Summary: | <net-misc/ntp-4.2.8_p2: two vulnerabilities (CVE-2015-{1798,1799}) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Agostino Sarubbo <ago> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | minor | CC: | base-system, cilly |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | http://support.ntp.org/bin/view/Main/SecurityNotice#Recent_Vulnerabilities | ||
Whiteboard: | B3 [glsa cve] | ||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | 553682 | ||
Bug Blocks: |
Description
Agostino Sarubbo
2015-04-07 15:59:39 UTC
*** Bug 545990 has been marked as a duplicate of this bug. *** Commit message: Version bump http://sources.gentoo.org/net-misc/ntp/ntp-4.2.8_p2.ebuild?rev=1.1 (In reply to SpanKY from comment #2) > Commit message: Version bump > http://sources.gentoo.org/net-misc/ntp/ntp-4.2.8_p2.ebuild?rev=1.1 !!! Couldn't download 'ntp-4.2.8p2-manpages.tar.bz2'. Aborting. * Fetch failed for 'net-misc/ntp-4.2.8_p2', Log file: * '/var/tmp/portage/net-misc/ntp-4.2.8_p2/temp/build.log' >>> Failed to emerge net-misc/ntp-4.2.8_p2 (In reply to cilly from comment #3) uploaded CVE-2015-1799 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1799): The symmetric-key feature in the receive function in ntp_proto.c in ntpd in NTP 3.x and 4.x before 4.2.8p2 performs state-variable updates upon receiving certain invalid packets, which makes it easier for man-in-the-middle attackers to cause a denial of service (synchronization loss) by spoofing the source IP address of a peer. CVE-2015-1798 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2015-1798): The symmetric-key feature in the receive function in ntp_proto.c in ntpd in NTP 4.x before 4.2.8p2 requires a correct MAC only if the MAC field has a nonzero length, which makes it easier for man-in-the-middle attackers to spoof packets by omitting the MAC. Added to an existing GLSA Request. Maintainer(s), please drop the vulnerable version(s). Maintainer(s), please drop the vulnerable version(s). This issue was resolved and addressed in GLSA 201509-01 at https://security.gentoo.org/glsa/201509-01 by GLSA coordinator Kristian Fiskerstrand (K_F). Re-Opening for Cleanup Maintainer(s), please drop the vulnerable version(s). Arches and Maintainer(s), Thank you for your work. closing |