Test ID:	1.3.6.1.4.1.25623.1.0.66662
Category:	FreeBSD Local Security Checks
Title:	FreeBSD Security Advisory (FreeBSD-SA-10:02.ntpd.asc)
Summary:	The remote host is missing an update to the system; as announced in the referenced advisory FreeBSD-SA-10:02.ntpd.asc
Description:	Summary: The remote host is missing an update to the system as announced in the referenced advisory FreeBSD-SA-10:02.ntpd.asc Vulnerability Insight: The ntpd(8) daemon is an implementation of the Network Time Protocol (NTP) used to synchronize the time of a computer system to a reference time source. If ntpd receives a mode 7 (MODE_PRIVATE) request or error response from a source address not listed in either a 'restrict ... noquery' or a 'restrict ... ignore' section it will log the even and send a mode 7 error response. Solution: Upgrade your system to the appropriate stable release or security branch dated after the correction date. CVSS Score: 6.4 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:P/A:P
Cross-Ref:	Common Vulnerability Exposure (CVE) ID: CVE-2009-3563 AIX APAR: IZ68659 http://www-01.ibm.com/support/docview.wss?uid=isg1IZ68659 AIX APAR: IZ71047 http://www-01.ibm.com/support/docview.wss?uid=isg1IZ71047 BugTraq ID: 37255 http://www.securityfocus.com/bid/37255 CERT/CC vulnerability note: VU#417980 https://www.kb.cert.org/vuls/id/417980 CERT/CC vulnerability note: VU#568372 http://www.kb.cert.org/vuls/id/568372 Debian Security Information: DSA-1948 (Google Search) http://www.debian.org/security/2009/dsa-1948 https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00763.html https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00809.html HPdes Security Advisory: HPSBUX02639 http://marc.info/?l=bugtraq&m=130168580504508&w=2 HPdes Security Advisory: HPSBUX02859 http://marc.info/?l=bugtraq&m=136482797910018&w=2 HPdes Security Advisory: SSRT100293 HPdes Security Advisory: SSRT101144 https://lists.ntp.org/pipermail/announce/2009-December/000086.html http://lists.vmware.com/pipermail/security-announce/2010/000082.html NETBSD Security Advisory: NetBSD-SA2010-005 ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2010-005.txt.asc https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11225 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12141 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19376 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7076 RedHat Security Advisories: RHSA-2009:1648 https://rhn.redhat.com/errata/RHSA-2009-1648.html RedHat Security Advisories: RHSA-2009:1651 https://rhn.redhat.com/errata/RHSA-2009-1651.html RedHat Security Advisories: RHSA-2010:0095 https://rhn.redhat.com/errata/RHSA-2010-0095.html http://securitytracker.com/id?1023298 http://secunia.com/advisories/37629 http://secunia.com/advisories/37922 http://secunia.com/advisories/38764 http://secunia.com/advisories/38794 http://secunia.com/advisories/38832 http://secunia.com/advisories/38834 http://secunia.com/advisories/39593 http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021781.1-1 http://www.vupen.com/english/advisories/2010/0510 http://www.vupen.com/english/advisories/2010/0528 http://www.vupen.com/english/advisories/2010/0993
Copyright	Copyright (C) 2010 E-Soft Inc.

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit. To run a free test of this vulnerability against your system, register below.