Vous êtes ici: index » cert » avis

Avis du CERT RENATER

Par défaut, cette page vous affichera les derniers messages envoyés par le CERT RENATER à la communauté. Vous pouvez affiner par année ou par type de message. Si aucun critère n'est précisé, seuls les derniers messages sont affichés

Date : Thu, 22 Oct 2015 16:26:11 +0200
Type : VULN
Sujet : CERT-Renater : 2015/VULN224 (Cisco : Multiple Vulnerabilities in ntpd Affecting Cisco Products - October 2015)
===================================================================
                                CERT-Renater

                    Note d'Information No. 2015/VULN224
_____________________________________________________________________

DATE                : 22/10/2015

HARDWARE PLATFORM(S): /

OPERATING SYSTEM(S): Cisco software running ntpd.

======================================================================
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151021-ntp
_____________________________________________________________________

Cisco Security Advisory: Multiple Vulnerabilities in ntpd Affecting
Cisco Products - October 2015

Advisory ID: cisco-sa-20151021-ntp

Version 1.0:  Interim

For Public Release 2015 October 21 23:00  UTC (GMT)

+---------------------------------------------------------------------

Summary
=======

Multiple Cisco products incorporate a version of the ntpd package.
Versions of this package are affected by one or more vulnerabilities
that could allow an unauthenticated, remote attacker to create a denial
of service (DoS) condition or modify the time being advertised by a
device acting as a network time protocol (NTP) server.

On October 21st, 2015, NTP.org released a security advisory detailing
13 issues regarding multiple DoS vulnerabilities, information
disclosure vulnerabilities, and logic issues that may result in an
attacker gaining the ability to modify an NTP server's advertised time.
The vulnerabilities covered in this document are as follows:

      CVE-2015-7691  - Denial of Service AutoKey Malicious Message
      CVE-2015-7692  - Denial of Service AutoKey Malicious Message
      CVE-2015-7701  - Denial of Service CRYPTO_ASSOC Memory Leak
      CVE-2015-7702  - Denial of Service AutoKey Malicious Message
      CVE-2015-7703  - Configuration Directive File Overwrite
       Vulnerability
      CVE-2015-7704  - Denial of Service by Spoofed Kiss-o'-Death
      CVE-2015-7705  - Denial of Service by Priming the Pump
      CVE-2015-7848  - Network Time Protocol ntpd multiple integer
       overflow read access violations
      CVE-2015-7849  - Network Time Protocol Trusted Keys Memory
       Corruption Vulnerability
      CVE-2015-7850  - Network Time Protocol Remote Configuration Denial
       of Service Vulnerability
      CVE-2015-7851  - Network Time Protocol ntpd saveconfig Directory
       Traversal Vulnerability
      CVE-2015-7852  - Network Time Protocol ntpq atoascii Memory
       Corruption Vulnerability
      CVE-2015-7853  - Network Time Protocol Reference Clock Memory
       Corruption Vulnerability
      CVE-2015-7854  - Network Time Protocol Password Length Memory
       Corruption Vulnerability
      CVE-2015-7855  - Denial of Service Long Control Packet Message
      CVE-2015-7871  - NAK to the Future: NTP Symmetric Association
       Authentication Bypass Vulnerability

Additional details on each of the vulnerabilities can be found at the 
following links:

Official Security Advisory from ntp.org:
http://support.ntp.org/bin/view/Main/SecurityNotice#Recent_Vulnerabilities
Boston University: http://www.cs.bu.edu/~goldbe/NTPattack.html
Cisco TALOS: http://talosintel.com/vulnerability-reports/

Cisco will release software updates that address these vulnerabilities.

Workarounds that mitigate one or more of the vulnerabilities may be
available for certain products, please see the individual Cisco Bug IDs
for details.

This advisory is available at the following link:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151021-ntp

=========================================================
Serveur de référence du CERT-Renater
https://services.renater.fr/ssi/
==========================================================
+ CERT-RENATER          | tel : 01-53-94-20-44           +
+ 23 - 25 Rue Daviel    | fax : 01-53-94-20-41           +
+ 75013 Paris           | email: cert@support.renater.fr +
==========================================================

[An attachment of type application/pkcs7-signature was included here]