Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 =========================================================================== AUSCERT Security Bulletin ASB-2015.0003 Vulnerabilities have been identified in NTP that is installed with Tenable Appliance. 12 January 2015 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: Tenable Appliance Operating System: Network Appliance Impact/Access: Execute Arbitrary Code/Commands -- Remote/Unauthenticated Access Privileged Data -- Existing Account Denial of Service -- Remote/Unauthenticated Provide Misleading Information -- Existing Account Reduced Security -- Existing Account Resolution: Patch/Upgrade CVE Names: CVE-2014-9296 CVE-2014-9295 CVE-2014-9294 CVE-2014-9293 Member content until: Wednesday, February 11 2015 OVERVIEW Vulnerabilities have been identified in NTP that is installed with Tenable Appliance. [1] IMPACT The vendor has provided the following details regarding this issue: "Some of these issues may allow for remote code execution. The issues include: NTP ntpd/ntp_crypto.c crypto_recv() Function Packet Handling Remote Stack Buffer Overflow NTP ntpd/ntp_control.c configure() Function Packet Handling Remote Stack Buffer Overflow NTP ntpd/ntp_control.c ctl_putdata() Function Packet Handling Remote Stack Buffer Overflow NTP ntp-keygen MD5 Key Generation Weak RNG Seed MitM Issue NTP Weak RSA Key Generation Modulus Unspecified Issue NTP Extension Fields Missing vallen Validation Unspecified Issue NTP Unspecified ::1 Spoofing Source IP ACL Bypass NTP ntp_proto.c receive() Function Error Clause Missing return Statement Unspecified Weakness NTP ntpd/ntp_config.c config_auth() Weak Default Key Generation While the NTP service may allow remote traffic, best practices say that such an appliance should not be Internet accessable. If deployed in accordance with best practices, attacks would have to be conducted from an internal network." [1] MITIGATION The vendor recommends upgrading to the latest version of Tenable Appliance. [1] REFERENCES [1] [R1] NTP Vulnerabilities Affects Tenable Appliance http://www.tenable.com/security/tns-2015-01 AusCERT has made every effort to ensure that the information contained in this document is accurate. However, the decision to use the information described is the responsibility of each user or organisation. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQIVAwUBVLNfrBLndAQH1ShLAQJ+YQ//XKXiqQRL93zAAkVmgwXzlubaVZsuURlo 761exsM41jQ2emvN1lH/Ft4NUj9o+PZLdBVrWx7IVGZ3fKfacFsvcbGLCDUr8Wrq HUs8UM4j3bkHmKK53R0khcWU3GPf8IQIwWVcX5A2kRpgDtDSXViK4YEzay4zKFA8 lk4XiDRdU+017pLDWrj2hOyPESLFSLOyu19w0byeI8iQRrXXX6FoK1eeoC4OHCQs Rob0qLIHDI+uMeQDiMenQ3rCdao40JTpvWcJaAqNXuklPNt1s87LgoI4dy7+4orm RqwdeqLYcUhRiKsGksqsgZAcxneSdn8rjY5iINLPu9d4fdf3qqs3tNiYzvSvlwIq kQrPOU/QaS8gg/BMTXxDY2nN5Wi7WpnbwaBqCJG8E56TrsEOrGIrtqedVZ2tZvdi SMXKEo//h/PMhRT90MIpdNTNfrHtyvsBJHZdF+ulv0Q9SdIFt+BXUb1PVITTeITB SQC+eYp5DAIjYhcS7IyASK5/FWDN2Gk+QfK2blUn9cPZRQMgdqsfNdGxW9gG35d+ qqQt0+Cp6qquW8QiJiOdLJdFwMbqO6BQDMqQAz3t04dowvvX7z0NJS6cgJgYUq3S eNMuKhQKwgLkP2U02Ej3Gc1H8F5YG2ZdPDpUO/P+jfBDFlvTSXXCZMWoZLFEJLeV TYQGeujj/h4= =fA5i -----END PGP SIGNATURE-----