Skip to navigation

Security Advisory Critical: ntp security update

Advisory: RHSA-2009:1040-1
Type: Security Advisory
Severity: Critical
Issued on: 2009-05-18
Last updated on: 2009-05-18
Affected Products: Red Hat Desktop (v. 4)
Red Hat Enterprise Linux AS (v. 4)
Red Hat Enterprise Linux AS (v. 4.7.z)
Red Hat Enterprise Linux AS (v. 4.8.z)
Red Hat Enterprise Linux ES (v. 4)
Red Hat Enterprise Linux ES (v. 4.7.z)
Red Hat Enterprise Linux ES (v. 4.8.z)
Red Hat Enterprise Linux WS (v. 4)
CVEs (cve.mitre.org): CVE-2009-0159
CVE-2009-1252

Details

An updated ntp package that fixes two security issues is now available for
Red Hat Enterprise Linux 4.

This update has been rated as having critical security impact by the Red
Hat Security Response Team.

The Network Time Protocol (NTP) is used to synchronize a computer's time
with a referenced time source.

A buffer overflow flaw was discovered in the ntpd daemon's NTPv4
authentication code. If ntpd was configured to use public key cryptography
for NTP packet authentication, a remote attacker could use this flaw to
send a specially-crafted request packet that could crash ntpd or,
potentially, execute arbitrary code with the privileges of the "ntp" user.
(CVE-2009-1252)

Note: NTP authentication is not enabled by default.

A buffer overflow flaw was found in the ntpq diagnostic command. A
malicious, remote server could send a specially-crafted reply to an ntpq
request that could crash ntpq or, potentially, execute arbitrary code with
the privileges of the user running the ntpq command. (CVE-2009-0159)

All ntp users are advised to upgrade to this updated package, which
contains backported patches to resolve these issues. After installing the
update, the ntpd daemon will be restarted automatically.


Solution

Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.

This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/docs/DOC-11259

Updated packages

Red Hat Desktop (v. 4)

SRPMS:
ntp-4.2.0.a.20040617-8.el4_7.2.src.rpm
File outdated by:  RHBA-2011:0222
    MD5: 7de50d673993694f1d46d3e157cedc5d
 
IA-32:
ntp-4.2.0.a.20040617-8.el4_7.2.i386.rpm
File outdated by:  RHBA-2011:0222
    MD5: 9c2ba7a4cbef134a1b1cc4cc5b5ec365
 
x86_64:
ntp-4.2.0.a.20040617-8.el4_7.2.x86_64.rpm
File outdated by:  RHBA-2011:0222
    MD5: e929bb1dc4bb5b7ba266744d8c06ab40
 
Red Hat Enterprise Linux AS (v. 4)

SRPMS:
ntp-4.2.0.a.20040617-8.el4_7.2.src.rpm
File outdated by:  RHBA-2011:0222
    MD5: 7de50d673993694f1d46d3e157cedc5d
 
IA-32:
ntp-4.2.0.a.20040617-8.el4_7.2.i386.rpm
File outdated by:  RHBA-2011:0222
    MD5: 9c2ba7a4cbef134a1b1cc4cc5b5ec365
 
IA-64:
ntp-4.2.0.a.20040617-8.el4_7.2.ia64.rpm
File outdated by:  RHBA-2011:0222
    MD5: ec9b0ddb25797f21920c32b99c127162
 
PPC:
ntp-4.2.0.a.20040617-8.el4_7.2.ppc.rpm
File outdated by:  RHBA-2011:0222
    MD5: 03e79f8fc89f66410950ac7f44a0e5a5
 
s390:
ntp-4.2.0.a.20040617-8.el4_7.2.s390.rpm
File outdated by:  RHBA-2011:0222
    MD5: 085db31aa6b396043be65091ecf274a7
 
s390x:
ntp-4.2.0.a.20040617-8.el4_7.2.s390x.rpm
File outdated by:  RHBA-2011:0222
    MD5: 618710e122adec9b3edb65f1746ac199
 
x86_64:
ntp-4.2.0.a.20040617-8.el4_7.2.x86_64.rpm
File outdated by:  RHBA-2011:0222
    MD5: e929bb1dc4bb5b7ba266744d8c06ab40
 
Red Hat Enterprise Linux AS (v. 4.7.z)

SRPMS:
ntp-4.2.0.a.20040617-8.el4_7.2.src.rpm
File outdated by:  RHBA-2011:0222
    MD5: 7de50d673993694f1d46d3e157cedc5d
 
IA-32:
ntp-4.2.0.a.20040617-8.el4_7.2.i386.rpm     MD5: 9c2ba7a4cbef134a1b1cc4cc5b5ec365
 
IA-64:
ntp-4.2.0.a.20040617-8.el4_7.2.ia64.rpm     MD5: ec9b0ddb25797f21920c32b99c127162
 
PPC:
ntp-4.2.0.a.20040617-8.el4_7.2.ppc.rpm     MD5: 03e79f8fc89f66410950ac7f44a0e5a5
 
s390:
ntp-4.2.0.a.20040617-8.el4_7.2.s390.rpm     MD5: 085db31aa6b396043be65091ecf274a7
 
s390x:
ntp-4.2.0.a.20040617-8.el4_7.2.s390x.rpm     MD5: 618710e122adec9b3edb65f1746ac199
 
x86_64:
ntp-4.2.0.a.20040617-8.el4_7.2.x86_64.rpm     MD5: e929bb1dc4bb5b7ba266744d8c06ab40
 
Red Hat Enterprise Linux AS (v. 4.8.z)

SRPMS:
ntp-4.2.0.a.20040617-8.el4_7.2.src.rpm
File outdated by:  RHBA-2011:0222
    MD5: 7de50d673993694f1d46d3e157cedc5d
 
IA-32:
ntp-4.2.0.a.20040617-8.el4_7.2.i386.rpm
File outdated by:  RHSA-2009:1648
    MD5: 9c2ba7a4cbef134a1b1cc4cc5b5ec365
 
IA-64:
ntp-4.2.0.a.20040617-8.el4_7.2.ia64.rpm
File outdated by:  RHSA-2009:1648
    MD5: ec9b0ddb25797f21920c32b99c127162
 
PPC:
ntp-4.2.0.a.20040617-8.el4_7.2.ppc.rpm
File outdated by:  RHSA-2009:1648
    MD5: 03e79f8fc89f66410950ac7f44a0e5a5
 
s390:
ntp-4.2.0.a.20040617-8.el4_7.2.s390.rpm
File outdated by:  RHSA-2009:1648
    MD5: 085db31aa6b396043be65091ecf274a7
 
s390x:
ntp-4.2.0.a.20040617-8.el4_7.2.s390x.rpm
File outdated by:  RHSA-2009:1648
    MD5: 618710e122adec9b3edb65f1746ac199
 
x86_64:
ntp-4.2.0.a.20040617-8.el4_7.2.x86_64.rpm
File outdated by:  RHSA-2009:1648
    MD5: e929bb1dc4bb5b7ba266744d8c06ab40
 
Red Hat Enterprise Linux ES (v. 4)

SRPMS:
ntp-4.2.0.a.20040617-8.el4_7.2.src.rpm
File outdated by:  RHBA-2011:0222
    MD5: 7de50d673993694f1d46d3e157cedc5d
 
IA-32:
ntp-4.2.0.a.20040617-8.el4_7.2.i386.rpm
File outdated by:  RHBA-2011:0222
    MD5: 9c2ba7a4cbef134a1b1cc4cc5b5ec365
 
IA-64:
ntp-4.2.0.a.20040617-8.el4_7.2.ia64.rpm
File outdated by:  RHBA-2011:0222
    MD5: ec9b0ddb25797f21920c32b99c127162
 
x86_64:
ntp-4.2.0.a.20040617-8.el4_7.2.x86_64.rpm
File outdated by:  RHBA-2011:0222
    MD5: e929bb1dc4bb5b7ba266744d8c06ab40
 
Red Hat Enterprise Linux ES (v. 4.7.z)

SRPMS:
ntp-4.2.0.a.20040617-8.el4_7.2.src.rpm
File outdated by:  RHBA-2011:0222
    MD5: 7de50d673993694f1d46d3e157cedc5d
 
IA-32:
ntp-4.2.0.a.20040617-8.el4_7.2.i386.rpm     MD5: 9c2ba7a4cbef134a1b1cc4cc5b5ec365
 
IA-64:
ntp-4.2.0.a.20040617-8.el4_7.2.ia64.rpm     MD5: ec9b0ddb25797f21920c32b99c127162
 
x86_64:
ntp-4.2.0.a.20040617-8.el4_7.2.x86_64.rpm     MD5: e929bb1dc4bb5b7ba266744d8c06ab40
 
Red Hat Enterprise Linux ES (v. 4.8.z)

SRPMS:
ntp-4.2.0.a.20040617-8.el4_7.2.src.rpm
File outdated by:  RHBA-2011:0222
    MD5: 7de50d673993694f1d46d3e157cedc5d
 
IA-32:
ntp-4.2.0.a.20040617-8.el4_7.2.i386.rpm
File outdated by:  RHSA-2009:1648
    MD5: 9c2ba7a4cbef134a1b1cc4cc5b5ec365
 
IA-64:
ntp-4.2.0.a.20040617-8.el4_7.2.ia64.rpm
File outdated by:  RHSA-2009:1648
    MD5: ec9b0ddb25797f21920c32b99c127162
 
x86_64:
ntp-4.2.0.a.20040617-8.el4_7.2.x86_64.rpm
File outdated by:  RHSA-2009:1648
    MD5: e929bb1dc4bb5b7ba266744d8c06ab40
 
Red Hat Enterprise Linux WS (v. 4)

SRPMS:
ntp-4.2.0.a.20040617-8.el4_7.2.src.rpm
File outdated by:  RHBA-2011:0222
    MD5: 7de50d673993694f1d46d3e157cedc5d
 
IA-32:
ntp-4.2.0.a.20040617-8.el4_7.2.i386.rpm
File outdated by:  RHBA-2011:0222
    MD5: 9c2ba7a4cbef134a1b1cc4cc5b5ec365
 
IA-64:
ntp-4.2.0.a.20040617-8.el4_7.2.ia64.rpm
File outdated by:  RHBA-2011:0222
    MD5: ec9b0ddb25797f21920c32b99c127162
 
x86_64:
ntp-4.2.0.a.20040617-8.el4_7.2.x86_64.rpm
File outdated by:  RHBA-2011:0222
    MD5: e929bb1dc4bb5b7ba266744d8c06ab40
 
(The unlinked packages above are only available from the Red Hat Network)

Bugs fixed (see bugzilla for more information)

490617 - CVE-2009-0159 ntp: buffer overflow in ntpq
499694 - CVE-2009-1252 ntp: remote arbitrary code execution vulnerability if autokeys is enabled


References



These packages are GPG signed by Red Hat for security. Our key and details on how to verify the signature are available from:
https://www.redhat.com/security/team/key/#package

The Red Hat security contact is secalert@redhat.com. More contact details at http://www.redhat.com/security/team/contact/