English | Deutsch | Español
 
Inicial ▼
Página inicial Acerca Nuestro Contáctenos Privacidad Programas de Asociados Testimonios En la Prensa Listas de Correos Abuso Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
 
Auditorias ▼
Inicial Dedicada Avanzada Estándar Periódica Sin Riesgo Escritorio Básica Sello FAQ Resumen de Precio/Funciones Ordenar Nuevas Pruebas Todas las Pruebas Confidencialidad Búsqueda de Vulnerabilidad Ejecutar Auditoría Programador IP Permissions Auditorías Personalizadas Cola Recordatorio Sellos Informes Estilos de Informes
DNS
Administrado ▼
Acerca de DNS Ordenar/Renovar Preguntas Frecuentes AUP Dynamic DNS Clients
Configurar Dominios Dynamic DNS Update Password
Monitoreo
de Redes ▼
Enterprise Avanzado Estándarr Prueba Preguntas Frecuentes Resumen de Precio/Funciones Ordenar Muestras
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Iniciar sesión/Registrarse 
 
 Búsqueda de    
Vulnerabilidad   		     Buscar 324607 Descripciones CVE y
145615 Descripciones de Pruebas,
accesos 10,000+ referencias cruzadas.
Pruebas   CVE   Todos  

ID de Prueba:1.3.6.1.4.1.25623.1.0.63743
Categoría:Gentoo Local Security Checks
Título:Gentoo Security Advisory GLSA 200904-05 (ntp)
Resumen:The remote host is missing updates announced in;advisory GLSA 200904-05.
Descripción:Summary:
The remote host is missing updates announced in
advisory GLSA 200904-05.

Vulnerability Insight:
An error in the OpenSSL certificate chain validation in ntp might allow for
spoofing attacks.

Solution:
All ntp users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose '>=net-misc/ntp-4.2.4_p6'

CVSS Score:
5.8

CVSS Vector:
AV:N/AC:M/Au:N/C:N/I:P/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2008-5077
1021523
http://www.securitytracker.com/id?1021523
20090107 [oCERT-2008-016] Multiple OpenSSL signature verification API misuses
http://www.securityfocus.com/archive/1/499827/100/0/threaded
20090401 VMSA-2009-0004 ESX Service Console updates for openssl, bind, and vim
http://www.securityfocus.com/archive/1/502322/100/0/threaded
250826
http://sunsolve.sun.com/search/document.do?assetkey=1-66-250826-1
33150
http://www.securityfocus.com/bid/33150
33338
http://secunia.com/advisories/33338
33394
http://secunia.com/advisories/33394
33436
http://secunia.com/advisories/33436
33557
http://secunia.com/advisories/33557
33673
http://secunia.com/advisories/33673
33765
http://secunia.com/advisories/33765
34211
http://secunia.com/advisories/34211
35074
http://secunia.com/advisories/35074
35108
http://secunia.com/advisories/35108
39005
http://secunia.com/advisories/39005
ADV-2009-0040
http://www.vupen.com/english/advisories/2009/0040
ADV-2009-0289
http://www.vupen.com/english/advisories/2009/0289
ADV-2009-0362
http://www.vupen.com/english/advisories/2009/0362
ADV-2009-0558
http://www.vupen.com/english/advisories/2009/0558
ADV-2009-0904
http://www.vupen.com/english/advisories/2009/0904
ADV-2009-0913
http://www.vupen.com/english/advisories/2009/0913
ADV-2009-1297
http://www.vupen.com/english/advisories/2009/1297
ADV-2009-1338
http://www.vupen.com/english/advisories/2009/1338
APPLE-SA-2009-05-12
http://lists.apple.com/archives/security-announce/2009/May/msg00002.html
GLSA-200902-02
http://security.gentoo.org/glsa/glsa-200902-02.xml
HPSBMA02426
http://marc.info/?l=bugtraq&m=124277349419254&w=2
HPSBOV02540
http://marc.info/?l=bugtraq&m=127678688104458&w=2
HPSBUX02418
http://marc.info/?l=bugtraq&m=123859864430555&w=2
RHSA-2009:0004
http://www.redhat.com/support/errata/RHSA-2009-0004.html
SSA:2009-014-01
http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.544796
SSRT090002
SSRT090053
SUSE-SU-2011:0847
http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00014.html
TA09-133A
http://www.us-cert.gov/cas/techalerts/TA09-133A.html
USN-704-1
https://usn.ubuntu.com/704-1/
http://support.apple.com/kb/HT3549
http://support.avaya.com/elmodocs2/security/ASA-2009-038.htm
http://support.nortel.com/go/main.jsp?cscat=BLTNDETAIL&id=837653
http://voodoo-circle.sourceforge.net/sa/sa-20090123-01.html
http://www.ocert.org/advisories/ocert-2008-016.html
http://www.openssl.org/news/secadv_20090107.txt
http://www.vmware.com/security/advisories/VMSA-2009-0004.html
openSUSE-SU-2011:0845
http://lists.opensuse.org/opensuse-security-announce/2011-07/msg00013.html
oval:org.mitre.oval:def:6380
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6380
oval:org.mitre.oval:def:9155
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9155
Common Vulnerability Exposure (CVE) ID: CVE-2009-0021
1021533
http://www.securitytracker.com/id?1021533
33406
http://secunia.com/advisories/33406
33558
http://secunia.com/advisories/33558
33648
http://secunia.com/advisories/33648
34642
http://secunia.com/advisories/34642
ADV-2009-0042
http://www.vupen.com/english/advisories/2009/0042
RHSA-2009:0046
http://www.redhat.com/support/errata/RHSA-2009-0046.html
SSA:2009-014-03
http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.531177
SUSE-SR:2009:005
http://lists.opensuse.org/opensuse-security-announce/2009-03/msg00000.html
SUSE-SR:2009:008
http://lists.opensuse.org/opensuse-security-announce/2009-04/msg00003.html
[announce] 20090108 NTP 4.2.4p6 Released
https://lists.ntp.org/pipermail/announce/2009-January/000055.html
oval:org.mitre.oval:def:10035
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A10035
CopyrightCopyright (C) 2009 E-Soft Inc.

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.

Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.



© 1998-2025 E-Soft Inc. Todos los derechos reservados.