Vous êtes ici: index » cert » avis

Avis du CERT RENATER

Par défaut, cette page vous affichera les derniers messages envoyés par le CERT RENATER à la communauté. Vous pouvez affiner par année ou par type de message. Si aucun critère n'est précisé, seuls les derniers messages sont affichés

Date : Tue, 7 Jun 2016 11:27:35 +0200
Type : VULN
Sujet : CERT-Renater : 2016/VULN238 (NTP : June 2016 ntp-4.2.8p8 NTP Security Vulnerability Announcement)
===================================================================
                                 CERT-Renater

                     Note d'Information No. 2016/VULN238
_____________________________________________________________________

DATE                : 07/06/2016

HARDWARE PLATFORM(S): /

OPERATING SYSTEM(S): Systems running NTP versions versions prior to
                                         4.2.8p8.

======================================================================
http://support.ntp.org/bin/view/Main/SecurityNotice#Recent_Vulnerabilities
https://www.kb.cert.org/vuls/id/321640
____________________________________________________________________

June 2016 ntp-4.2.8p8 NTP Security Vulnerability Announcement (HIGH)

NTF's NTP Project has been notified of the following 1 high- and 4
low-severity vulnerabilities, which are fixed in ntp-4.2.8p8.

ntp-4.2.8p8 is scheduled to be released on 2 June 2016.

      Sec 3046 / CVE-2016-4957 / VU#321640: Crypto-NAK crash
          Reported by Nicolas Edet of Cisco.
      Sec 3045 / CVE-2016-4953 / VU#321640: Bad authentication
          demobilizes ephemeral associations
          Reported by Miroslav Lichvar of Red Hat.
      Sec 3044 / CVE-2016-4954 / VU#321640: Processing spoofed server
          packets
          Reported by Jakub Prokes of Red Hat.
      Sec 3043 / CVE-2016-4955 / VU#321640: Autokey association reset
          Reported by Miroslav Lichvar of Red Hat.
      Sec 3042 / CVE-2016-4956 / VU#321640: Broadcast interleave
          Reported by Miroslav Lichvar of Red Hat.

Timeline:

      160602: ntp-4.2.8p8 released.
      160526: CERT notification, including availability of pre-release
              patches. See: https://www.kb.cert.org/vuls/id/321640
      160524: NTP Consortium members at the Partner and Premier levels
              received pre-release patch access.

____________________________________________________________________


Vulnerability Note VU#321640

NTP.org ntpd is vulnerable to denial of service and other
vulnerabilities

Original Release date: 02 juin 2016 | Last revised: 06 juin 2016


Overview

NTP.org's reference implementation of NTP server, ntpd, contains
multiple vulnerabilities.


Description

NTP.org's reference implementation of NTP server, ntpd, contains
multiple vulnerabilities. A brief overview follows, but details may be
found in NTP's security advisory listing and in the individual links
below.

CRYPTO-NAK denial of service introduced in Sec 3007 patch. See Sec
3046, CVE-2016-4957. The CVSS score below describes this vulnerability.

Bad authentication demobilizes ephemeral associations. See Sec 3045,
CVE-2016-4953.

Processing of spoofed server packets affects peer variables. See Sec
3044, CVE-2016-4954.

Autokey associations may be reset when repeatedly receiving spoofed
packets. See Sec 3043, CVE-2016-4955.

Broadcast associations are not covered in Sec 2978 patch, which may be
leveraged to flip broadcast clients into interleave mode. See Sec 3042,
CVE-2016-4956.


Impact

Unauthenticated, remote attackers may be able to spoof or send
specially crafted packets to create denial of service conditions.


Solution

Apply an update

The vendor has released version 4.2.8p8 to address these issues. Users
are encouraged to update to the latest release. Those unable to update
should consider mitigations listed in NTP's security advisory listing.


Vendor Information (Learn More)

Vendor                  Status    Date Notified  Date Updated
FreeBSD Project         Affected  27 May 2016    06 Jun 2016
NTP Project             Affected  25 May 2016    02 Jun 2016
ACCESS                  Unknown   27 May 2016    27 May 2016
Alcatel-Lucent          Unknown	  27 May 2016    27 May 2016
Apple                   Unknown	  27 May 2016    27 May 2016
Arista Networks, Inc.   Unknown	  27 May 2016    27 May 2016
Aruba Networks          Unknown	  27 May 2016    27 May 2016
AT&T                    Unknown	  27 May 2016    27 May 2016
Avaya, Inc.             Unknown	  27 May 2016    27 May 2016
Belkin, Inc.            Unknown	  27 May 2016    27 May 2016
Blue Coat Systems       Unknown	  27 May 2016    27 May 2016
CA Technologies         Unknown	  27 May 2016    27 May 2016
CentOS                  Unknown	  27 May 2016    27 May 2016
Check Point Software Technologies  Unknown   27 May 2016    27 May 2016
Cisco                   Unknown	  27 May 2016	27 May 2016


If you are a vendor and your product is affected, let us know.


CVSS Metrics (Learn More)

Group 	Score 	Vector
Base 	7,8 	AV:N/AC:L/Au:N/C:N/I:N/A:C
Temporal 	6,4 	E:F/RL:OF/RC:C
Environmental 	6,4 	CDP:N/TD:H/CR:ND/IR:ND/AR:ND


References

      http://support.ntp.org/bin/view/Main/NtpBug3007
      http://support.ntp.org/bin/view/Main/NtpBug3046
      http://support.ntp.org/bin/view/Main/NtpBug3045
      http://support.ntp.org/bin/view/Main/NtpBug3044
      http://support.ntp.org/bin/view/Main/NtpBug3043
      http://support.ntp.org/bin/view/Main/NtpBug2978
      http://support.ntp.org/bin/view/Main/NtpBug3042

Credit

The NTP Project credits Nicolas Edet of Cisco, Miroslav Lichvar of
Red Hat, and Jakub Prokes of Red Hat for reporting these
vulnerabilities.

This document was written by Joel Land.


Other Information

      CVE IDs: CVE-2016-4953 CVE-2016-4954 CVE-2016-4955 CVE-2016-4956
               CVE-2016-4957
      Date Public: 02 juin 2016
      Date First Published: 02 juin 2016
      Date Last Updated: 06 juin 2016
      Document Revision: 8


Feedback

If you have feedback, comments, or additional information about
this vulnerability, please send us email.


==========================================================
Serveur de référence du CERT-Renater
https://services.renater.fr/ssi/
==========================================================
+ CERT-RENATER          | tel : 01-53-94-20-44           +
+ 23 - 25 Rue Daviel    | fax : 01-53-94-20-41           +
+ 75013 Paris           | email: cert@support.renater.fr +
==========================================================

[An attachment of type application/pkcs7-signature was included here]