ID

VAR-201703-1146


CVE

CVE-2017-6458


TITLE

NTP  of  ctl_put*  Buffer overflow vulnerability in function

Trust: 0.8

sources: JVNDB: JVNDB-2017-002167

DESCRIPTION

Multiple buffer overflows in the ctl_put* functions in NTP before 4.2.8p10 and 4.3.x before 4.3.94 allow remote authenticated users to have unspecified impact via a long variable. Pillow is a Python-based image processing library. There is currently no information about this vulnerability, please feel free to follow CNNVD or manufacturer announcements. Attackers can exploit this issue to execute arbitrary code in the context of the affected application. Failed exploit attempts will result in denial-of-service conditions. NTP (Network Time Protocol, Network Time Protocol) is a protocol for synchronizing computer clocks over a network. -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 [slackware-security] ntp (SSA:2017-112-02) New ntp packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, 14.2, and -current to fix security issues. Here are the details from the Slackware 14.2 ChangeLog: +--------------------------+ patches/packages/ntp-4.2.8p10-i586-1_slack14.2.txz: Upgraded. In addition to bug fixes and enhancements, this release fixes security issues of medium and low severity: Denial of Service via Malformed Config (Medium) Authenticated DoS via Malicious Config Option (Medium) Potential Overflows in ctl_put() functions (Medium) Buffer Overflow in ntpq when fetching reslist from a malicious ntpd (Medium) 0rigin DoS (Medium) Buffer Overflow in DPTS Clock (Low) Improper use of snprintf() in mx4200_send() (Low) The following issues do not apply to Linux systems: Privileged execution of User Library code (WINDOWS PPSAPI ONLY) (Low) Stack Buffer Overflow from Command Line (WINDOWS installer ONLY) (Low) Data Structure terminated insufficiently (WINDOWS installer ONLY) (Low) For more information, see: https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6464 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6463 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6458 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6460 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9042 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6462 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6451 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6455 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6452 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-6459 (* Security fix *) +--------------------------+ Where to find the new packages: +-----------------------------+ Thanks to the friendly folks at the OSU Open Source Lab (http://osuosl.org) for donating FTP and rsync hosting to the Slackware project! :-) Also see the "Get Slack" section on http://slackware.com for additional mirror sites near you. Updated package for Slackware 13.0: ftp://ftp.slackware.com/pub/slackware/slackware-13.0/patches/packages/ntp-4.2.8p10-i486-1_slack13.0.txz Updated package for Slackware x86_64 13.0: ftp://ftp.slackware.com/pub/slackware/slackware64-13.0/patches/packages/ntp-4.2.8p10-x86_64-1_slack13.0.txz Updated package for Slackware 13.1: ftp://ftp.slackware.com/pub/slackware/slackware-13.1/patches/packages/ntp-4.2.8p10-i486-1_slack13.1.txz Updated package for Slackware x86_64 13.1: ftp://ftp.slackware.com/pub/slackware/slackware64-13.1/patches/packages/ntp-4.2.8p10-x86_64-1_slack13.1.txz Updated package for Slackware 13.37: ftp://ftp.slackware.com/pub/slackware/slackware-13.37/patches/packages/ntp-4.2.8p10-i486-1_slack13.37.txz Updated package for Slackware x86_64 13.37: ftp://ftp.slackware.com/pub/slackware/slackware64-13.37/patches/packages/ntp-4.2.8p10-x86_64-1_slack13.37.txz Updated package for Slackware 14.0: ftp://ftp.slackware.com/pub/slackware/slackware-14.0/patches/packages/ntp-4.2.8p10-i486-1_slack14.0.txz Updated package for Slackware x86_64 14.0: ftp://ftp.slackware.com/pub/slackware/slackware64-14.0/patches/packages/ntp-4.2.8p10-x86_64-1_slack14.0.txz Updated package for Slackware 14.1: ftp://ftp.slackware.com/pub/slackware/slackware-14.1/patches/packages/ntp-4.2.8p10-i486-1_slack14.1.txz Updated package for Slackware x86_64 14.1: ftp://ftp.slackware.com/pub/slackware/slackware64-14.1/patches/packages/ntp-4.2.8p10-x86_64-1_slack14.1.txz Updated package for Slackware 14.2: ftp://ftp.slackware.com/pub/slackware/slackware-14.2/patches/packages/ntp-4.2.8p10-i586-1_slack14.2.txz Updated package for Slackware x86_64 14.2: ftp://ftp.slackware.com/pub/slackware/slackware64-14.2/patches/packages/ntp-4.2.8p10-x86_64-1_slack14.2.txz Updated package for Slackware -current: ftp://ftp.slackware.com/pub/slackware/slackware-current/slackware/n/ntp-4.2.8p10-i586-1.txz Updated package for Slackware x86_64 -current: ftp://ftp.slackware.com/pub/slackware/slackware64-current/slackware64/n/ntp-4.2.8p10-x86_64-1.txz MD5 signatures: +-------------+ Slackware 13.0 package: e3e18355dbb881f31030c325d396691f ntp-4.2.8p10-i486-1_slack13.0.txz Slackware x86_64 13.0 package: 7ca81f398c6f3fc306cf5e0ce4821ff7 ntp-4.2.8p10-x86_64-1_slack13.0.txz Slackware 13.1 package: bb14e63e0ea28856fb14816848fad378 ntp-4.2.8p10-i486-1_slack13.1.txz Slackware x86_64 13.1 package: 77bee4e0b7d7bae54c431210ba7b20f8 ntp-4.2.8p10-x86_64-1_slack13.1.txz Slackware 13.37 package: 4424d362ec1dcb75d35560cc25f291b8 ntp-4.2.8p10-i486-1_slack13.37.txz Slackware x86_64 13.37 package: 94bea621e2bad59b80553a9516c4ddb6 ntp-4.2.8p10-x86_64-1_slack13.37.txz Slackware 14.0 package: b9edb40c9e94a8248b57f96a0f7d0f49 ntp-4.2.8p10-i486-1_slack14.0.txz Slackware x86_64 14.0 package: d8a52549c46ca33833f68d7b063ab1f2 ntp-4.2.8p10-x86_64-1_slack14.0.txz Slackware 14.1 package: b36dd3b339aff2718dbd541a9f44b0a4 ntp-4.2.8p10-i486-1_slack14.1.txz Slackware x86_64 14.1 package: b55bc11c2aa8d0378005af5dbb105119 ntp-4.2.8p10-x86_64-1_slack14.1.txz Slackware 14.2 package: 1e625a8f4732aa776992210eaac05f04 ntp-4.2.8p10-i586-1_slack14.2.txz Slackware x86_64 14.2 package: 22f25f35765d0cb3ece21e5db79091cd ntp-4.2.8p10-x86_64-1_slack14.2.txz Slackware -current package: 78de6454532d6c7d52242eadab528d64 n/ntp-4.2.8p10-i586-1.txz Slackware x86_64 -current package: 0522a4270909826999d07567e9a9de56 n/ntp-4.2.8p10-x86_64-1.txz Installation instructions: +------------------------+ Upgrade the package as root: # upgradepkg ntp-4.2.8p10-i586-1_slack14.2.txz Then, restart the NTP daemon: # sh /etc/rc.d/rc.ntpd restart NOTE: On Slackware -current, first install the new etc package, and then be sure to move the .new config files and rc.ntpd script into place before restarting! +-----+ Slackware Linux Security Team http://slackware.com/gpg-key security@slackware.com +------------------------------------------------------------------------+ | To leave the slackware-security mailing list: | +------------------------------------------------------------------------+ | Send an email to majordomo@slackware.com with this text in the body of | | the email message: | | | | unsubscribe slackware-security | | | | You will get a confirmation message back containing instructions to | | complete the process. Please do not reply to this email address. | +------------------------------------------------------------------------+ -----BEGIN PGP SIGNATURE----- iEYEARECAAYFAlj7hzYACgkQakRjwEAQIjNVhACdF5bLXhg1/7iHS02DHm90m59w Iv8AnR5vpRBWUQDw3267R3QPXEkAnI3f =0ZW2 -----END PGP SIGNATURE----- . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 APPLE-SA-2017-09-25-1 macOS High Sierra 10.13 macOS High Sierra 10.13 is now available and addresses the following: Application Firewall Available for: OS X Lion v10.8 and later Impact: A previously denied application firewall setting may take effect after upgrading Description: An upgrade issue existed in the handling of firewall settings. This issue was addressed through improved handling of firewall settings during upgrades. CVE-2017-7084: an anonymous researcher AppSandbox Available for: OS X Lion v10.8 and later Impact: An application may be able to cause a denial of service Description: Multiple denial of service issues were addressed through improved memory handling. CVE-2017-7074: Daniel Jalkut of Red Sweater Software Captive Network Assistant Available for: OS X Lion v10.8 and later Impact: A local user may unknowingly send a password unencrypted over the network Description: The security state of the captive portal browser was not obvious. This issue was addressed with improved visibility of the captive portal browser security state. CVE-2017-7143: an anonymous researcher CFNetwork Proxies Available for: OS X Lion v10.8 and later Impact: An attacker in a privileged network position may be able to cause a denial of service Description: Multiple denial of service issues were addressed through improved memory handling. CVE-2017-7083: Abhinav Bansal of Zscaler Inc. CoreAudio Available for: OS X Lion v10.8 and later Impact: An application may be able to read restricted memory Description: An out-of-bounds read was addressed by updating to Opus version 1.1.4. CVE-2017-0381: V.E.O (@VYSEa) of Mobile Threat Research Team, Trend Micro Directory Utility Available for: OS X Lion v10.8 and later Impact: A local attacker may be able to determine the Apple ID of the owner of the computer Description: A permissions issue existed in the handling of the Apple ID. This issue was addressed with improved access controls. CVE-2017-7138: an anonymous researcher file Available for: OS X Lion v10.8 and later Impact: Multiple issues in file Description: Multiple issues were addressed by updating to version 5.30. CVE-2017-7121: found by OSS-Fuzz CVE-2017-7122: found by OSS-Fuzz CVE-2017-7123: found by OSS-Fuzz CVE-2017-7124: found by OSS-Fuzz CVE-2017-7125: found by OSS-Fuzz CVE-2017-7126: found by OSS-Fuzz Heimdal Available for: OS X Lion v10.8 and later Impact: An attacker in a privileged network position may be able to impersonate a service Description: A validation issue existed in the handling of the KDC- REP service name. This issue was addressed through improved validation. CVE-2017-11103: Jeffrey Altman, Viktor Duchovni, and Nico Williams IOFireWireFamily Available for: OS X Lion v10.8 and later Impact: An application may be able to execute arbitrary code with system privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2017-7077: Brandon Azad IOFireWireFamily Available for: OS X Lion v10.8 and later Impact: An application may be able to read restricted memory Description: A validation issue was addressed with improved input sanitization. CVE-2017-7119: Xiaolong Bai, Min (Spark) Zheng of Alibaba Inc., Benjamin Gnahm (@mitp0sh) of PDX Kernel Available for: OS X Lion v10.8 and later Impact: An application may be able to execute arbitrary code with kernel privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2017-7114: Alex Plaskett of MWR InfoSecurity libc Available for: OS X Lion v10.8 and later Impact: A remote attacker may be able to cause a denial-of-service Description: A resource exhaustion issue in glob() was addressed through an improved algorithm. CVE-2017-7086: Russ Cox of Google libc Available for: OS X Lion v10.8 and later Impact: An application may be able to cause a denial of service Description: A memory consumption issue was addressed through improved memory handling. CVE-2017-1000373 libexpat Available for: OS X Lion v10.8 and later Impact: Multiple issues in expat Description: Multiple issues were addressed by updating to version 2.2.1 CVE-2016-9063 CVE-2017-9233 Mail Available for: OS X Lion v10.8 and later Impact: The sender of an email may be able to determine the IP address of the recipient Description: Turning off "Load remote content in messages" did not apply to all mailboxes. This issue was addressed with improved setting propagation. CVE-2017-7141: an anonymous researcher Mail Drafts Available for: OS X Lion v10.8 and later Impact: An attacker with a privileged network position may be able to intercept mail contents Description: An encryption issue existed in the handling of mail drafts. This issue was addressed with improved handling of mail drafts meant to be sent encrypted. CVE-2017-7078: an anonymous researcher, an anonymous researcher, an anonymous researcher ntp Available for: OS X Lion v10.8 and later Impact: Multiple issues in ntp Description: Multiple issues were addressed by updating to version 4.2.8p10 CVE-2017-6451: Cure53 CVE-2017-6452: Cure53 CVE-2017-6455: Cure53 CVE-2017-6458: Cure53 CVE-2017-6459: Cure53 CVE-2017-6460: Cure53 CVE-2017-6462: Cure53 CVE-2017-6463: Cure53 CVE-2017-6464: Cure53 CVE-2016-9042: Matthew Van Gundy of Cisco Screen Lock Available for: OS X Lion v10.8 and later Impact: Application Firewall prompts may appear over Login Window Description: A window management issue was addressed through improved state management. CVE-2017-7082: Tim Kingman Security Available for: OS X Lion v10.8 and later Impact: A revoked certificate may be trusted Description: A certificate validation issue existed in the handling of revocation data. This issue was addressed through improved validation. CVE-2017-7080: Sven Driemecker of adesso mobile solutions gmbh, Rune Darrud (@theflyingcorpse) of BA|rum kommune, an anonymous researcher, an anonymous researcher SQLite Available for: OS X Lion v10.8 and later Impact: Multiple issues in SQLite Description: Multiple issues were addressed by updating to version 3.19.3. CVE-2017-10989: found by OSS-Fuzz CVE-2017-7128: found by OSS-Fuzz CVE-2017-7129: found by OSS-Fuzz CVE-2017-7130: found by OSS-Fuzz SQLite Available for: OS X Lion v10.8 and later Impact: An application may be able to execute arbitrary code with system privileges Description: A memory corruption issue was addressed with improved memory handling. CVE-2017-7127: an anonymous researcher WebKit Available for: OS X Lion v10.8 and later Impact: A malicious website may be able to track users in Safari private browsing mode Description: A permissions issue existed in the handling of web browser cookies. This issue was addressed with improved restrictions. CVE-2017-7144: an anonymous researcher zlib Available for: OS X Lion v10.8 and later Impact: Multiple issues in zlib Description: Multiple issues were addressed by updating to version 1.2.11. CVE-2016-9840 CVE-2016-9841 CVE-2016-9842 CVE-2016-9843 Additional recognition Security We would like to acknowledge Abhinav Bansal of Zscaler, Inc. for their assistance. Installation note: macOS 10.13 may be obtained from the Mac App Store or Apple's Software Downloads web site: https://www.apple.com/support/downloads/ Information will also be posted to the Apple Security Updates web site: https://support.apple.com/kb/HT201222 This message is signed with Apple's Product Security PGP key, and details are available at: https://www.apple.com/support/security/pgp/ -----BEGIN PGP SIGNATURE----- Comment: GPGTools - https://gpgtools.org iQIcBAEBCgAGBQJZyUQfAAoJEIOj74w0bLRGmSEP/0wgqASRSNneoBx/AMLk0Qac mZhI8HuyJRTFwCOT7P7vkZTmoxtyOOdh4XaInvKMsW5I2G64YEmW86pcofHwdOTz TSWIAdus34xErUZ13rMzfg8Z3XAberG1E31QU2y2EXenpJSZIL8nzLgt8ySPVyzu PrQJxGxCMq1WAOSemGe+4rK2rMwpw5UDZyTbNPDi6lfKz0ZmtfvBzrgBq2xhA9iF /2NVs5rRog38N6F6xR6GNqi0dVoZmh1umQINh9nzTn8crbSuI3ixRtQYxstxU91/ 0wrgV03YF297n6bwVhawEDPU8obZzFgQRiKOjghE6h4YBVccWxMI9n42PwVc+G/Z X48wuSavpOEV6WEC+hWtALl/W73uH3jF2iK8rPBcDENheRlFi/y5+XeOK8TGJftS 6raj+IgbgERaY3uXcRoi0mLflpzxvGBYlTiJRRj7H7HFZO6v14hYyEMVrWmhFUiZ Xgy/qxHdWd/NW4AZz8Ke+ZMaJr21DozzI8ejug9shD7O/N31ZNq2qsNmxEweCPvt yMauTPAUutApHTEUXfwCdOy+ZGgTtWDnOC+g3ezkAOdigvjFcwlFH0Sbjxnhxbbp LVLz7tHwyKa5Xcwet0ZRH3WCHBsTzzkpsgxoyEMabE2KGS461uZw20t2uZozNsV0 bniy26PJZ5xGrFOSZYUa =wBKW -----END PGP SIGNATURE----- . ========================================================================== Ubuntu Security Notice USN-3349-1 July 05, 2017 ntp vulnerabilities ========================================================================== A security issue affects these releases of Ubuntu and its derivatives: - Ubuntu 17.04 - Ubuntu 16.10 - Ubuntu 16.04 LTS - Ubuntu 14.04 LTS Summary: Several security issues were fixed in NTP. Software Description: - ntp: Network Time Protocol daemon and utility programs Details: Yihan Lian discovered that NTP incorrectly handled certain large request data values. A remote attacker could possibly use this issue to cause NTP to crash, resulting in a denial of service. This issue only affected Ubuntu 16.04 LTS. (CVE-2016-2519) Miroslav Lichvar discovered that NTP incorrectly handled certain spoofed addresses when performing rate limiting. A remote attacker could possibly use this issue to perform a denial of service. This issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, and Ubuntu 16.10. (CVE-2016-7426) Matthew Van Gundy discovered that NTP incorrectly handled certain crafted broadcast mode packets. A remote attacker could possibly use this issue to perform a denial of service. This issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, and Ubuntu 16.10. (CVE-2016-7427, CVE-2016-7428) Miroslav Lichvar discovered that NTP incorrectly handled certain responses. A remote attacker could possibly use this issue to perform a denial of service. This issue only affected Ubuntu 14.04 LTS, Ubuntu 16.04 LTS, and Ubuntu 16.10. (CVE-2016-7429) Sharon Goldberg and Aanchal Malhotra discovered that NTP incorrectly handled origin timestamps of zero. A remote attacker could possibly use this issue to bypass the origin timestamp protection mechanism. This issue only affected Ubuntu 16.10. (CVE-2016-7431) Brian Utterback, Sharon Goldberg and Aanchal Malhotra discovered that NTP incorrectly performed initial sync calculations. This issue only applied to Ubuntu 16.04 LTS and Ubuntu 16.10. (CVE-2016-7433) Magnus Stubman discovered that NTP incorrectly handled certain mrulist queries. A remote attacker could possibly use this issue to cause NTP to crash, resulting in a denial of service. This issue only affected Ubuntu 16.04 LTS and Ubuntu 16.10. (CVE-2016-7434) Matthew Van Gund discovered that NTP incorrectly handled origin timestamp checks. A remote attacker could possibly use this issue to perform a denial of service. This issue only affected Ubuntu Ubuntu 16.10, and Ubuntu 17.04. (CVE-2016-9042) Matthew Van Gundy discovered that NTP incorrectly handled certain control mode packets. A remote attacker could use this issue to set or unset traps. This issue only applied to Ubuntu 14.04 LTS, Ubuntu 16.04 LTS and Ubuntu 16.10. (CVE-2016-9310) Matthew Van Gundy discovered that NTP incorrectly handled the trap service. A remote attacker could possibly use this issue to cause NTP to crash, resulting in a denial of service. This issue only applied to Ubuntu 14.04 LTS, Ubuntu 16.04 LTS and Ubuntu 16.10. (CVE-2016-9311) It was discovered that NTP incorrectly handled memory when processing long variables. A remote authenticated user could possibly use this issue to cause NTP to crash, resulting in a denial of service. (CVE-2017-6458) It was discovered that NTP incorrectly handled memory when processing long variables. A remote authenticated user could possibly use this issue to cause NTP to crash, resulting in a denial of service. This issue only applied to Ubuntu 16.04 LTS, Ubuntu 16.10 and Ubuntu 17.04. (CVE-2017-6460) It was discovered that the NTP legacy DPTS refclock driver incorrectly handled the /dev/datum device. A local attacker could possibly use this issue to cause a denial of service. (CVE-2017-6462) It was discovered that NTP incorrectly handled certain invalid settings in a :config directive. A remote authenticated user could possibly use this issue to cause NTP to crash, resulting in a denial of service. (CVE-2017-6463) It was discovered that NTP incorrectly handled certain invalid mode configuration directives. A remote authenticated user could possibly use this issue to cause NTP to crash, resulting in a denial of service. (CVE-2017-6464) Update instructions: The problem can be corrected by updating your system to the following package versions: Ubuntu 17.04: ntp 1:4.2.8p9+dfsg-2ubuntu1.1 Ubuntu 16.10: ntp 1:4.2.8p8+dfsg-1ubuntu2.1 Ubuntu 16.04 LTS: ntp 1:4.2.8p4+dfsg-3ubuntu5.5 Ubuntu 14.04 LTS: ntp 1:4.2.6.p5+dfsg-3ubuntu2.14.04.11 In general, a standard system update will make all the necessary changes. References: https://www.ubuntu.com/usn/usn-3349-1 CVE-2016-2519, CVE-2016-7426, CVE-2016-7427, CVE-2016-7428, CVE-2016-7429, CVE-2016-7431, CVE-2016-7433, CVE-2016-7434, CVE-2016-9042, CVE-2016-9310, CVE-2016-9311, CVE-2017-6458, CVE-2017-6460, CVE-2017-6462, CVE-2017-6463, CVE-2017-6464 Package Information: https://launchpad.net/ubuntu/+source/ntp/1:4.2.8p9+dfsg-2ubuntu1.1 https://launchpad.net/ubuntu/+source/ntp/1:4.2.8p8+dfsg-1ubuntu2.1 https://launchpad.net/ubuntu/+source/ntp/1:4.2.8p4+dfsg-3ubuntu5.5 https://launchpad.net/ubuntu/+source/ntp/1:4.2.6.p5+dfsg-3ubuntu2.14.04.11

Trust: 2.88

sources: NVD: CVE-2017-6458 // JVNDB: JVNDB-2017-002167 // CNNVD: CNNVD-202104-975 // BID: 97051 // VULHUB: VHN-114661 // VULMON: CVE-2017-6458 // PACKETSTORM: 142284 // PACKETSTORM: 144366 // PACKETSTORM: 143259

AFFECTED PRODUCTS

vendor:ntpmodel:ntpscope:eqversion:4.2.8

Trust: 1.3

vendor:siemensmodel:simatic net cp 443-1 opc uascope:eqversion:*

Trust: 1.0

vendor:ntpmodel:ntpscope:gteversion:4.3.0

Trust: 1.0

vendor:hpemodel:hpux-ntpscope:ltversion:c.4.2.8.4.0

Trust: 1.0

vendor:applemodel:mac os xscope:gteversion:10.8.0

Trust: 1.0

vendor:applemodel:mac os xscope:ltversion:10.13

Trust: 1.0

vendor:ntpmodel:ntpscope:ltversion:4.3.94

Trust: 1.0

vendor:ntpmodel:ntpscope:ltversion:4.2.8

Trust: 1.0

vendor:ntpmodel:ntpscope:eqversion:4.3.94

Trust: 0.8

vendor:ntpmodel:ntpscope:eqversion:4.2.8p10

Trust: 0.8

vendor:ntpmodel:ntpscope:ltversion:4.3.x

Trust: 0.8

vendor:ntpmodel:ntpscope:eqversion: -

Trust: 0.8

vendor:ntpmodel:ntpscope:eqversion:4.3.43

Trust: 0.6

vendor:ntpmodel:ntpscope:eqversion:4.3.46

Trust: 0.6

vendor:ntpmodel:ntpscope:eqversion:4.3.14

Trust: 0.6

vendor:ntpmodel:ntpscope:eqversion:4.3.44

Trust: 0.6

vendor:ntpmodel:ntpscope:eqversion:4.3.15

Trust: 0.6

vendor:ntpmodel:ntpscope:eqversion:4.3.45

Trust: 0.6

vendor:ntpmodel:ntpscope:eqversion:4.3.16

Trust: 0.6

vendor:ntpmodel:ntpscope:eqversion:4.3.47

Trust: 0.6

vendor:ntpmodel:ntpscope:eqversion:4.3.18

Trust: 0.6

vendor:ntpmodel:ntpscope:eqversion:4.3.17

Trust: 0.6

vendor:ubuntumodel:linuxscope:eqversion:17.04

Trust: 0.3

vendor:ubuntumodel:linuxscope:eqversion:16.10

Trust: 0.3

vendor:ubuntumodel:linux ltsscope:eqversion:16.04

Trust: 0.3

vendor:ubuntumodel:linux ltsscope:eqversion:14.04

Trust: 0.3

vendor:redhatmodel:enterprise linuxscope:eqversion:7

Trust: 0.3

vendor:redhatmodel:enterprise linuxscope:eqversion:6

Trust: 0.3

vendor:redhatmodel:enterprise linuxscope:eqversion:5

Trust: 0.3

vendor:ntpmodel:ntpdscope:eqversion:4.3

Trust: 0.3

vendor:ntpmodel:ntpdscope:eqversion:4.2

Trust: 0.3

vendor:ntpmodel:ntpscope:eqversion:4.3.90

Trust: 0.3

vendor:ntpmodel:ntpscope:eqversion:4.3.25

Trust: 0.3

vendor:ntpmodel:ntpscope:eqversion:4.3

Trust: 0.3

vendor:ntpmodel:ntpscope:eqversion:4.2.6

Trust: 0.3

vendor:ntpmodel:p74scope:eqversion:4.2.5

Trust: 0.3

vendor:ntpmodel:p153scope:eqversion:4.2.5

Trust: 0.3

vendor:ntpmodel:p150scope:eqversion:4.2.5

Trust: 0.3

vendor:ntpmodel:p8scope:eqversion:4.2.4

Trust: 0.3

vendor:ntpmodel:p7scope:eqversion:4.2.4

Trust: 0.3

vendor:ntpmodel:p6scope:eqversion:4.2.4

Trust: 0.3

vendor:ntpmodel:p5scope:eqversion:4.2.4

Trust: 0.3

vendor:ntpmodel:p4scope:eqversion:4.2.4

Trust: 0.3

vendor:ntpmodel:p4scope:eqversion:4.2.2

Trust: 0.3

vendor:ntpmodel:p1scope:eqversion:4.2.2

Trust: 0.3

vendor:ntpmodel:ntpscope:eqversion:4.3.93

Trust: 0.3

vendor:ntpmodel:ntpscope:eqversion:4.3.92

Trust: 0.3

vendor:ntpmodel:ntpscope:eqversion:4.3.77

Trust: 0.3

vendor:ntpmodel:ntpscope:eqversion:4.3.70

Trust: 0.3

vendor:ntpmodel:4.2.8p9scope: - version: -

Trust: 0.3

vendor:ntpmodel:4.2.8p8scope: - version: -

Trust: 0.3

vendor:ntpmodel:4.2.8p7scope: - version: -

Trust: 0.3

vendor:ntpmodel:4.2.8p6scope: - version: -

Trust: 0.3

vendor:ntpmodel:4.2.8p5scope: - version: -

Trust: 0.3

vendor:ntpmodel:4.2.8p4scope: - version: -

Trust: 0.3

vendor:ntpmodel:4.2.8p3-rc1scope: - version: -

Trust: 0.3

vendor:ntpmodel:4.2.8p3scope: - version: -

Trust: 0.3

vendor:ntpmodel:4.2.8p2scope: - version: -

Trust: 0.3

vendor:ntpmodel:4.2.8p1scope: - version: -

Trust: 0.3

vendor:ntpmodel:4.2.7p385scope: - version: -

Trust: 0.3

vendor:ntpmodel:4.2.7p366scope: - version: -

Trust: 0.3

vendor:ntpmodel:4.2.7p22scope: - version: -

Trust: 0.3

vendor:ntpmodel:4.2.7p111scope: - version: -

Trust: 0.3

vendor:ntpmodel:4.2.7p11scope: - version: -

Trust: 0.3

vendor:ntpmodel:4.2.5p3scope: - version: -

Trust: 0.3

vendor:ntpmodel:4.2.5p203scope: - version: -

Trust: 0.3

vendor:ntpmodel:4.2.5p186scope: - version: -

Trust: 0.3

vendor:ntpmodel:4.2.0.ascope: - version: -

Trust: 0.3

vendor:ibmmodel:viosscope:eqversion:2.2

Trust: 0.3

vendor:ibmmodel:aixscope:eqversion:7.1.2

Trust: 0.3

vendor:ibmmodel:aixscope:eqversion:7.1

Trust: 0.3

vendor:ibmmodel:aixscope:eqversion:6.1

Trust: 0.3

vendor:ibmmodel:aixscope:eqversion:5.3

Trust: 0.3

vendor:ntpmodel:ntpscope:neversion:4.3.94

Trust: 0.3

vendor:ntpmodel:4.2.8p10scope:neversion: -

Trust: 0.3

sources: BID: 97051 // JVNDB: JVNDB-2017-002167 // CNNVD: CNNVD-201703-105 // NVD: CVE-2017-6458

CVSS

SEVERITY

CVSSV2

CVSSV3

nvd@nist.gov: CVE-2017-6458
value: HIGH

Trust: 1.0

NVD: CVE-2017-6458
value: HIGH

Trust: 0.8

CNNVD: CNNVD-202104-975
value: MEDIUM

Trust: 0.6

CNNVD: CNNVD-201703-105
value: HIGH

Trust: 0.6

VULHUB: VHN-114661
value: MEDIUM

Trust: 0.1

VULMON: CVE-2017-6458
value: MEDIUM

Trust: 0.1

nvd@nist.gov: CVE-2017-6458
severity: MEDIUM
baseScore: 6.5
vectorString: AV:N/AC:L/AU:S/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 1.9

VULHUB: VHN-114661
severity: MEDIUM
baseScore: 6.5
vectorString: AV:N/AC:L/AU:S/C:P/I:P/A:P
accessVector: NETWORK
accessComplexity: LOW
authentication: SINGLE
confidentialityImpact: PARTIAL
integrityImpact: PARTIAL
availabilityImpact: PARTIAL
exploitabilityScore: 8.0
impactScore: 6.4
acInsufInfo: NONE
obtainAllPrivilege: NONE
obtainUserPrivilege: NONE
obtainOtherPrivilege: NONE
userInteractionRequired: NONE
version: 2.0

Trust: 0.1

nvd@nist.gov: CVE-2017-6458
baseSeverity: HIGH
baseScore: 8.8
vectorString: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: 2.8
impactScore: 5.9
version: 3.1

Trust: 1.0

NVD: CVE-2017-6458
baseSeverity: HIGH
baseScore: 8.8
vectorString: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
attackVector: NETWORK
attackComplexity: LOW
privilegesRequired: LOW
userInteraction: NONE
scope: UNCHANGED
confidentialityImpact: HIGH
integrityImpact: HIGH
availabilityImpact: HIGH
exploitabilityScore: NONE
impactScore: NONE
version: 3.0

Trust: 0.8

sources: VULHUB: VHN-114661 // VULMON: CVE-2017-6458 // JVNDB: JVNDB-2017-002167 // CNNVD: CNNVD-202104-975 // CNNVD: CNNVD-201703-105 // NVD: CVE-2017-6458

PROBLEMTYPE DATA

problemtype:CWE-119

Trust: 1.1

problemtype:Buffer error (CWE-119) [NVD Evaluation ]

Trust: 0.8

sources: VULHUB: VHN-114661 // JVNDB: JVNDB-2017-002167 // NVD: CVE-2017-6458

THREAT TYPE

remote

Trust: 0.7

sources: PACKETSTORM: 143259 // CNNVD: CNNVD-201703-105

TYPE

other

Trust: 0.6

sources: CNNVD: CNNVD-202104-975

PATCH

title:March 2017 ntp-4.2.8p10 NTP Security Vulnerability Announcement Security Noticeurl:http://support.ntp.org/bin/view/Main/SecurityNotice#March_2017_ntp_4_2_8p10_NTP_Secu

Trust: 0.8

title:NTP Buffer error vulnerability fixurl:http://www.cnnvd.org.cn/web/xxk/bdxqById.tag?id=153316

Trust: 0.6

title:Amazon Linux AMI: ALAS-2017-816url:https://vulmon.com/vendoradvisory?qidtp=amazon_linux_ami&qid=ALAS-2017-816

Trust: 0.1

title:Brocade Security Advisories: BSA-2017-294url:https://vulmon.com/vendoradvisory?qidtp=brocade_security_advisories&qid=c22fec7facdf174a5842c3aff3523288

Trust: 0.1

title:Ubuntu Security Notice: ntp vulnerabilitiesurl:https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice&qid=USN-3349-1

Trust: 0.1

title:Apple: macOS High Sierra 10.13url:https://vulmon.com/vendoradvisory?qidtp=apple_security_advisories&qid=dc5ef303c64758e2c6d76a32028764e1

Trust: 0.1

title:Symantec Security Advisories: SA147 : March 2017 NTP Security Vulnerabilitiesurl:https://vulmon.com/vendoradvisory?qidtp=symantec_security_advisories&qid=7d6a7035af520037b0eb5fc69b3c488f

Trust: 0.1

title:Siemens Security Advisories: Siemens Security Advisoryurl:https://vulmon.com/vendoradvisory?qidtp=siemens_security_advisories&qid=85311fa037162a48cd67fd63f52a6478

Trust: 0.1

title:Oracle Solaris Third Party Bulletins: Oracle Solaris Third Party Bulletin - April 2017url:https://vulmon.com/vendoradvisory?qidtp=oracle_solaris_third_party_bulletins&qid=a31bff03e9909229fd67996884614fdf

Trust: 0.1

sources: VULMON: CVE-2017-6458 // JVNDB: JVNDB-2017-002167 // CNNVD: CNNVD-201703-105

EXTERNAL IDS

db:NVDid:CVE-2017-6458

Trust: 3.2

db:BIDid:97051

Trust: 2.1

db:SECTRACKid:1038123

Trust: 1.8

db:SIEMENSid:SSA-211752

Trust: 1.8

db:ICS CERTid:ICSA-21-159-11

Trust: 1.7

db:PACKETSTORMid:142284

Trust: 1.2

db:JVNid:JVNVU95781418

Trust: 0.8

db:JVNid:JVNVU95549222

Trust: 0.8

db:JVNDBid:JVNDB-2017-002167

Trust: 0.8

db:CNNVDid:CNNVD-201703-105

Trust: 0.7

db:CS-HELPid:SB2021041363

Trust: 0.6

db:CNNVDid:CNNVD-202104-975

Trust: 0.6

db:CS-HELPid:SB2021061008

Trust: 0.6

db:VULHUBid:VHN-114661

Trust: 0.1

db:VULMONid:CVE-2017-6458

Trust: 0.1

db:PACKETSTORMid:144366

Trust: 0.1

db:PACKETSTORMid:143259

Trust: 0.1

sources: VULHUB: VHN-114661 // VULMON: CVE-2017-6458 // BID: 97051 // JVNDB: JVNDB-2017-002167 // PACKETSTORM: 142284 // PACKETSTORM: 144366 // PACKETSTORM: 143259 // CNNVD: CNNVD-202104-975 // CNNVD: CNNVD-201703-105 // NVD: CVE-2017-6458

REFERENCES

url:http://support.ntp.org/bin/view/main/ntpbug3379

Trust: 2.1

url:http://www.securityfocus.com/bid/97051

Trust: 1.9

url:http://support.ntp.org/bin/view/main/securitynotice#march_2017_ntp_4_2_8p10_ntp_secu

Trust: 1.8

url:https://cert-portal.siemens.com/productcert/pdf/ssa-211752.pdf

Trust: 1.8

url:https://support.apple.com/ht208144

Trust: 1.8

url:http://www.securitytracker.com/id/1038123

Trust: 1.8

url:https://us-cert.cisa.gov/ics/advisories/icsa-21-159-11

Trust: 1.7

url:https://support.hpe.com/hpsc/doc/public/display?doclocale=en_us&docid=emr_na-hpesbux03962en_us

Trust: 1.7

url:http://www.ubuntu.com/usn/usn-3349-1

Trust: 1.2

url:http://www.securityfocus.com/archive/1/archive/1/540464/100/0/threaded

Trust: 1.1

url:https://bto.bluecoat.com/security-advisory/sa147

Trust: 1.1

url:https://support.apple.com/kb/ht208144

Trust: 1.1

url:https://support.f5.com/csp/article/k99254031

Trust: 1.1

url:https://www.broadcom.com/support/fibre-channel-networking/security-advisories/brocade-security-advisory-2017-294/

Trust: 1.1

url:http://seclists.org/fulldisclosure/2017/sep/62

Trust: 1.1

url:http://seclists.org/fulldisclosure/2017/nov/7

Trust: 1.1

url:http://packetstormsecurity.com/files/142284/slackware-security-advisory-ntp-updates.html

Trust: 1.1

url:https://nvd.nist.gov/vuln/detail/cve-2017-6458

Trust: 1.1

url:https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/4b7bmvxv53ee7xyw2kavetdhtp452o3z/

Trust: 1.0

url:https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/7kvlfa3j43qfip4i7he7kq5fxsmjekc6/

Trust: 1.0

url:https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/zuppicjxwl3awqb7i3awuc74yon7uing/

Trust: 1.0

url:http://jvn.jp/vu/jvnvu95549222/index.html

Trust: 0.8

url:https://jvn.jp/vu/jvnvu95781418/index.html

Trust: 0.8

url:https://www.cybersecurity-help.cz/vdb/sb2021041363

Trust: 0.6

url:https://www.cybersecurity-help.cz/vdb/sb2021061008

Trust: 0.6

url:http://www.ntp.org/

Trust: 0.3

url:https://bugzilla.redhat.com/show_bug.cgi?id=cve-2017-6458

Trust: 0.3

url:http://aix.software.ibm.com/aix/efixes/security/ntp_advisory9.asc

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2017-6460

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2016-9042

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2017-6463

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2017-6462

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2017-6464

Trust: 0.3

url:https://nvd.nist.gov/vuln/detail/cve-2017-6451

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2017-6459

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2017-6455

Trust: 0.2

url:https://nvd.nist.gov/vuln/detail/cve-2017-6452

Trust: 0.2

url:https://support.hpe.com/hpsc/doc/public/display?doclocale=en_us&docid=emr_na-hpesbux03962en_us

Trust: 0.1

url:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/7kvlfa3j43qfip4i7he7kq5fxsmjekc6/

Trust: 0.1

url:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/4b7bmvxv53ee7xyw2kavetdhtp452o3z/

Trust: 0.1

url:https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/zuppicjxwl3awqb7i3awuc74yon7uing/

Trust: 0.1

url:https://cwe.mitre.org/data/definitions/119.html

Trust: 0.1

url:https://nvd.nist.gov

Trust: 0.1

url:https://alas.aws.amazon.com/alas-2017-816.html

Trust: 0.1

url:https://usn.ubuntu.com/3349-1/

Trust: 0.1

url:http://slackware.com

Trust: 0.1

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-6452

Trust: 0.1

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-6464

Trust: 0.1

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-6451

Trust: 0.1

url:http://slackware.com/gpg-key

Trust: 0.1

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-6459

Trust: 0.1

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-6462

Trust: 0.1

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-6458

Trust: 0.1

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2016-9042

Trust: 0.1

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-6463

Trust: 0.1

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-6455

Trust: 0.1

url:http://osuosl.org)

Trust: 0.1

url:https://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2017-6460

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2017-7114

Trust: 0.1

url:https://support.apple.com/kb/ht201222

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2017-10989

Trust: 0.1

url:https://gpgtools.org

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2017-7080

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2017-7078

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2017-0381

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2017-7077

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2016-9842

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2017-1000373

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2017-7083

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2017-7074

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2017-11103

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2017-7082

Trust: 0.1

url:https://www.apple.com/support/security/pgp/

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2016-9840

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2017-7084

Trust: 0.1

url:https://www.apple.com/support/downloads/

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2016-9063

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2016-9841

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2017-7086

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2016-9843

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2016-7431

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2016-9311

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2016-7429

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2016-9310

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2016-2519

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/ntp/1:4.2.8p9+dfsg-2ubuntu1.1

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2016-7428

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2016-7434

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/ntp/1:4.2.8p8+dfsg-1ubuntu2.1

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2016-7427

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/ntp/1:4.2.6.p5+dfsg-3ubuntu2.14.04.11

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2016-7426

Trust: 0.1

url:https://launchpad.net/ubuntu/+source/ntp/1:4.2.8p4+dfsg-3ubuntu5.5

Trust: 0.1

url:https://nvd.nist.gov/vuln/detail/cve-2016-7433

Trust: 0.1

sources: VULHUB: VHN-114661 // VULMON: CVE-2017-6458 // BID: 97051 // JVNDB: JVNDB-2017-002167 // PACKETSTORM: 142284 // PACKETSTORM: 144366 // PACKETSTORM: 143259 // CNNVD: CNNVD-202104-975 // CNNVD: CNNVD-201703-105 // NVD: CVE-2017-6458

CREDITS

Siemens reported these vulnerabilities to CISA.

Trust: 0.6

sources: CNNVD: CNNVD-201703-105

SOURCES

db:VULHUBid:VHN-114661
db:VULMONid:CVE-2017-6458
db:BIDid:97051
db:JVNDBid:JVNDB-2017-002167
db:PACKETSTORMid:142284
db:PACKETSTORMid:144366
db:PACKETSTORMid:143259
db:CNNVDid:CNNVD-202104-975
db:CNNVDid:CNNVD-201703-105
db:NVDid:CVE-2017-6458

LAST UPDATE DATE

2024-08-14T12:47:51.793000+00:00


SOURCES UPDATE DATE

db:VULHUBid:VHN-114661date:2021-07-12T00:00:00
db:VULMONid:CVE-2017-6458date:2021-07-12T00:00:00
db:BIDid:97051date:2017-07-13T19:06:00
db:JVNDBid:JVNDB-2017-002167date:2021-06-10T09:10:00
db:CNNVDid:CNNVD-202104-975date:2021-04-14T00:00:00
db:CNNVDid:CNNVD-201703-105date:2021-06-11T00:00:00
db:NVDid:CVE-2017-6458date:2023-11-07T02:49:55.337

SOURCES RELEASE DATE

db:VULHUBid:VHN-114661date:2017-03-27T00:00:00
db:VULMONid:CVE-2017-6458date:2017-03-27T00:00:00
db:BIDid:97051date:2017-03-21T00:00:00
db:JVNDBid:JVNDB-2017-002167date:2017-03-31T00:00:00
db:PACKETSTORMid:142284date:2017-04-24T22:23:00
db:PACKETSTORMid:144366date:2017-09-28T00:13:55
db:PACKETSTORMid:143259date:2017-07-06T20:21:00
db:CNNVDid:CNNVD-202104-975date:2021-04-13T00:00:00
db:CNNVDid:CNNVD-201703-105date:2017-03-06T00:00:00
db:NVDid:CVE-2017-6458date:2017-03-27T17:59:00.633