[Forgot Password]
Login  Register Subscribe

23631

 
 

115038

 
 

95906

 
 

909

 
 

77986

 
 

109

Paid content will be excluded from the download.


Download | Alert*
OVAL

DSA-1801-1 ntp -- buffer overflows

ID: oval:org.secpod.oval:def:600324Date: (C)2011-05-13   (M)2017-10-04
Class: PATCHFamily: unix




Several remote vulnerabilities have been discovered in NTP, the Network Time Protocol reference implementation. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2009-0159 A buffer overflow in ntpq allow a remote NTP server to create a denial of service attack or to execute arbitrary code via a crafted response. CVE-2009-1252 A buffer overflow in ntpd allows a remote attacker to create a denial of service attack or to execute arbitrary code when the autokey functionality is enabled. For the old stable distribution , these problems have been fixed in version 4.2.2.p4+dfsg-2etch3. For the stable distribution , these problems have been fixed in version 4.2.4p4+dfsg-8lenny2. The unstable distribution will be fixed soon. We recommend that you upgrade your ntp package.

Platform:
Debian 5.0
Debian 4.0
Product:
ntp
Reference:
DSA-1801-1
CVE-2009-0159
CVE-2009-1252
CVE    2
CVE-2009-0159
CVE-2009-1252

© 2013 SecPod Technologies