ID de Prueba:	1.3.6.1.4.1.25623.1.0.64207
Categoría:	FreeBSD Local Security Checks
Título:	FreeBSD Security Advisory (FreeBSD-SA-09:11.ntpd.asc)
Resumen:	The remote host is missing an update to the system; as announced in the referenced advisory FreeBSD-SA-09:11.ntpd.asc
Descripción:	Summary: The remote host is missing an update to the system as announced in the referenced advisory FreeBSD-SA-09:11.ntpd.asc Vulnerability Insight: The ntpd(8) daemon is an implementation of the Network Time Protocol (NTP) used to synchronize the time of a computer system to a reference time source. Autokey is a security model for authenticating Network Time Protocol (NTP) servers to clients, using public key cryptography. The ntpd(8) daemon is prone to a stack-based buffer-overflow when it is configured to use the 'autokey' security model. Solution: Upgrade your system to the appropriate stable release or security branch dated after the correction date. CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2009-1252 BugTraq ID: 35017 http://www.securityfocus.com/bid/35017 Bugtraq: 20091120 VMSA-2009-0016 VMware vCenter and ESX update release and vMA patch release address multiple security issue in third party components (Google Search) http://www.securityfocus.com/archive/1/507985/100/0/threaded CERT/CC vulnerability note: VU#853097 http://www.kb.cert.org/vuls/id/853097 Debian Security Information: DSA-1801 (Google Search) http://www.debian.org/security/2009/dsa-1801 https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01414.html https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01449.html https://www.redhat.com/archives/fedora-package-announce/2009-June/msg00293.html FreeBSD Security Advisory: FreeBSD-SA-09:11 http://security.freebsd.org/advisories/FreeBSD-SA-09:11.ntpd.asc http://www.gentoo.org/security/en/glsa/glsa-200905-08.xml http://www.mandriva.com/security/advisories?name=MDVSA-2009:117 https://launchpad.net/bugs/cve/2009-1252 NETBSD Security Advisory: NetBSD-SA2009-006 ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2009-006.txt.asc https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11231 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6307 RedHat Security Advisories: RHSA-2009:1039 http://rhn.redhat.com/errata/RHSA-2009-1039.html RedHat Security Advisories: RHSA-2009:1040 http://rhn.redhat.com/errata/RHSA-2009-1040.html http://www.securitytracker.com/id?1022243 http://secunia.com/advisories/35137 http://secunia.com/advisories/35138 http://secunia.com/advisories/35166 http://secunia.com/advisories/35169 http://secunia.com/advisories/35243 http://secunia.com/advisories/35253 http://secunia.com/advisories/35308 http://secunia.com/advisories/35336 http://secunia.com/advisories/35388 http://secunia.com/advisories/35416 http://secunia.com/advisories/35630 http://secunia.com/advisories/37470 http://secunia.com/advisories/37471 http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.566238 SuSE Security Announcement: SUSE-SR:2009:011 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00003.html https://usn.ubuntu.com/777-1/ http://www.vupen.com/english/advisories/2009/1361 http://www.vupen.com/english/advisories/2009/3316
Copyright	Copyright (C) 2009 E-Soft Inc.

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.