what you don't know can hurt you
Home Files News &[SERVICES_TAB]About Contact Add New

Mandriva Linux Security Advisory 2009-328

Mandriva Linux Security Advisory 2009-328
Posted Dec 10, 2009
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2009-328 - Robin Park and Dmitri Vinokurov discovered a flaw in the way ntpd handled certain malformed NTP packets. ntpd logged information about all such packets and replied with an NTP packet that was treated as malformed when received by another ntpd. A remote attacker could use this flaw to create an NTP packet reply loop between two ntpd servers via a malformed packet with a spoofed source IP address and port, causing ntpd on those servers to use excessive amounts of CPU time and fill disk space with log messages. This update provides a solution to this vulnerability.

tags | advisory, remote, spoof
systems | linux, mandriva
advisories | CVE-2009-3563
SHA-256 | 04933083a65371fdd2f4b01740b0e330568ee4a0a8655c66a0bda801808d0605

Mandriva Linux Security Advisory 2009-328

Change Mirror Download

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

_______________________________________________________________________

Mandriva Linux Security Advisory MDVSA-2009:328
http://www.mandriva.com/security/
_______________________________________________________________________

Package : ntp
Date : December 8, 2009
Affected: 2008.0, 2009.0, 2009.1, 2010.0, Corporate 3.0, Corporate 4.0,
Enterprise Server 5.0, Multi Network Firewall 2.0
_______________________________________________________________________

Problem Description:

A vulnerability has been found and corrected in ntp:

Robin Park and Dmitri Vinokurov discovered a flaw in the way ntpd
handled certain malformed NTP packets. ntpd logged information about
all such packets and replied with an NTP packet that was treated as
malformed when received by another ntpd. A remote attacker could use
this flaw to create an NTP packet reply loop between two ntpd servers
via a malformed packet with a spoofed source IP address and port,
causing ntpd on those servers to use excessive amounts of CPU time
and fill disk space with log messages (CVE-2009-3563).

This update provides a solution to this vulnerability.
_______________________________________________________________________

References:

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3563
_______________________________________________________________________

Updated Packages:

Mandriva Linux 2008.0:
7377623e9f89c5f6f6cc7af577974458 2008.0/i586/ntp-4.2.4-10.3mdv2008.0.i586.rpm
977fdaf289c9eff53fb6d563b8a60ede 2008.0/i586/ntp-client-4.2.4-10.3mdv2008.0.i586.rpm
e2701dc192a578b141f9408d355522b6 2008.0/i586/ntp-doc-4.2.4-10.3mdv2008.0.i586.rpm
167e3a9dbf1bd10fd576e6a91a2cbc10 2008.0/SRPMS/ntp-4.2.4-10.3mdv2008.0.src.rpm

Mandriva Linux 2008.0/X86_64:
4fa28ef04548ded3dc604ea61a671cc5 2008.0/x86_64/ntp-4.2.4-10.3mdv2008.0.x86_64.rpm
b79353be7c2da1fadf3bc55c2c06a6a6 2008.0/x86_64/ntp-client-4.2.4-10.3mdv2008.0.x86_64.rpm
c93dd45fc32ece044874c09aac85ce66 2008.0/x86_64/ntp-doc-4.2.4-10.3mdv2008.0.x86_64.rpm
167e3a9dbf1bd10fd576e6a91a2cbc10 2008.0/SRPMS/ntp-4.2.4-10.3mdv2008.0.src.rpm

Mandriva Linux 2009.0:
6a38837b845970b62520f48273362485 2009.0/i586/ntp-4.2.4-18.5mdv2009.0.i586.rpm
4f9d98a186c4ca4348f8296fde0bf174 2009.0/i586/ntp-client-4.2.4-18.5mdv2009.0.i586.rpm
0ae26de5f1bddba4c2718a55463d94b7 2009.0/i586/ntp-doc-4.2.4-18.5mdv2009.0.i586.rpm
45b55bdbde84289b20e295b9dbf188fb 2009.0/SRPMS/ntp-4.2.4-18.5mdv2009.0.src.rpm

Mandriva Linux 2009.0/X86_64:
e31f3f71e730e5777d9832cd76430b17 2009.0/x86_64/ntp-4.2.4-18.5mdv2009.0.x86_64.rpm
67a998da616d287fe9e15092bbd45ff6 2009.0/x86_64/ntp-client-4.2.4-18.5mdv2009.0.x86_64.rpm
ab02dd7a3457f0ba75248390827c69a4 2009.0/x86_64/ntp-doc-4.2.4-18.5mdv2009.0.x86_64.rpm
45b55bdbde84289b20e295b9dbf188fb 2009.0/SRPMS/ntp-4.2.4-18.5mdv2009.0.src.rpm

Mandriva Linux 2009.1:
b6597f0ee96ec99c7ddbe5e18a588e48 2009.1/i586/ntp-4.2.4-22.3mdv2009.1.i586.rpm
069667f851886c39daa0309a5e920619 2009.1/i586/ntp-client-4.2.4-22.3mdv2009.1.i586.rpm
9d5b87f008f00ad30b3c652e5f62eea2 2009.1/i586/ntp-doc-4.2.4-22.3mdv2009.1.i586.rpm
e2686dd1237f529bb08f2837052fb46f 2009.1/SRPMS/ntp-4.2.4-22.3mdv2009.1.src.rpm

Mandriva Linux 2009.1/X86_64:
e88121b38c942c572b61ba7631130104 2009.1/x86_64/ntp-4.2.4-22.3mdv2009.1.x86_64.rpm
c10eaf7ecbeb3b5db5eac978cb2ae78e 2009.1/x86_64/ntp-client-4.2.4-22.3mdv2009.1.x86_64.rpm
8ff34e79ed1f88fa2e7b7e8030232a30 2009.1/x86_64/ntp-doc-4.2.4-22.3mdv2009.1.x86_64.rpm
e2686dd1237f529bb08f2837052fb46f 2009.1/SRPMS/ntp-4.2.4-22.3mdv2009.1.src.rpm

Mandriva Linux 2010.0:
2913258a9be65654a3ce5e16c1bd5b25 2010.0/i586/ntp-4.2.4-27.1mdv2010.0.i586.rpm
90cf8d7f8fb468461f8b8baf7d97daa4 2010.0/i586/ntp-client-4.2.4-27.1mdv2010.0.i586.rpm
0b8527559ef05049461cea2f5a83bd6d 2010.0/i586/ntp-doc-4.2.4-27.1mdv2010.0.i586.rpm
7bbd4271086ace434dd8a958bc7c2488 2010.0/SRPMS/ntp-4.2.4-27.1mdv2010.0.src.rpm

Mandriva Linux 2010.0/X86_64:
2e938e58d48f3f581ffaab085dacc1f2 2010.0/x86_64/ntp-4.2.4-27.1mdv2010.0.x86_64.rpm
cde3421867c549169751f2964420a578 2010.0/x86_64/ntp-client-4.2.4-27.1mdv2010.0.x86_64.rpm
d9799e7286a49420699d3995e8bc1e47 2010.0/x86_64/ntp-doc-4.2.4-27.1mdv2010.0.x86_64.rpm
7bbd4271086ace434dd8a958bc7c2488 2010.0/SRPMS/ntp-4.2.4-27.1mdv2010.0.src.rpm

Corporate 3.0:
65dda36544e7a43175abfd64aa725b34 corporate/3.0/i586/ntp-4.2.0-2.4.C30mdk.i586.rpm
a485cad0631598335af0e89ea399ff9d corporate/3.0/SRPMS/ntp-4.2.0-2.4.C30mdk.src.rpm

Corporate 3.0/X86_64:
44130a38552f20b3f34d176c47aa5aab corporate/3.0/x86_64/ntp-4.2.0-2.4.C30mdk.x86_64.rpm
a485cad0631598335af0e89ea399ff9d corporate/3.0/SRPMS/ntp-4.2.0-2.4.C30mdk.src.rpm

Corporate 4.0:
a2f5a598865d390f7c537fc9e1a9a758 corporate/4.0/i586/ntp-4.2.0-21.7.20060mlcs4.i586.rpm
f7eb3884bc0aa71f8237d9500d24489e corporate/4.0/i586/ntp-client-4.2.0-21.7.20060mlcs4.i586.rpm
d2ed46d981570f66763f85c822b14179 corporate/4.0/SRPMS/ntp-4.2.0-21.7.20060mlcs4.src.rpm

Corporate 4.0/X86_64:
1bd4395c9c80b583bad4ce5085c0d557 corporate/4.0/x86_64/ntp-4.2.0-21.7.20060mlcs4.x86_64.rpm
95f812f672cf79fccee411154c23d6ee corporate/4.0/x86_64/ntp-client-4.2.0-21.7.20060mlcs4.x86_64.rpm
d2ed46d981570f66763f85c822b14179 corporate/4.0/SRPMS/ntp-4.2.0-21.7.20060mlcs4.src.rpm

Mandriva Enterprise Server 5:
16e3975f3e4bb9a830eb1e8166f2fec7 mes5/i586/ntp-4.2.4-18.5mdvmes5.i586.rpm
2af9623d6f3685d54dd4db31f9622f7a mes5/i586/ntp-client-4.2.4-18.5mdvmes5.i586.rpm
5abb771d456b4094d123c5cf24701aee mes5/i586/ntp-doc-4.2.4-18.5mdvmes5.i586.rpm
086a05988392a6602c023f4e453bcc32 mes5/SRPMS/ntp-4.2.4-18.5mdvmes5.src.rpm

Mandriva Enterprise Server 5/X86_64:
9b40b186bf9ebeb70c1350f9a158ac92 mes5/x86_64/ntp-4.2.4-18.5mdvmes5.x86_64.rpm
f4a42229dc9b408b04f0c83aa3a25720 mes5/x86_64/ntp-client-4.2.4-18.5mdvmes5.x86_64.rpm
2022447e5d9dbf6ee1a6e594935b1d04 mes5/x86_64/ntp-doc-4.2.4-18.5mdvmes5.x86_64.rpm
086a05988392a6602c023f4e453bcc32 mes5/SRPMS/ntp-4.2.4-18.5mdvmes5.src.rpm

Multi Network Firewall 2.0:
56a2596fd513295f0700508c08a6a3da mnf/2.0/i586/ntp-4.2.0-2.4.C30mdk.i586.rpm
f8218643f02c3168e0331852630835a0 mnf/2.0/SRPMS/ntp-4.2.0-2.4.C30mdk.src.rpm
_______________________________________________________________________

To upgrade automatically use MandrivaUpdate or urpmi. The verification
of md5 checksums and GPG signatures is performed automatically for you.

All packages are signed by Mandriva for security. You can obtain the
GPG public key of the Mandriva Security Team by executing:

gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

You can view other update advisories for Mandriva Linux at:

http://www.mandriva.com/security/advisories

If you want to report vulnerabilities, please contact

security_(at)_mandriva.com
_______________________________________________________________________

Type Bits/KeyID Date User ID
pub 1024D/22458A98 2000-07-10 Mandriva Security Team
<security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (GNU/Linux)

iD8DBQFLHtsAmqjQ0CJFipgRAi1pAKDUH87qI312n3XHGnl4TgVNC+IuvACbBhUw
nLO5FqSyfvZaqSNZ93vTSUw=
=XCg1
-----END PGP SIGNATURE-----
Login or Register to add favorites

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    44 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close