English | Deutsch | Español
 
Home ▼
Home About Us Contact Us Privacy Partner Programs Testimonials In Press Mailing Lists Abuse Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Security
Audits ▼
Home Dedicated audits Advanced audits Standard audits Recurring audits No Risk audits Desktop audits Basic audit Security Seal FAQ Price/Feature Summary Order New Tests All Tests Confidentiality Vulnerability search Run Audit Scheduler IP Permissions Audit Configuration Editor Scan Queue Reminder Notification Schedule Seal Reports Reports Style Editor
Managed
DNS ▼
About Order FAQ Acceptable Use Policy Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password
Network
Monitor ▼
Enterprise Package Advanced Package Standard Package Free Trial FAQ Price/Feature Summary Order/Renew Examples
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Login/Register 
 
 Vulnerability   
Search   		     Search 324607 CVE descriptions
and 145615 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.66472
Category:Red Hat Local Security Checks
Title:RedHat Security Advisory RHSA-2009:1648
Summary:The remote host is missing updates announced in;advisory RHSA-2009:1648.;;The Network Time Protocol (NTP) is used to synchronize a computer's time;with a referenced time source.;;Robin Park and Dmitri Vinokurov discovered a flaw in the way ntpd handled;certain malformed NTP packets. ntpd logged information about all such;packets and replied with an NTP packet that was treated as malformed when;received by another ntpd. A remote attacker could use this flaw to create;an NTP packet reply loop between two ntpd servers via a malformed packet;with a spoofed source IP address and port, causing ntpd on those servers to;use excessive amounts of CPU time and fill disk space with log messages.;(CVE-2009-3563);;All ntp users are advised to upgrade to this updated package, which;contains a backported patch to resolve this issue. After installing the;update, the ntpd daemon will restart automatically.
Description:Summary:
The remote host is missing updates announced in
advisory RHSA-2009:1648.

The Network Time Protocol (NTP) is used to synchronize a computer's time
with a referenced time source.

Robin Park and Dmitri Vinokurov discovered a flaw in the way ntpd handled
certain malformed NTP packets. ntpd logged information about all such
packets and replied with an NTP packet that was treated as malformed when
received by another ntpd. A remote attacker could use this flaw to create
an NTP packet reply loop between two ntpd servers via a malformed packet
with a spoofed source IP address and port, causing ntpd on those servers to
use excessive amounts of CPU time and fill disk space with log messages.
(CVE-2009-3563)

All ntp users are advised to upgrade to this updated package, which
contains a backported patch to resolve this issue. After installing the
update, the ntpd daemon will restart automatically.

Solution:
Please note that this update is available via
Red Hat Network. To use Red Hat Network, launch the Red
Hat Update Agent with the following command: up2date

CVSS Score:
6.4

CVSS Vector:
AV:N/AC:L/Au:N/C:N/I:P/A:P

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2009-3563
AIX APAR: IZ68659
http://www-01.ibm.com/support/docview.wss?uid=isg1IZ68659
AIX APAR: IZ71047
http://www-01.ibm.com/support/docview.wss?uid=isg1IZ71047
BugTraq ID: 37255
http://www.securityfocus.com/bid/37255
CERT/CC vulnerability note: VU#417980
https://www.kb.cert.org/vuls/id/417980
CERT/CC vulnerability note: VU#568372
http://www.kb.cert.org/vuls/id/568372
Debian Security Information: DSA-1948 (Google Search)
http://www.debian.org/security/2009/dsa-1948
https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00763.html
https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00809.html
HPdes Security Advisory: HPSBUX02639
http://marc.info/?l=bugtraq&m=130168580504508&w=2
HPdes Security Advisory: HPSBUX02859
http://marc.info/?l=bugtraq&m=136482797910018&w=2
HPdes Security Advisory: SSRT100293
HPdes Security Advisory: SSRT101144
https://lists.ntp.org/pipermail/announce/2009-December/000086.html
http://lists.vmware.com/pipermail/security-announce/2010/000082.html
NETBSD Security Advisory: NetBSD-SA2010-005
ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2010-005.txt.asc
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11225
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12141
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19376
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7076
RedHat Security Advisories: RHSA-2009:1648
https://rhn.redhat.com/errata/RHSA-2009-1648.html
RedHat Security Advisories: RHSA-2009:1651
https://rhn.redhat.com/errata/RHSA-2009-1651.html
RedHat Security Advisories: RHSA-2010:0095
https://rhn.redhat.com/errata/RHSA-2010-0095.html
http://securitytracker.com/id?1023298
http://secunia.com/advisories/37629
http://secunia.com/advisories/37922
http://secunia.com/advisories/38764
http://secunia.com/advisories/38794
http://secunia.com/advisories/38832
http://secunia.com/advisories/38834
http://secunia.com/advisories/39593
http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021781.1-1
http://www.vupen.com/english/advisories/2010/0510
http://www.vupen.com/english/advisories/2010/0528
http://www.vupen.com/english/advisories/2010/0993
CopyrightCopyright (C) 2009 E-Soft Inc.

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.



© 1998-2025 E-Soft Inc. All rights reserved.