Legend :
critical
high
medium
low
other
| id | 43087 |
|---|
| Risiko | other |
|---|
| Familie | Ubuntu Local Security Checks |
|---|
| Kategori | infos |
|---|
| Navn | USN867-1 : ntp vulnerability |
|---|
| Sammenfatning | ntp vulnerability |
|---|
| Beskrivelse | Synopsis :
These remote packages are missing security patches :
- ntp
- ntp-doc
- ntp-refclock
- ntp-server
- ntp-simple
- ntpdate
Description :
Robin Park and Dmitri Vinokurov discovered a logic error in ntpd. A remote
attacker could send a crafted NTP mode 7 packet with a spoofed IP address
of an affected server and cause a denial of service via CPU and disk
resource consumption.
Solution :
Upgrade to :
- ntp-4.2.4p6+dfsg-1ubuntu5.1 (Ubuntu 9.10)
- ntp-doc-4.2.4p6+dfsg-1ubuntu5.1 (Ubuntu 9.10)
- ntp-refclock-4.2.0a+stable-8.1ubuntu6.3 (Ubuntu 6.06)
- ntp-server-4.2.0a+stable-8.1ubuntu6.3 (Ubuntu 6.06)
- ntp-simple-4.2.0a+stable-8.1ubuntu6.3 (Ubuntu 6.06)
- ntpdate-4.2.4p6+dfsg-1ubuntu5.1 (Ubuntu 9.10)
Risk factor :
Medium / CVSS Base Score : 6.4
(CVSS2#AV:N/AC:L/Au:N/C:N/I:P/A:P)
|
|---|
| CVE |
CVE-2009-3563 |
| Bugtraq |
NOBID |
| Copyright |
(C) 2009 Canonical, Inc. / NASL script (C) 2009 Tenable Network Security, Inc. |