Vulnerabilities > CVE-2019-8936 - NULL Pointer Dereference vulnerability in multiple products
Attack vector
NETWORK Attack complexity
LOW Privileges required
NONE Confidentiality impact
NONE Integrity impact
NONE Availability impact
HIGH Summary
NTP through 4.2.8p12 has a NULL Pointer Dereference.
Vulnerable Configurations
Part | Description | Count |
---|---|---|
OS | 11 | |
OS | 3 | |
OS | 2 | |
Application | 6 | |
Application | Ntp
| 735 |
Common Weakness Enumeration (CWE)
Nessus
NASL family Huawei Local Security Checks NASL id EULEROS_SA-2019-1356.NASL description According to the version of the ntp packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - NTP through 4.2.8p12 has a NULL Pointer Dereference.i1/4^CVE-2019-8936i1/4%0 Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-03-19 modified 2019-05-10 plugin id 124734 published 2019-05-10 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/124734 title EulerOS Virtualization 2.5.3 : ntp (EulerOS-SA-2019-1356) NASL family Amazon Linux Local Security Checks NASL id ALA_ALAS-2019-1206.NASL description NTP has a NULL pointer dereference attack in an authenticated mode 6 packet. (CVE-2019-8936) last seen 2020-06-01 modified 2020-06-02 plugin id 125292 published 2019-05-21 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/125292 title Amazon Linux AMI : ntp (ALAS-2019-1206) NASL family Huawei Local Security Checks NASL id EULEROS_SA-2019-1938.NASL description According to the version of the ntp packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerability : - NTP through 4.2.8p12 has a NULL Pointer Dereference.(CVE-2019-8936) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 128941 published 2019-09-17 reporter This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/128941 title EulerOS Virtualization for ARM 64 3.0.2.0 : ntp (EulerOS-SA-2019-1938) NASL family Gentoo Local Security Checks NASL id GENTOO_GLSA-201903-15.NASL description The remote host is affected by the vulnerability described in GLSA-201903-15 (NTP: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in NTP. Please review the CVE identifiers referenced below for details. Impact : An attacker could cause a Denial of Service condition, escalate privileges, or remotely execute arbitrary code. Workaround : There is no known workaround at this time. last seen 2020-06-01 modified 2020-06-02 plugin id 122937 published 2019-03-19 reporter This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/122937 title GLSA-201903-15 : NTP: Multiple vulnerabilities NASL family Huawei Local Security Checks NASL id EULEROS_SA-2019-1769.NASL description According to the version of the ntp packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - NTP through 4.2.8p12 has a NULL Pointer Dereference.(CVE-2019-8936) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-05-03 modified 2019-07-25 plugin id 127006 published 2019-07-25 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/127006 title EulerOS 2.0 SP8 : ntp (EulerOS-SA-2019-1769) NASL family Huawei Local Security Checks NASL id EULEROS_SA-2020-1457.NASL description According to the versions of the ntp packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - NTP through 4.2.8p12 has a NULL Pointer Dereference.(CVE-2019-8936) - ntpd in ntp 4.2.8p4 before 4.2.8p11 drops bad packets before updating the last seen 2020-04-30 modified 2020-04-16 plugin id 135619 published 2020-04-16 reporter This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/135619 title EulerOS Virtualization 3.0.2.2 : ntp (EulerOS-SA-2020-1457) NASL family SuSE Local Security Checks NASL id SUSE_SU-2019-13991-1.NASL description This update for ntp fixes the following issues : Security issue fixed : CVE-2019-8936: Fixed a NULL pointer exception which could allow an authenticated attcker to cause segmentation fault to ntpd (bsc#1128525). Other issues addressed: Make sure that SLE12 version is higher than the one in SLE11 (bsc#1001182). Fixed several bugs in the BANCOMM reclock driver. Fixed ntp_loopfilter.c snprintf compilation warnings. Fixed spurious initgroups() error message. Fixed STA_NANO struct timex units. Fixed GPS week rollover in libparse. Fixed incorrect poll interval in packet. Added a missing check for ENABLE_CMAC. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 123454 published 2019-03-28 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/123454 title SUSE SLES11 Security Update : ntp (SUSE-SU-2019:13991-1) NASL family SuSE Local Security Checks NASL id SUSE_SU-2019-0775-1.NASL description This update for ntp fixes the following issues : Security issue fixed : CVE-2019-8936: Fixed a NULL pointer exception which could allow an authenticated attcker to cause segmentation fault to ntpd (bsc#1128525). Other issues addressed: Fixed several bugs in the BANCOMM reclock driver. Fixed ntp_loopfilter.c snprintf compilation warnings. Fixed spurious initgroups() error message. Fixed STA_NANO struct timex units. Fixed GPS week rollover in libparse. Fixed incorrect poll interval in packet. Added a missing check for ENABLE_CMAC. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 123449 published 2019-03-28 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/123449 title SUSE SLES12 Security Update : ntp (SUSE-SU-2019:0775-1) NASL family FreeBSD Local Security Checks NASL id FREEBSD_PKG_C2576E1436E211E99EDA206A8A720317.NASL description Network Time Foundation reports : A crafted malicious authenticated mode 6 (ntpq) packet from a permitted network address can trigger a NULL pointer dereference, crashing ntpd. Note that for this attack to work, the sending system must be on an address that the target last seen 2020-04-30 modified 2019-03-08 plugin id 122685 published 2019-03-08 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/122685 title FreeBSD : ntp -- Crafted null dereference attack from a trusted source with an authenticated mode 6 packet (c2576e14-36e2-11e9-9eda-206a8a720317) NASL family Misc. NASL id NTP_4_2_8P13.NASL description The version of the remote NTP server is 4.x prior to 4.2.8p13, or is 4.3.x prior to 4.3.94. It is, therefore, affected by a denial of service vulnerability due to a flaw in handling authenticated mode 6 traffic. An authenticated attacker can exploit this issue to cause application crashes. Note that Nessus has not tested for this issue but has instead relied only on the application last seen 2020-04-30 modified 2019-03-12 plugin id 122777 published 2019-03-12 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/122777 title Network Time Protocol Daemon (ntpd) 4.x < 4.2.8p13 / 4.3.x < 4.3.94 DoS NASL family Fedora Local Security Checks NASL id FEDORA_2019-B0C7F0D94A.NASL description Security fix for CVE-2019-8936 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 124532 published 2019-05-02 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/124532 title Fedora 30 : ntp (2019-b0c7f0d94a) NASL family Huawei Local Security Checks NASL id EULEROS_SA-2019-1878.NASL description According to the version of the ntp packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - NTP through 4.2.8p12 has a NULL Pointer Dereference.(CVE-2019-8936) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-05-08 modified 2019-09-16 plugin id 128801 published 2019-09-16 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/128801 title EulerOS 2.0 SP5 : ntp (EulerOS-SA-2019-1878) NASL family SuSE Local Security Checks NASL id SUSE_SU-2019-0777-1.NASL description This update for ntp fixes the following issues : Security issue fixed : CVE-2019-8936: Fixed a NULL pointer exception which could allow an authenticated attcker to cause segmentation fault to ntpd (bsc#1128525). Other issues addressed: Fixed several bugs in the BANCOMM reclock driver. Fixed ntp_loopfilter.c snprintf compilation warnings. Fixed spurious initgroups() error message. Fixed STA_NANO struct timex units. Fixed GPS week rollover in libparse. Fixed incorrect poll interval in packet. Added a missing check for ENABLE_CMAC. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 123451 published 2019-03-28 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/123451 title SUSE SLED15 / SLES15 Security Update : ntp (SUSE-SU-2019:0777-1) NASL family SuSE Local Security Checks NASL id OPENSUSE-2019-1143.NASL description This update for ntp fixes the following issues : Security issue fixed: 	 - CVE-2019-8936: Fixed a NULL pointer exception which could allow an authenticated attcker to cause segmentation fault to ntpd (bsc#1128525). Other issues addressed : - Fixed several bugs in the BANCOMM reclock driver. - Fixed ntp_loopfilter.c snprintf compilation warnings. - Fixed spurious initgroups() error message. - Fixed STA_NANO struct timex units. - Fixed GPS week rollover in libparse. - Fixed incorrect poll interval in packet. - Added a missing check for ENABLE_CMAC. This update was imported from the SUSE:SLE-15:Update update project. last seen 2020-06-01 modified 2020-06-02 plugin id 123773 published 2019-04-05 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/123773 title openSUSE Security Update : ntp (openSUSE-2019-1143) NASL family SuSE Local Security Checks NASL id SUSE_SU-2019-0789-1.NASL description This update for ntp fixes the following issues : Security issue fixed : CVE-2019-8936: Fixed a NULL pointer exception which could allow an authenticated attcker to cause segmentation fault to ntpd (bsc#1128525). Other isses addressed: Fixed an issue which caused openSSL mismatch (bsc#1125401) Fixed several bugs in the BANCOMM reclock driver. Fixed ntp_loopfilter.c snprintf compilation warnings. Fixed spurious initgroups() error message. Fixed STA_NANO struct timex units. Fixed GPS week rollover in libparse. Fixed incorrect poll interval in packet. Added a missing check for ENABLE_CMAC. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-06-01 modified 2020-06-02 plugin id 123500 published 2019-03-29 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/123500 title SUSE SLED12 / SLES12 Security Update : ntp (SUSE-SU-2019:0789-1) NASL family SuSE Local Security Checks NASL id OPENSUSE-2019-1158.NASL description This update for ntp fixes the following issues : Security issue fixed: 	 - CVE-2019-8936: Fixed a NULL pointer exception which could allow an authenticated attcker to cause segmentation fault to ntpd (bsc#1128525). Other isses addressed : - Fixed an issue which caused openSSL mismatch (bsc#1125401) - Fixed several bugs in the BANCOMM reclock driver. - Fixed ntp_loopfilter.c snprintf compilation warnings. - Fixed spurious initgroups() error message. - Fixed STA_NANO struct timex units. - Fixed GPS week rollover in libparse. - Fixed incorrect poll interval in packet. - Added a missing check for ENABLE_CMAC. This update was imported from the SUSE:SLE-12-SP1:Update update project. last seen 2020-06-01 modified 2020-06-02 plugin id 123813 published 2019-04-08 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/123813 title openSUSE Security Update : ntp (openSUSE-2019-1158) NASL family Huawei Local Security Checks NASL id EULEROS_SA-2019-1860.NASL description According to the version of the ntp packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - NTP through 4.2.8p12 has a NULL Pointer Dereference.(CVE-2019-8936) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues. last seen 2020-05-08 modified 2019-09-17 plugin id 128912 published 2019-09-17 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/128912 title EulerOS 2.0 SP2 : ntp (EulerOS-SA-2019-1860) NASL family PhotonOS Local Security Checks NASL id PHOTONOS_PHSA-2019-3_0-0024_NTP.NASL description An update of the ntp package has been released. last seen 2020-06-01 modified 2020-06-02 plugin id 128156 published 2019-08-26 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/128156 title Photon OS 3.0: Ntp PHSA-2019-3.0-0024 NASL family Slackware Local Security Checks NASL id SLACKWARE_SSA_2019-067-01.NASL description New ntp packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix a security issue. last seen 2020-04-30 modified 2019-03-11 plugin id 122740 published 2019-03-11 reporter This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof. source https://www.tenable.com/plugins/nessus/122740 title Slackware 14.0 / 14.1 / 14.2 / current : ntp (SSA:2019-067-01)
References
- http://bugs.ntp.org/show_bug.cgi?id=3565
- http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00032.html
- http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00036.html
- http://packetstormsecurity.com/files/152915/FreeBSD-Security-Advisory-FreeBSD-SA-19-04.ntp.html
- http://support.ntp.org/bin/view/Main/SecurityNotice
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2NVS2CSG2TQ663CXOZZUJN4STQPMENNP/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JBGXY7OKWOLT6X6JAPVZRFEP4FLCGGST/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KQDNHNYOJK2SRSGO23GQ2RXTOUY2HLNN/
- https://seclists.org/bugtraq/2019/May/39
- https://security.FreeBSD.org/advisories/FreeBSD-SA-19:04.ntp.asc
- https://security.gentoo.org/glsa/201903-15
- https://security.netapp.com/advisory/ntap-20190503-0001/
- https://support.f5.com/csp/article/K61363039
- https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03962en_us
- https://usn.ubuntu.com/4563-1/
- http://bugs.ntp.org/show_bug.cgi?id=3565
- https://usn.ubuntu.com/4563-1/
- https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbux03962en_us
- https://support.f5.com/csp/article/K61363039
- https://security.netapp.com/advisory/ntap-20190503-0001/
- https://security.gentoo.org/glsa/201903-15
- https://security.FreeBSD.org/advisories/FreeBSD-SA-19:04.ntp.asc
- https://seclists.org/bugtraq/2019/May/39
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/KQDNHNYOJK2SRSGO23GQ2RXTOUY2HLNN/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/JBGXY7OKWOLT6X6JAPVZRFEP4FLCGGST/
- https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/2NVS2CSG2TQ663CXOZZUJN4STQPMENNP/
- http://support.ntp.org/bin/view/Main/SecurityNotice
- http://packetstormsecurity.com/files/152915/FreeBSD-Security-Advisory-FreeBSD-SA-19-04.ntp.html
- http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00036.html
- http://lists.opensuse.org/opensuse-security-announce/2019-04/msg00032.html