 |
Inicial ▼ Bookkeeping
Online ▼ Auditorias ▼
DNS
Administrado ▼
Acerca de DNS
Ordenar/Renovar
Preguntas Frecuentes
AUP
Dynamic DNS Clients
Configurar Dominios Dynamic DNS Update Password Monitoreo
de Redes ▼
Enterprise
Avanzado
Estándarr
Prueba
Preguntas Frecuentes
Resumen de Precio/Funciones
Ordenar
Muestras
Configure/Status Alert Profiles | ||
| ID de Prueba: | 1.3.6.1.4.1.25623.1.0.105920 |
| Categoría: | JunOS Local Security Checks |
| Título: | Juniper Networks Junos OS NTP Server Amplification Denial of Service Vulnerability |
| Resumen: | DoS in NTP server |
| Descripción: | Summary: DoS in NTP server Vulnerability Insight: When an NTP client or server is enabled within the [edit system ntp] hierarchy level of the Junos configuration, REQ_MON_GETLIST and REQ_MON_GETLIST_1 control messages supported by the monlist feature within NTP may allow remote attackers to cause a denial of service. NTP is not enabled in Junos by default. Vulnerability Impact: If NTP is enabled an attacker can exploit the control messages to use it as part of a DoS attack against a remote victim or as the target of an attack against the device itself. Affected Software/OS: Junos OS 11.4, 12.1, 12.2, 12.3, 13.1, 13.2, 13.3 Solution: New builds of Junos OS software are available from Juniper. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P |
| Referencia Cruzada: |
Common Vulnerability Exposure (CVE) ID: CVE-2013-5211 BugTraq ID: 64692 http://www.securityfocus.com/bid/64692 Cert/CC Advisory: TA14-013A http://www.us-cert.gov/ncas/alerts/TA14-013A CERT/CC vulnerability note: VU#348126 http://www.kb.cert.org/vuls/id/348126 HPdes Security Advisory: HPSBOV03505 http://marc.info/?l=bugtraq&m=144182594518755&w=2 HPdes Security Advisory: HPSBUX02960 http://marc.info/?l=bugtraq&m=138971294629419&w=2 HPdes Security Advisory: SSRT101419 http://ics-cert.us-cert.gov/advisories/ICSA-14-051-04 http://openwall.com/lists/oss-security/2013/12/30/6 http://openwall.com/lists/oss-security/2013/12/30/7 http://lists.ntp.org/pipermail/pool/2011-December/005616.html http://www.securitytracker.com/id/1030433 http://secunia.com/advisories/59288 http://secunia.com/advisories/59726 SuSE Security Announcement: openSUSE-SU-2014:1149 (Google Search) http://lists.opensuse.org/opensuse-updates/2014-09/msg00031.html |
| Copyright | Copyright (C) 2014 Greenbone AG |
| Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora. |