Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:
Category:Fedora Local Security Checks
Title:Fedora Core 9 FEDORA-2009-5275 (ntp)
The remote host is missing an update to ntp
announced via advisory FEDORA-2009-5275.

Update Information:

This update fixes a denial of service issue if autokey is enabled (default is
disabled) and a crash in ntpq.


* Tue May 19 2009 Miroslav Lichvar 4.2.4p7-1.fc9
- update to 4.2.4p7 (CVE-2009-1252, CVE-2009-0159)
- don't log STA_MODE changes


[ 1 ] Bug #499694 - CVE-2009-1252 ntp: remote arbitrary code execution vulnerability if autokeys is enabled
[ 2 ] Bug #490617 - CVE-2009-0159 ntp: buffer overflow in ntpq

Solution: Apply the appropriate updates.

This update can be installed with the yum update program. Use
su -c 'yum update ntp' at the command line.
For more information, refer to Managing Software with yum,
available at

CVSS Score:

CVSS Vector:

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2009-1252
BugTraq ID: 35017
Bugtraq: 20091120 VMSA-2009-0016 VMware vCenter and ESX update release and vMA patch release address multiple security issue in third party components (Google Search)
CERT/CC vulnerability note: VU#853097
Debian Security Information: DSA-1801 (Google Search)
FreeBSD Security Advisory: FreeBSD-SA-09:11
NETBSD Security Advisory: NetBSD-SA2009-006
RedHat Security Advisories: RHSA-2009:1039
RedHat Security Advisories: RHSA-2009:1040
SuSE Security Announcement: SUSE-SR:2009:011 (Google Search)
Common Vulnerability Exposure (CVE) ID: CVE-2009-0159
BugTraq ID: 34481
Cert/CC Advisory: TA09-133A
HPdes Security Advisory: HPSBUX02859
HPdes Security Advisory: SSRT101144
RedHat Security Advisories: RHSA-2009:1651
XForce ISS Database: ntp-cookedprint-bo(49838)
Common Vulnerability Exposure (CVE) ID: CVE-2009-0021
Bugtraq: 20090107 [oCERT-2008-016] Multiple OpenSSL signature verification API misuses (Google Search)
SuSE Security Announcement: SUSE-SR:2009:005 (Google Search)
SuSE Security Announcement: SUSE-SR:2009:008 (Google Search)
CopyrightCopyright (c) 2009 E-Soft Inc.

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.

© 1998-2022 E-Soft Inc. All rights reserved.