ID de Prueba:	1.3.6.1.4.1.25623.1.0.10647
Categoría:	Gain root remotely
Título:	ntpd overflow
Resumen:	NOSUMMARY
Descripción:	Description: The remote NTP server was vulnerable to a buffer overflow attack which allows anyone to use it to execute arbitrary code as root. Solution : disable this service if you do not use it, or upgrade Risk factor : High
Referencia Cruzada:	BugTraq ID: 2540 Common Vulnerability Exposure (CVE) ID: CVE-2001-0414 http://www.securityfocus.com/bid/2540 Bugtraq: 20010404 ntpd =< 4.0.99k remote buffer overflow (Google Search) http://marc.info/?l=bugtraq&m=98642418618512&w=2 Bugtraq: 20010405 Re: ntpd =< 4.0.99k remote buffer overflow] (Google Search) http://marc.info/?l=bugtraq&m=98654963328381&w=2 Bugtraq: 20010406 Immunix OS Security update for ntp and xntp3 (Google Search) http://marc.info/?l=bugtraq&m=98659782815613&w=2 Bugtraq: 20010408 [slackware-security] buffer overflow fix for NTP (Google Search) http://marc.info/?l=bugtraq&m=98679815917014&w=2 Bugtraq: 20010409 PROGENY-SA-2001-02: ntpd remote buffer overflow (Google Search) http://marc.info/?l=bugtraq&m=98684202610470&w=2 Bugtraq: 20010409 [ESA-20010409-01] xntp buffer overflow (Google Search) http://archives.neohapsis.com/archives/bugtraq/2001-04/0127.html Bugtraq: 20010409 ntp-4.99k23.tar.gz is available (Google Search) http://marc.info/?l=bugtraq&m=98683952401753&w=2 Bugtraq: 20010409 ntpd - new Debian 2.2 (potato) version is also vulnerable (Google Search) http://marc.info/?l=bugtraq&m=98684532921941&w=2 Bugtraq: 20010413 PROGENY-SA-2001-02A: [UPDATE] ntpd remote buffer overflow (Google Search) http://archives.neohapsis.com/archives/bugtraq/2001-04/0225.html Bugtraq: 20010418 IBM MSS Outside Advisory Redistribution: IBM AIX: Buffer Overflow Vulnerability in (x)ntp (Google Search) http://archives.neohapsis.com/archives/bugtraq/2001-04/0314.html Caldera Security Advisory: CSSA-2001-013 http://www.calderasystems.com/support/security/advisories/CSSA-2001-013.0.txt Conectiva Linux advisory: CLA-2001:392 http://distro.conectiva.com.br/atualizacoes/?id=a&anuncio=000392 Debian Security Information: DSA-045 (Google Search) https://www.debian.org/security/2001/dsa-045 FreeBSD Security Advisory: FreeBSD-SA-01:31 ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-01:31.ntpd.asc http://www.linux-mandrake.com/en/security/2001/MDKSA-2001-036.php3 NETBSD Security Advisory: NetBSD-SA2001-004 ftp://ftp.netbsd.org/pub/NetBSD/misc/security/advisories/NetBSD-SA2001-004.txt.asc http://www.osvdb.org/805 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A3831 http://www.redhat.com/support/errata/RHSA-2001-045.html SCO Security Bulletin: SSE073 ftp://ftp.sco.com/SSE/sse073.ltr SCO Security Bulletin: SSE074 ftp://ftp.sco.com/SSE/sse074.ltr SuSE Security Announcement: SuSE-SA:2001:10 (Google Search) http://lists.suse.com/archives/suse-security-announce/2001-Apr/0000.html XForce ISS Database: ntpd-remote-bo(6321) https://exchange.xforce.ibmcloud.com/vulnerabilities/6321
Copyright	This script is Copyright (C) 2001 Renaud Deraison

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.