ID de Prueba:	1.3.6.1.4.1.25623.1.0.150698
Categoría:	Denial of Service
Título:	NTP < 4.2.8p3 DoS Vulnerability
Resumen:	Under limited and specific circumstances an attacker can send a; crafted packet to cause a vulnerable ntpd instance to crash. This requires each of the following; to be true:;; - ntpd set up to allow for remote configuration (not allowed by default), and;; - knowledge of the configuration password, and;; - access to a computer entrusted to perform remote configuration.
Descripción:	Summary: Under limited and specific circumstances an attacker can send a crafted packet to cause a vulnerable ntpd instance to crash. This requires each of the following to be true: - ntpd set up to allow for remote configuration (not allowed by default), and - knowledge of the configuration password, and - access to a computer entrusted to perform remote configuration. Vulnerability Insight: Please see the references for more information on the vulnerabilities. Affected Software/OS: NTPd version prior to 4.2.8p3, 4.3.x prior to version 4.3.25. Solution: Update to version 4.2.8p3, 4.3.25 or later. CVSS Score: 3.5 CVSS Vector: AV:N/AC:M/Au:S/C:N/I:N/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2015-5146 BugTraq ID: 75589 http://www.securityfocus.com/bid/75589 Debian Security Information: DSA-3388 (Google Search) http://www.debian.org/security/2015/dsa-3388 http://lists.fedoraproject.org/pipermail/package-announce/2015-October/169167.html http://lists.fedoraproject.org/pipermail/package-announce/2015-September/166992.html http://lists.fedoraproject.org/pipermail/package-announce/2015-November/170926.html https://security.gentoo.org/glsa/201509-01 http://www.securitytracker.com/id/1034168
Copyright	Copyright (C) 2021 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.