what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New

Cisco Security Advisory 20151021-ntp

Cisco Security Advisory 20151021-ntp
Posted Oct 21, 2015
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - Multiple Cisco products incorporate a version of the ntpd package. Versions of this package are affected by one or more vulnerabilities that could allow an unauthenticated, remote attacker to create a denial of service (DoS) condition or modify the time being advertised by a device acting as a network time protocol (NTP) server. On October 21st, 2015, NTP.org released a security advisory detailing 13 issues regarding multiple DoS vulnerabilities, information disclosure vulnerabilities, and logic issues that may result in an attacker gaining the ability to modify an NTP server's advertised time.

tags | advisory, remote, denial of service, vulnerability, protocol, info disclosure
systems | cisco
advisories | CVE-2015-7691, CVE-2015-7692, CVE-2015-7701, CVE-2015-7702, CVE-2015-7703, CVE-2015-7704, CVE-2015-7705, CVE-2015-7848, CVE-2015-7849, CVE-2015-7850, CVE-2015-7851, CVE-2015-7852, CVE-2015-7853, CVE-2015-7854, CVE-2015-7855, CVE-2015-7871
SHA-256 | 6ebc284ba57243b45f2bce8db6f2a2f67c881ca4c1e93c7fa6a8b5eff989e55a

Cisco Security Advisory 20151021-ntp

Change Mirror Download
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Cisco Security Advisory: Multiple Vulnerabilities in ntpd Affecting Cisco Products - October 2015

Advisory ID: cisco-sa-20151021-ntp

Version 1.0: Interim

For Public Release 2015 October 21 23:00 UTC (GMT)

+---------------------------------------------------------------------

Summary
=======

Multiple Cisco products incorporate a version of the ntpd package. Versions of this package are affected by one or more vulnerabilities that could allow an unauthenticated, remote attacker to create a denial of service (DoS) condition or modify the time being advertised by a device acting as a network time protocol (NTP) server.

On October 21st, 2015, NTP.org released a security advisory detailing 13 issues regarding multiple DoS vulnerabilities, information disclosure vulnerabilities, and logic issues that may result in an attacker gaining the ability to modify an NTP server's advertised time. The vulnerabilities covered in this document are as follows:

CVE-2015-7691 - Denial of Service AutoKey Malicious Message
CVE-2015-7692 - Denial of Service AutoKey Malicious Message
CVE-2015-7701 - Denial of Service CRYPTO_ASSOC Memory Leak
CVE-2015-7702 - Denial of Service AutoKey Malicious Message
CVE-2015-7703 - Configuration Directive File Overwrite Vulnerability
CVE-2015-7704 - Denial of Service by Spoofed Kiss-o'-Death
CVE-2015-7705 - Denial of Service by Priming the Pump
CVE-2015-7848 - Network Time Protocol ntpd multiple integer overflow read access violations
CVE-2015-7849 - Network Time Protocol Trusted Keys Memory Corruption Vulnerability
CVE-2015-7850 - Network Time Protocol Remote Configuration Denial of Service Vulnerability
CVE-2015-7851 - Network Time Protocol ntpd saveconfig Directory Traversal Vulnerability
CVE-2015-7852 - Network Time Protocol ntpq atoascii Memory Corruption Vulnerability
CVE-2015-7853 - Network Time Protocol Reference Clock Memory Corruption Vulnerability
CVE-2015-7854 - Network Time Protocol Password Length Memory Corruption Vulnerability
CVE-2015-7855 - Denial of Service Long Control Packet Message
CVE-2015-7871 - NAK to the Future: NTP Symmetric Association Authentication Bypass Vulnerability

Additional details on each of the vulnerabilities can be found at the following links:

Official Security Advisory from ntp.org: http://support.ntp.org/bin/view/Main/SecurityNotice#Recent_Vulnerabilities
Boston University: http://www.cs.bu.edu/~goldbe/NTPattack.html
Cisco TALOS: http://talosintel.com/vulnerability-reports/

Cisco will release software updates that address these vulnerabilities.

Workarounds that mitigate one or more of the vulnerabilities may be available for certain products, please see the individual Cisco Bug IDs for details.

This advisory is available at the following link:
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151021-ntp

-----BEGIN PGP SIGNATURE-----
Comment: GPGTools - http://gpgtools.org

iQIcBAEBCAAGBQJWKD7JAAoJEIpI1I6i1Mx3IkQP/2aE4lwydg/U8+iPTaHddTzl
XkkpY5ElrKXZ7v2eEPOEGDiH8sVAH/bV2vlfaoglLWu8eCBKncwqltEYQBKY3WmY
eDKxqcN0uXu3lZ6pgiscYiGVySmP2uAvYcIyz/LEfXh9YoWIQFuZdu1lQU7+2Npq
ZnLXwu6jUu5w3FBeOwnzX8tgpPFVUeKyF4h2huQkr/s4J48SXopMcVHHQmbY8Gay
FNroabYYrWjEdMIcWwMG2hQGLgF2IEjQzrzKBoge0dPdyRNb3MBLdAPY0nU0hgCd
I/VOArDynjbH659u+7Qk6qJYGsL7QvX/+7QhitHyqCiGBlCWZCFsYZoFN6BbhDS5
BaJDc/9EPrlzixMrZ0kxqEdrMfhg+JaEUNzwXDBVIuiswTjUAryImQVh3T5gaJYf
8SbpFjWiXrQChPUrLx/alEiUvavcqX192b3fBijgnkoiM7XJWwBBXk+dh4KyjgiG
8HjCCQXcvC+JJ4myPvu1iRIaG4hX2GDtagni0tLaSgqnyPlEmOSxhFuBTWpwWJbq
zRYj+0KQI84B6tReTPt+d+bm7/ZjQu4s+nGzLnJDwmpsSeu5+0zA953uoWCwpnjo
Hwi6reeBa7z+zdXzka3cEtiOVgpKVvhY9j1z1aBEd9EGtxIcolRT89IblT3Ga+z5
inBEFRMskVkLPpyKtE6Y
=3aoR
-----END PGP SIGNATURE-----
Login or Register to add favorites

File Archive:

March 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Mar 1st
    16 Files
  • 2
    Mar 2nd
    0 Files
  • 3
    Mar 3rd
    0 Files
  • 4
    Mar 4th
    32 Files
  • 5
    Mar 5th
    28 Files
  • 6
    Mar 6th
    42 Files
  • 7
    Mar 7th
    17 Files
  • 8
    Mar 8th
    13 Files
  • 9
    Mar 9th
    0 Files
  • 10
    Mar 10th
    0 Files
  • 11
    Mar 11th
    15 Files
  • 12
    Mar 12th
    19 Files
  • 13
    Mar 13th
    21 Files
  • 14
    Mar 14th
    38 Files
  • 15
    Mar 15th
    15 Files
  • 16
    Mar 16th
    0 Files
  • 17
    Mar 17th
    0 Files
  • 18
    Mar 18th
    10 Files
  • 19
    Mar 19th
    32 Files
  • 20
    Mar 20th
    46 Files
  • 21
    Mar 21st
    16 Files
  • 22
    Mar 22nd
    13 Files
  • 23
    Mar 23rd
    0 Files
  • 24
    Mar 24th
    0 Files
  • 25
    Mar 25th
    12 Files
  • 26
    Mar 26th
    31 Files
  • 27
    Mar 27th
    19 Files
  • 28
    Mar 28th
    42 Files
  • 29
    Mar 29th
    0 Files
  • 30
    Mar 30th
    0 Files
  • 31
    Mar 31st
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2022 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close