aboutsummaryrefslogtreecommitdiff
path: root/share/security/advisories/FreeBSD-SA-19:04.ntp.asc
diff options
context:
space:
mode:
Diffstat (limited to 'share/security/advisories/FreeBSD-SA-19:04.ntp.asc')
-rw-r--r--share/security/advisories/FreeBSD-SA-19:04.ntp.asc146
1 files changed, 0 insertions, 146 deletions
diff --git a/share/security/advisories/FreeBSD-SA-19:04.ntp.asc b/share/security/advisories/FreeBSD-SA-19:04.ntp.asc
deleted file mode 100644
index de2dd01682..0000000000
--- a/share/security/advisories/FreeBSD-SA-19:04.ntp.asc
+++ /dev/null
@@ -1,146 +0,0 @@
------BEGIN PGP SIGNED MESSAGE-----
-Hash: SHA512
-
-=============================================================================
-FreeBSD-SA-19:04.ntp Security Advisory
- The FreeBSD Project
-
-Topic: Authenticated denial of service in ntpd
-
-Category: contrib
-Module: ntp
-Announced: 2019-05-14
-Credits: Magnus Stubman
-Affects: All supported versions of FreeBSD
-Corrected: 2019-03-07 13:45:36 UTC (stable/12, 12.0-STABLE)
- 2019-05-14 23:02:56 UTC (releng/12.0, 12.0-RELEASE-p4)
- 2019-03-07 13:45:36 UTC (stable/11, 11.3-PRERELEASE)
- 2019-05-14 23:06:26 UTC (releng/11.2, 11.2-RELEASE-p10)
-CVE Name: CVE-2019-8936
-
-For general information regarding FreeBSD Security Advisories,
-including descriptions of the fields above, security branches, and the
-following sections, please visit <URL:https://security.FreeBSD.org/>.
-
-I. Background
-
-The ntpd(8) daemon is an implementation of the Network Time Protocol
-(NTP) used to synchronize the time of a computer system to a reference
-time source. The ntpd(8) daemon uses a protocol called mode 6 to both get
-status information from the running ntpd(8) daemon and configure it on the
-fly. This protocol is typically used by the ntpq(8) program, among others.
-
-II. Problem Description
-
-A crafted malicious authenticated mode 6 packet from a permitted network
-address can trigger a NULL pointer dereference.
-
-Note for this attack to work, the sending system must be on an address from
-which the target ntpd(8) accepts mode 6 packets, and must use a private key
-that is specifically listed as being used for mode 6 authorization.
-
-III. Impact
-
-The ntpd daemon can crash due to the NULL pointer dereference, causing a
-denial of service.
-
-IV. Workaround
-
-Use 'restrict noquery' in the ntpd configuration to limit addresses that
-can send mode 6 queries.
-
-V. Solution
-
-Perform one of the following:
-
-1) Upgrade your vulnerable system to a supported FreeBSD stable or
-release / security branch (releng) dated after the correction date.
-
-2) To update your vulnerable system via a binary patch:
-
-Systems running a RELEASE version of FreeBSD on the i386 or amd64
-platforms can be updated via the freebsd-update(8) utility:
-
-# freebsd-update fetch
-# freebsd-update install
-
-Afterwards, restart the ntpd service:
-# service ntpd restart
-
-3) To update your vulnerable system via a source code patch:
-
-The following patches have been verified to apply to the applicable
-FreeBSD release branches.
-
-a) Download the relevant patch from the location below, and verify the
-detached PGP signature using your PGP utility.
-
-[FreeBSD 12.0]
-# fetch https://security.FreeBSD.org/patches/SA-19:04/ntp.patch
-# fetch https://security.FreeBSD.org/patches/SA-19:04/ntp.patch.asc
-# gpg --verify ntp.patch.asc
-
-[FreeBSD 11.2-RELEASE/11.3-PRERELEASE]
-# fetch https://security.FreeBSD.org/patches/SA-19:04/ntp-11.2.patch
-# fetch https://security.FreeBSD.org/patches/SA-19:04/ntp-11.2.patch.asc
-# gpg --verify ntp-11.2.patch.asc
-
-b) Apply the patch. Execute the following commands as root:
-
-# cd /usr/src
-# patch < /path/to/patch
-
-c) Recompile the operating system using buildworld and installworld as
-described in <URL:https://www.FreeBSD.org/handbook/makeworld.html>.
-
-Restart the ntpd service, or reboot the system.
-
-VI. Correction details
-
-The following list contains the correction revision numbers for each
-affected branch.
-
-Branch/path Revision
-- -------------------------------------------------------------------------
-stable/12/ r344884
-releng/12.0/ r347589
-stable/11/ r344884
-releng/11.2/ r347590
-- -------------------------------------------------------------------------
-
-To see which files were modified by a particular revision, run the
-following command, replacing NNNNNN with the revision number, on a
-machine with Subversion installed:
-
-# svn diff -cNNNNNN --summarize svn://svn.freebsd.org/base
-
-Or visit the following URL, replacing NNNNNN with the revision number:
-
-<URL:https://svnweb.freebsd.org/base?view=revision&revision=NNNNNN>
-
-VII. References
-
-<URL:http://support.ntp.org/bin/view/Main/SecurityNotice#March_2019_ntp_4_2_8p13_NTP_Rele>
-
-<URL:https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8936>
-
-The latest revision of this advisory is available at
-<URL:https://security.FreeBSD.org/advisories/FreeBSD-SA-19:04.ntp.asc>
------BEGIN PGP SIGNATURE-----
-
-iQKTBAEBCgB9FiEE/A6HiuWv54gCjWNV05eS9J6n5cIFAlzbTrdfFIAAAAAALgAo
-aXNzdWVyLWZwckBub3RhdGlvbnMub3BlbnBncC5maWZ0aGhvcnNlbWFuLm5ldEZD
-MEU4NzhBRTVBRkU3ODgwMjhENjM1NUQzOTc5MkY0OUVBN0U1QzIACgkQ05eS9J6n
-5cLGtw/8CNAYnLxARrMUK1QeC9sE7EaboYInSOgaunfK2Uw5tJk9b4GwWWjCSE0C
-hSWg4a9xv3pks2ppfEJzRuy0eoYmiU0MYblnAnCwCmE2d3WYlExO7hZJa1iK3uPO
-WvHre5q80kF8TJhS9rbph+6oyLaPun8f9PDIo4Oc2knTppNfrfzbB/HEuzP27KMp
-gCXD/Nk/5tHbXjkIGamWCf9wgYuw/typYRV3W6sWDuPhug2sAvWk1TMo0cMJ4BHL
-wL7Qh00rZ+nHWdk5GKFslga9gNjVPqD2DzRKCQO2bj4o+7ly2d+yk4jUpMKBq2r4
-eQcQQnk9xj60NQ5cHGprOv6xwulBYycugF57iouNAP241cvVf+XZd4b/GthJODgz
-fhP0aquusmtkawida3ZWWIVCjkM5NmHQsY5VTQLvTudtemb3kdmRMy3dFDN7oyXZ
-PqP6JJUqamxNHilxRVytNCZLiSuy1P2MnJamyLZIqcDiT6yvMVBqwuGdQrSTSKyu
-g/sR+vUohuJrP2i3pCCEfGtH5Nfq6GpY6Swxec81wUoqReGVCGmSFSEaas21TFYf
-ZzAEAhywveGegkhqvsGP9A1zrTs6ZTCRzun32MhSo4xH/YZaArMvRa6JiSWTA1fG
-ctwXEwIBj0XNEWBsCPgVvaF9bglmQZ2Iqn4iOiHlRGT7KxgjT7w=
-=o9t5
------END PGP SIGNATURE-----