Vulnerabilities > CVE-2019-8936 - NULL Pointer Dereference vulnerability in multiple products

CVSS 7.5 - HIGH

Attack vector

NETWORK

Attack complexity

LOW

Privileges required

NONE

Confidentiality impact

NONE

Integrity impact

NONE

Availability impact

HIGH

network

low complexity

nessus

NVD

Published: 2019-05-15

Updated: 2023-11-07

Summary

NTP through 4.2.8p12 has a NULL Pointer Dereference.

Vulnerable Configurations

Part	Description	Count
OS	Netapp Netapp Data Ontap - Netapp Clustered Data Ontap - Netapp Clustered Data Ontap 8.2 Netapp Clustered Data Ontap 8.3 Netapp Clustered Data Ontap 9.0 Netapp Clustered Data Ontap 9.1	11
OS	Fedoraproject Fedoraproject Fedora 28 Fedoraproject Fedora 29 Fedoraproject Fedora 30	3
OS	Opensuse Opensuse Leap 42.3 Opensuse Leap 15.0	2
Application	Hpe HPE Hpux NTP - HPE Hpux NTP B.11.31 HPE Hpux NTP C.4.2.8.0.0 HPE Hpux NTP C.4.2.8.1.0 HPE Hpux NTP C.4.2.8.2.0 HPE Hpux NTP C.4.2.8.3.0	6
Application	Ntp NTP NTP 4.2.8 NTP NTP - NTP NTP 4.0 NTP NTP 4.0.72 NTP NTP 4.0.73 NTP NTP 4.0.90 NTP NTP 4.0.91 NTP NTP 4.0.92 NTP NTP 4.0.93 NTP NTP 4.0.94 NTP NTP 4.0.95 NTP NTP 4.0.96 NTP NTP 4.0.97 NTP NTP 4.0.98 NTP NTP 4.0.99 NTP NTP 4.1.0 NTP NTP 4.1.2 NTP NTP 4.2.0 NTP NTP 4.2.2 NTP NTP 4.2.4 NTP NTP 4.2.5 NTP NTP 4.2.6 NTP NTP 4.2.7 NTP NTP 4.2.7P444	718

Common Weakness Enumeration (CWE)

CWE-476 - NULL Pointer Dereference

Nessus

NASL family	Huawei Local Security Checks
NASL id	EULEROS_SA-2019-1356.NASL
description	According to the version of the ntp packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerability : - NTP through 4.2.8p12 has a NULL Pointer Dereference.i1/4^CVE-2019-8936i1/4%0 Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
last seen	2020-03-19
modified	2019-05-10
plugin id	124734
published	2019-05-10
reporter	This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/124734
title	EulerOS Virtualization 2.5.3 : ntp (EulerOS-SA-2019-1356)

NASL family	Amazon Linux Local Security Checks
NASL id	ALA_ALAS-2019-1206.NASL
description	NTP has a NULL pointer dereference attack in an authenticated mode 6 packet. (CVE-2019-8936)
last seen	2020-06-01
modified	2020-06-02
plugin id	125292
published	2019-05-21
reporter	This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/125292
title	Amazon Linux AMI : ntp (ALAS-2019-1206)

NASL family	Huawei Local Security Checks
NASL id	EULEROS_SA-2019-1938.NASL
description	According to the version of the ntp packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerability : - NTP through 4.2.8p12 has a NULL Pointer Dereference.(CVE-2019-8936) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
last seen	2020-06-01
modified	2020-06-02
plugin id	128941
published	2019-09-17
reporter	This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/128941
title	EulerOS Virtualization for ARM 64 3.0.2.0 : ntp (EulerOS-SA-2019-1938)

NASL family	Gentoo Local Security Checks
NASL id	GENTOO_GLSA-201903-15.NASL
description	The remote host is affected by the vulnerability described in GLSA-201903-15 (NTP: Multiple vulnerabilities) Multiple vulnerabilities have been discovered in NTP. Please review the CVE identifiers referenced below for details. Impact : An attacker could cause a Denial of Service condition, escalate privileges, or remotely execute arbitrary code. Workaround : There is no known workaround at this time.
last seen	2020-06-01
modified	2020-06-02
plugin id	122937
published	2019-03-19
reporter	This script is Copyright (C) 2019 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/122937
title	GLSA-201903-15 : NTP: Multiple vulnerabilities

NASL family	Huawei Local Security Checks
NASL id	EULEROS_SA-2019-1769.NASL
description	According to the version of the ntp packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - NTP through 4.2.8p12 has a NULL Pointer Dereference.(CVE-2019-8936) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
last seen	2020-05-03
modified	2019-07-25
plugin id	127006
published	2019-07-25
reporter	This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/127006
title	EulerOS 2.0 SP8 : ntp (EulerOS-SA-2019-1769)

NASL family	Huawei Local Security Checks
NASL id	EULEROS_SA-2020-1457.NASL
description	According to the versions of the ntp packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - NTP through 4.2.8p12 has a NULL Pointer Dereference.(CVE-2019-8936) - ntpd in ntp 4.2.8p4 before 4.2.8p11 drops bad packets before updating the
last seen	2020-04-30
modified	2020-04-16
plugin id	135619
published	2020-04-16
reporter	This script is Copyright (C) 2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/135619
title	EulerOS Virtualization 3.0.2.2 : ntp (EulerOS-SA-2020-1457)

NASL family	SuSE Local Security Checks
NASL id	SUSE_SU-2019-13991-1.NASL
description	This update for ntp fixes the following issues : Security issue fixed : CVE-2019-8936: Fixed a NULL pointer exception which could allow an authenticated attcker to cause segmentation fault to ntpd (bsc#1128525). Other issues addressed: Make sure that SLE12 version is higher than the one in SLE11 (bsc#1001182). Fixed several bugs in the BANCOMM reclock driver. Fixed ntp_loopfilter.c snprintf compilation warnings. Fixed spurious initgroups() error message. Fixed STA_NANO struct timex units. Fixed GPS week rollover in libparse. Fixed incorrect poll interval in packet. Added a missing check for ENABLE_CMAC. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
last seen	2020-06-01
modified	2020-06-02
plugin id	123454
published	2019-03-28
reporter	This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/123454
title	SUSE SLES11 Security Update : ntp (SUSE-SU-2019:13991-1)

NASL family	SuSE Local Security Checks
NASL id	SUSE_SU-2019-0775-1.NASL
description	This update for ntp fixes the following issues : Security issue fixed : CVE-2019-8936: Fixed a NULL pointer exception which could allow an authenticated attcker to cause segmentation fault to ntpd (bsc#1128525). Other issues addressed: Fixed several bugs in the BANCOMM reclock driver. Fixed ntp_loopfilter.c snprintf compilation warnings. Fixed spurious initgroups() error message. Fixed STA_NANO struct timex units. Fixed GPS week rollover in libparse. Fixed incorrect poll interval in packet. Added a missing check for ENABLE_CMAC. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
last seen	2020-06-01
modified	2020-06-02
plugin id	123449
published	2019-03-28
reporter	This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/123449
title	SUSE SLES12 Security Update : ntp (SUSE-SU-2019:0775-1)

NASL family	FreeBSD Local Security Checks
NASL id	FREEBSD_PKG_C2576E1436E211E99EDA206A8A720317.NASL
description	Network Time Foundation reports : A crafted malicious authenticated mode 6 (ntpq) packet from a permitted network address can trigger a NULL pointer dereference, crashing ntpd. Note that for this attack to work, the sending system must be on an address that the target
last seen	2020-04-30
modified	2019-03-08
plugin id	122685
published	2019-03-08
reporter	This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/122685
title	FreeBSD : ntp -- Crafted null dereference attack from a trusted source with an authenticated mode 6 packet (c2576e14-36e2-11e9-9eda-206a8a720317)

NASL family	Misc.
NASL id	NTP_4_2_8P13.NASL
description	The version of the remote NTP server is 4.x prior to 4.2.8p13, or is 4.3.x prior to 4.3.94. It is, therefore, affected by a denial of service vulnerability due to a flaw in handling authenticated mode 6 traffic. An authenticated attacker can exploit this issue to cause application crashes. Note that Nessus has not tested for this issue but has instead relied only on the application
last seen	2020-04-30
modified	2019-03-12
plugin id	122777
published	2019-03-12
reporter	This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/122777
title	Network Time Protocol Daemon (ntpd) 4.x < 4.2.8p13 / 4.3.x < 4.3.94 DoS

NASL family	Fedora Local Security Checks
NASL id	FEDORA_2019-B0C7F0D94A.NASL
description	Security fix for CVE-2019-8936 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
last seen	2020-06-01
modified	2020-06-02
plugin id	124532
published	2019-05-02
reporter	This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/124532
title	Fedora 30 : ntp (2019-b0c7f0d94a)

NASL family	Huawei Local Security Checks
NASL id	EULEROS_SA-2019-1878.NASL
description	According to the version of the ntp packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - NTP through 4.2.8p12 has a NULL Pointer Dereference.(CVE-2019-8936) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
last seen	2020-05-08
modified	2019-09-16
plugin id	128801
published	2019-09-16
reporter	This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/128801
title	EulerOS 2.0 SP5 : ntp (EulerOS-SA-2019-1878)

NASL family	SuSE Local Security Checks
NASL id	SUSE_SU-2019-0777-1.NASL
description	This update for ntp fixes the following issues : Security issue fixed : CVE-2019-8936: Fixed a NULL pointer exception which could allow an authenticated attcker to cause segmentation fault to ntpd (bsc#1128525). Other issues addressed: Fixed several bugs in the BANCOMM reclock driver. Fixed ntp_loopfilter.c snprintf compilation warnings. Fixed spurious initgroups() error message. Fixed STA_NANO struct timex units. Fixed GPS week rollover in libparse. Fixed incorrect poll interval in packet. Added a missing check for ENABLE_CMAC. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
last seen	2020-06-01
modified	2020-06-02
plugin id	123451
published	2019-03-28
reporter	This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/123451
title	SUSE SLED15 / SLES15 Security Update : ntp (SUSE-SU-2019:0777-1)

NASL family	SuSE Local Security Checks
NASL id	OPENSUSE-2019-1143.NASL
description	This update for ntp fixes the following issues : Security issue fixed: - CVE-2019-8936: Fixed a NULL pointer exception which could allow an authenticated attcker to cause segmentation fault to ntpd (bsc#1128525). Other issues addressed : - Fixed several bugs in the BANCOMM reclock driver. - Fixed ntp_loopfilter.c snprintf compilation warnings. - Fixed spurious initgroups() error message. - Fixed STA_NANO struct timex units. - Fixed GPS week rollover in libparse. - Fixed incorrect poll interval in packet. - Added a missing check for ENABLE_CMAC. This update was imported from the SUSE:SLE-15:Update update project.
last seen	2020-06-01
modified	2020-06-02
plugin id	123773
published	2019-04-05
reporter	This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/123773
title	openSUSE Security Update : ntp (openSUSE-2019-1143)

NASL family	SuSE Local Security Checks
NASL id	SUSE_SU-2019-0789-1.NASL
description	This update for ntp fixes the following issues : Security issue fixed : CVE-2019-8936: Fixed a NULL pointer exception which could allow an authenticated attcker to cause segmentation fault to ntpd (bsc#1128525). Other isses addressed: Fixed an issue which caused openSSL mismatch (bsc#1125401) Fixed several bugs in the BANCOMM reclock driver. Fixed ntp_loopfilter.c snprintf compilation warnings. Fixed spurious initgroups() error message. Fixed STA_NANO struct timex units. Fixed GPS week rollover in libparse. Fixed incorrect poll interval in packet. Added a missing check for ENABLE_CMAC. Note that Tenable Network Security has extracted the preceding description block directly from the SUSE security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
last seen	2020-06-01
modified	2020-06-02
plugin id	123500
published	2019-03-29
reporter	This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/123500
title	SUSE SLED12 / SLES12 Security Update : ntp (SUSE-SU-2019:0789-1)

NASL family	SuSE Local Security Checks
NASL id	OPENSUSE-2019-1158.NASL
description	This update for ntp fixes the following issues : Security issue fixed: - CVE-2019-8936: Fixed a NULL pointer exception which could allow an authenticated attcker to cause segmentation fault to ntpd (bsc#1128525). Other isses addressed : - Fixed an issue which caused openSSL mismatch (bsc#1125401) - Fixed several bugs in the BANCOMM reclock driver. - Fixed ntp_loopfilter.c snprintf compilation warnings. - Fixed spurious initgroups() error message. - Fixed STA_NANO struct timex units. - Fixed GPS week rollover in libparse. - Fixed incorrect poll interval in packet. - Added a missing check for ENABLE_CMAC. This update was imported from the SUSE:SLE-12-SP1:Update update project.
last seen	2020-06-01
modified	2020-06-02
plugin id	123813
published	2019-04-08
reporter	This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/123813
title	openSUSE Security Update : ntp (openSUSE-2019-1158)

NASL family	Huawei Local Security Checks
NASL id	EULEROS_SA-2019-1860.NASL
description	According to the version of the ntp packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - NTP through 4.2.8p12 has a NULL Pointer Dereference.(CVE-2019-8936) Note that Tenable Network Security has extracted the preceding description block directly from the EulerOS security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues.
last seen	2020-05-08
modified	2019-09-17
plugin id	128912
published	2019-09-17
reporter	This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/128912
title	EulerOS 2.0 SP2 : ntp (EulerOS-SA-2019-1860)

NASL family	PhotonOS Local Security Checks
NASL id	PHOTONOS_PHSA-2019-3_0-0024_NTP.NASL
description	An update of the ntp package has been released.
last seen	2020-06-01
modified	2020-06-02
plugin id	128156
published	2019-08-26
reporter	This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/128156
title	Photon OS 3.0: Ntp PHSA-2019-3.0-0024

NASL family	Slackware Local Security Checks
NASL id	SLACKWARE_SSA_2019-067-01.NASL
description	New ntp packages are available for Slackware 14.0, 14.1, 14.2, and -current to fix a security issue.
last seen	2020-04-30
modified	2019-03-11
plugin id	122740
published	2019-03-11
reporter	This script is Copyright (C) 2019-2020 and is owned by Tenable, Inc. or an Affiliate thereof.
source	https://www.tenable.com/plugins/nessus/122740
title	Slackware 14.0 / 14.1 / 14.2 / current : ntp (SSA:2019-067-01)

Summary

Vulnerable Configurations

Common Weakness Enumeration (CWE)

Nessus

References