Oval Definition:oval:org.mitre.oval:def:19376
Revision Date:2015-04-20Version:26
Title:HP-UX Running XNTP, Remote Denial of Service (DoS) and Execution of Arbitrary Code
Description:ntp_request.c in ntpd in NTP before 4.2.4p8, and 4.2.5, allows remote attackers to cause a denial of service (CPU and bandwidth consumption) by using MODE_PRIVATE to send a spoofed (1) request or (2) response packet that triggers a continuous exchange of MODE_PRIVATE error responses between two NTP daemons.
Family:unixClass:vulnerability
Status:ACCEPTEDReference(s):CVE-2009-3563
Platform(s):HP-UX 11
Product(s):
Definition Synopsis
  • Criteria meets HP Security Bulletin HPSBUX02927
  • HP-UX B.11.31
  • AND filesets tests
  • NTP.INETSVCS2-BOOT version is less than C.4.2.6.0.0
  • OR NTP.NTP-AUX version is less than C.4.2.6.0.0
  • OR NTP.NTP-RUN version is less than C.4.2.6.0.0
  • OR Criteria meets HP Security Bulletin HPSBUX02758
  • HP-UX B.11.31
  • AND filesets tests
  • Networking.NET-PRG is installed
  • OR Networking.NET-RUN is installed
  • OR OS-Core.SYS-ADMIN is installed
  • OR ProgSupport.C-INC is installed
  • OR Networking.NET-RUN-64 is installed
  • OR Networking.NET2-KRN is installed
  • OR Networking.NET2-RUN is installed
  • OR Networking.NMS2-KRN is installed
  • OR OS-Core.CORE2-KRN is installed
  • OR OS-Core.SYS2-ADMIN is installed
  • AND NOT Patch PHNE_42470 is installed
    • BACK