ID de Prueba:	1.3.6.1.4.1.25623.1.0.900623
Categoría:	Buffer overflow
Título:	NTP.org 'ntpd' Stack Buffer Overflow Vulnerability
Resumen:	NTP.org's reference implementation of NTP server, ntpd is prone to multiple stack buffer overflow vulnerabilities.
Descripción:	Summary: NTP.org's reference implementation of NTP server, ntpd is prone to multiple stack buffer overflow vulnerabilities. Vulnerability Insight: The flaw is due to a boundary error within the cookedprint() function in ntpq/ntpq.c while processing malicious response from a specially crafted remote time server. Vulnerability Impact: Successful exploitation will allow attackers to execute arbitrary code or to cause the application to crash. Affected Software/OS: NTPd version prior to 4.2.4p7-RC2. Solution: Update to version 4.2.4p7-RC2 or later. CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2009-0159 http://lists.apple.com/archives/security-announce/2009/May/msg00002.html BugTraq ID: 34481 http://www.securityfocus.com/bid/34481 Bugtraq: 20091120 VMSA-2009-0016 VMware vCenter and ESX update release and vMA patch release address multiple security issue in third party components (Google Search) http://www.securityfocus.com/archive/1/507985/100/0/threaded Cert/CC Advisory: TA09-133A http://www.us-cert.gov/cas/techalerts/TA09-133A.html Debian Security Information: DSA-1801 (Google Search) http://www.debian.org/security/2009/dsa-1801 https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01414.html https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01449.html http://www.gentoo.org/security/en/glsa/glsa-200905-08.xml HPdes Security Advisory: HPSBUX02859 http://marc.info/?l=bugtraq&m=136482797910018&w=2 HPdes Security Advisory: SSRT101144 http://www.mandriva.com/security/advisories?name=MDVSA-2009:092 NETBSD Security Advisory: NetBSD-SA2009-006 ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2009-006.txt.asc http://osvdb.org/53593 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19392 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5411 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8386 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8665 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9634 RedHat Security Advisories: RHSA-2009:1039 http://rhn.redhat.com/errata/RHSA-2009-1039.html RedHat Security Advisories: RHSA-2009:1040 http://rhn.redhat.com/errata/RHSA-2009-1040.html RedHat Security Advisories: RHSA-2009:1651 https://rhn.redhat.com/errata/RHSA-2009-1651.html http://www.securitytracker.com/id?1022033 http://secunia.com/advisories/34608 http://secunia.com/advisories/35074 http://secunia.com/advisories/35137 http://secunia.com/advisories/35138 http://secunia.com/advisories/35166 http://secunia.com/advisories/35169 http://secunia.com/advisories/35253 http://secunia.com/advisories/35308 http://secunia.com/advisories/35336 http://secunia.com/advisories/35416 http://secunia.com/advisories/35630 http://secunia.com/advisories/37471 http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.566238 SuSE Security Announcement: SUSE-SR:2009:011 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00003.html https://usn.ubuntu.com/777-1/ http://www.vupen.com/english/advisories/2009/0999 http://www.vupen.com/english/advisories/2009/1297 http://www.vupen.com/english/advisories/2009/3316 XForce ISS Database: ntp-cookedprint-bo(49838) https://exchange.xforce.ibmcloud.com/vulnerabilities/49838
Copyright	Copyright (C) 2009 Greenbone AG

Esta es sólo una de 145615 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.