 for affected packages and patching details, or update with your package manager.
Patch:
Following are links for downloading patches to fix the vulnerabilities:
USN-3096-1: 12.04 (Precise) on src (ntp)
0day
文章评论