Opened 9 years ago

Closed 9 years ago

#5971 closed enhancement (fixed)

ntp-4.2.8

Reported by: Fernando de Oliveira Owned by: Fernando de Oliveira
Priority: high Milestone: 7.7
Component: BOOK Version: SVN
Severity: major Keywords:
Cc:

Description (last modified by Fernando de Oliveira)

http://www.eecis.udel.edu/~ntp/ntp_spool/ntp4/ntp-4.2/ntp-4.2.8.tar.gz

http://lists.ntp.org/pipermail/announce/2014-December/000122.html

Summary of the announcement:

Harlan Stenn stenn at ntp.org
Mon Dec 22 00:42:24 UTC 2014

...

NTP 4.2.8 (Harlan Stenn <stenn at ntp.org>, 2014/12/18) 
 
Focus: Security and Bug fixes, enhancements.
 
Severity: HIGH
 
In addition to bug fixes and enhancements, this release fixes the
following high-severity vulnerabilities:

************************** vv NOTE WELL vv *****************************

The vulnerabilities listed below can be significantly mitigated by
following the BCP of putting

 restrict default ... noquery

in the ntp.conf file.  With the exception of:

   receive(): missing return on error
   References: Sec 2670 / CVE-2014-9296 / VU#852879

below (which is a limited-risk vulnerability), none of the recent
vulnerabilities listed below can be exploited if the source IP is
restricted from sending a 'query'-class packet by your ntp.conf file.

************************** ^^ NOTE WELL ^^ *****************************

* Weak default key in config_auth().
...
* Non-cryptographic random number generator with weak seed used by
  ntp-keygen to generate symmetric keys.
...
* Buffer overflow in crypto_recv()
...
* Buffer overflow in ctl_putdata()
...
* Buffer overflow in configure()
...
* receive(): missing return on error
...

See http://support.ntp.org/security for more information.

New features / changes in this release:

Important Changes

* Internal NTP Era counters
...
* ntpdc responses disabled by default
...

Change History (3)

comment:1 by Fernando de Oliveira, 9 years ago

Description: modified (diff)
Priority: normalhigh
Severity: normalmajor

comment:2 by Fernando de Oliveira, 9 years ago

Owner: changed from blfs-book@… to Fernando de Oliveira
Status: newassigned

comment:3 by Fernando de Oliveira, 9 years ago

Resolution: fixed
Status: assignedclosed

Fixed at r15247.

Note: See TracTickets for help on using tickets.