Mageia Linux Local Security Checks : Mageia: Security Advisory (MGASA-2014-0032)

Anfälligkeitssuche		Suche in 324607 CVE Beschreibungen und 145615 Test Beschreibungen, Zugriff auf 10,000+ Quellverweise.
	Tests CVE Alle

Test Kennung: 1.3.6.1.4.1.25623.1.1.10.2014.0032

Kategorie: Mageia Linux Local Security Checks

Titel: Mageia: Security Advisory (MGASA-2014-0032)

Zusammenfassung: The remote host is missing an update for the 'ntp' package(s) announced via the MGASA-2014-0032 advisory.

Beschreibung: Summary:
The remote host is missing an update for the 'ntp' package(s) announced via the MGASA-2014-0032 advisory.

Vulnerability Insight:
The 'monlist' command of the NTP protocol is currently abused in a DDoS
reflection attack. This is done by spoofing packets from addresses to
which the attack is directed to. The ntp installations itself are not
target of the attack, but they are part of the DDoS network which the
attacker is driving (CVE-2013-5211).

** IMPORTANT **

Note: the workaround for this issue is not a change in the software, but
instead is a change in the default configuration. In most cases, the
configuration change will need to be made manually by administrators in
the /etc/ntp.conf file, as the package will only install the updated
configuration as /etc/ntp.conf.rpmnew. The following lines should be added
to the end of /etc/ntp.conf:

# Permit time synchronization with our time source, but do not
# permit the source to query or modify the service on this system.
restrict default nomodify notrap nopeer noquery

Affected Software/OS:
'ntp' package(s) on Mageia 3.

Solution:
Please install the updated package(s).

CVSS Score:
5.0

CVSS Vector:
AV:N/AC:L/Au:N/C:N/I:N/A:P

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2013-5211
BugTraq ID: 64692
http://www.securityfocus.com/bid/64692
Cert/CC Advisory: TA14-013A
http://www.us-cert.gov/ncas/alerts/TA14-013A
CERT/CC vulnerability note: VU#348126
http://www.kb.cert.org/vuls/id/348126
HPdes Security Advisory: HPSBOV03505
http://marc.info/?l=bugtraq&m=144182594518755&w=2
HPdes Security Advisory: HPSBUX02960
http://marc.info/?l=bugtraq&m=138971294629419&w=2
HPdes Security Advisory: SSRT101419
http://ics-cert.us-cert.gov/advisories/ICSA-14-051-04
http://openwall.com/lists/oss-security/2013/12/30/6
http://openwall.com/lists/oss-security/2013/12/30/7
http://lists.ntp.org/pipermail/pool/2011-December/005616.html
http://www.securitytracker.com/id/1030433
http://secunia.com/advisories/59288
http://secunia.com/advisories/59726
SuSE Security Announcement: openSUSE-SU-2014:1149 (Google Search)
http://lists.opensuse.org/opensuse-updates/2014-09/msg00031.html

Copyright Copyright (C) 2022 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.
Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.

Test Kennung:	1.3.6.1.4.1.25623.1.1.10.2014.0032
Kategorie:	Mageia Linux Local Security Checks
Titel:	Mageia: Security Advisory (MGASA-2014-0032)
Zusammenfassung:	The remote host is missing an update for the 'ntp' package(s) announced via the MGASA-2014-0032 advisory.
Beschreibung:	Summary: The remote host is missing an update for the 'ntp' package(s) announced via the MGASA-2014-0032 advisory. Vulnerability Insight: The 'monlist' command of the NTP protocol is currently abused in a DDoS reflection attack. This is done by spoofing packets from addresses to which the attack is directed to. The ntp installations itself are not target of the attack, but they are part of the DDoS network which the attacker is driving (CVE-2013-5211). IMPORTANT Note: the workaround for this issue is not a change in the software, but instead is a change in the default configuration. In most cases, the configuration change will need to be made manually by administrators in the /etc/ntp.conf file, as the package will only install the updated configuration as /etc/ntp.conf.rpmnew. The following lines should be added to the end of /etc/ntp.conf: # Permit time synchronization with our time source, but do not # permit the source to query or modify the service on this system. restrict default nomodify notrap nopeer noquery Affected Software/OS: 'ntp' package(s) on Mageia 3. Solution: Please install the updated package(s). CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2013-5211 BugTraq ID: 64692 http://www.securityfocus.com/bid/64692 Cert/CC Advisory: TA14-013A http://www.us-cert.gov/ncas/alerts/TA14-013A CERT/CC vulnerability note: VU#348126 http://www.kb.cert.org/vuls/id/348126 HPdes Security Advisory: HPSBOV03505 http://marc.info/?l=bugtraq&m=144182594518755&w=2 HPdes Security Advisory: HPSBUX02960 http://marc.info/?l=bugtraq&m=138971294629419&w=2 HPdes Security Advisory: SSRT101419 http://ics-cert.us-cert.gov/advisories/ICSA-14-051-04 http://openwall.com/lists/oss-security/2013/12/30/6 http://openwall.com/lists/oss-security/2013/12/30/7 http://lists.ntp.org/pipermail/pool/2011-December/005616.html http://www.securitytracker.com/id/1030433 http://secunia.com/advisories/59288 http://secunia.com/advisories/59726 SuSE Security Announcement: openSUSE-SU-2014:1149 (Google Search) http://lists.opensuse.org/opensuse-updates/2014-09/msg00031.html
Copyright	Copyright (C) 2022 Greenbone AG