Test ID:	1.3.6.1.4.1.25623.1.0.66515
Category:	Debian Local Security Checks
Title:	Debian: Security Advisory (DSA-1948-1)
Summary:	The remote host is missing an update for the Debian 'ntp' package(s) announced via the DSA-1948-1 advisory.
Description:	Summary: The remote host is missing an update for the Debian 'ntp' package(s) announced via the DSA-1948-1 advisory. Vulnerability Insight: Robin Park and Dmitri Vinokurov discovered that the daemon component of the ntp package, a reference implementation of the NTP protocol, is not properly reacting to certain incoming packets. An unexpected NTP mode 7 packet (MODE_PRIVATE) with spoofed IP data can lead ntpd to reply with a mode 7 response to the spoofed address. This may result in the service playing packet ping-pong with other ntp servers or even itself which causes CPU usage and excessive disk use due to logging. An attacker can use this to conduct denial of service attacks. For the oldstable distribution (etch), this problem has been fixed in version 1:4.2.2.p4+dfsg-2etch4. For the stable distribution (lenny), this problem has been fixed in version 1:4.2.4p4+dfsg-8lenny3. For the testing (squeeze) and unstable (sid) distribution, this problem will be fixed soon. We recommend that you upgrade your ntp packages. Affected Software/OS: 'ntp' package(s) on Debian 4, Debian 5. Solution: Please install the updated package(s). CVSS Score: 6.4 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:P/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2009-3563 AIX APAR: IZ68659 http://www-01.ibm.com/support/docview.wss?uid=isg1IZ68659 AIX APAR: IZ71047 http://www-01.ibm.com/support/docview.wss?uid=isg1IZ71047 BugTraq ID: 37255 http://www.securityfocus.com/bid/37255 CERT/CC vulnerability note: VU#417980 https://www.kb.cert.org/vuls/id/417980 CERT/CC vulnerability note: VU#568372 http://www.kb.cert.org/vuls/id/568372 Debian Security Information: DSA-1948 (Google Search) http://www.debian.org/security/2009/dsa-1948 https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00763.html https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00809.html HPdes Security Advisory: HPSBUX02639 http://marc.info/?l=bugtraq&m=130168580504508&w=2 HPdes Security Advisory: HPSBUX02859 http://marc.info/?l=bugtraq&m=136482797910018&w=2 HPdes Security Advisory: SSRT100293 HPdes Security Advisory: SSRT101144 https://lists.ntp.org/pipermail/announce/2009-December/000086.html http://lists.vmware.com/pipermail/security-announce/2010/000082.html NETBSD Security Advisory: NetBSD-SA2010-005 ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2010-005.txt.asc https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11225 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12141 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19376 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7076 RedHat Security Advisories: RHSA-2009:1648 https://rhn.redhat.com/errata/RHSA-2009-1648.html RedHat Security Advisories: RHSA-2009:1651 https://rhn.redhat.com/errata/RHSA-2009-1651.html RedHat Security Advisories: RHSA-2010:0095 https://rhn.redhat.com/errata/RHSA-2010-0095.html http://securitytracker.com/id?1023298 http://secunia.com/advisories/37629 http://secunia.com/advisories/37922 http://secunia.com/advisories/38764 http://secunia.com/advisories/38794 http://secunia.com/advisories/38832 http://secunia.com/advisories/38834 http://secunia.com/advisories/39593 http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021781.1-1 http://www.vupen.com/english/advisories/2010/0510 http://www.vupen.com/english/advisories/2010/0528 http://www.vupen.com/english/advisories/2010/0993
Copyright	Copyright (C) 2009 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.