Test Kennung:	1.3.6.1.4.1.25623.1.0.900623
Kategorie:	Buffer overflow
Titel:	NTP.org 'ntpd' Stack Buffer Overflow Vulnerability
Zusammenfassung:	NTP.org's reference implementation of NTP server, ntpd is prone to multiple stack buffer overflow vulnerabilities.
Beschreibung:	Summary: NTP.org's reference implementation of NTP server, ntpd is prone to multiple stack buffer overflow vulnerabilities. Vulnerability Insight: The flaw is due to a boundary error within the cookedprint() function in ntpq/ntpq.c while processing malicious response from a specially crafted remote time server. Vulnerability Impact: Successful exploitation will allow attackers to execute arbitrary code or to cause the application to crash. Affected Software/OS: NTPd version prior to 4.2.4p7-RC2. Solution: Update to version 4.2.4p7-RC2 or later. CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2009-0159 http://lists.apple.com/archives/security-announce/2009/May/msg00002.html BugTraq ID: 34481 http://www.securityfocus.com/bid/34481 Bugtraq: 20091120 VMSA-2009-0016 VMware vCenter and ESX update release and vMA patch release address multiple security issue in third party components (Google Search) http://www.securityfocus.com/archive/1/507985/100/0/threaded Cert/CC Advisory: TA09-133A http://www.us-cert.gov/cas/techalerts/TA09-133A.html Debian Security Information: DSA-1801 (Google Search) http://www.debian.org/security/2009/dsa-1801 https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01414.html https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01449.html http://www.gentoo.org/security/en/glsa/glsa-200905-08.xml HPdes Security Advisory: HPSBUX02859 http://marc.info/?l=bugtraq&m=136482797910018&w=2 HPdes Security Advisory: SSRT101144 http://www.mandriva.com/security/advisories?name=MDVSA-2009:092 NETBSD Security Advisory: NetBSD-SA2009-006 ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2009-006.txt.asc http://osvdb.org/53593 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19392 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5411 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8386 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8665 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9634 RedHat Security Advisories: RHSA-2009:1039 http://rhn.redhat.com/errata/RHSA-2009-1039.html RedHat Security Advisories: RHSA-2009:1040 http://rhn.redhat.com/errata/RHSA-2009-1040.html RedHat Security Advisories: RHSA-2009:1651 https://rhn.redhat.com/errata/RHSA-2009-1651.html http://www.securitytracker.com/id?1022033 http://secunia.com/advisories/34608 http://secunia.com/advisories/35074 http://secunia.com/advisories/35137 http://secunia.com/advisories/35138 http://secunia.com/advisories/35166 http://secunia.com/advisories/35169 http://secunia.com/advisories/35253 http://secunia.com/advisories/35308 http://secunia.com/advisories/35336 http://secunia.com/advisories/35416 http://secunia.com/advisories/35630 http://secunia.com/advisories/37471 http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.566238 SuSE Security Announcement: SUSE-SR:2009:011 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00003.html https://usn.ubuntu.com/777-1/ http://www.vupen.com/english/advisories/2009/0999 http://www.vupen.com/english/advisories/2009/1297 http://www.vupen.com/english/advisories/2009/3316 XForce ISS Database: ntp-cookedprint-bo(49838) https://exchange.xforce.ibmcloud.com/vulnerabilities/49838
Copyright	Copyright (C) 2009 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.