Oval Definition:oval:org.mitre.oval:def:19392
Revision Date:2015-04-20Version:27
Title:HP-UX Running XNTP, Remote Denial of Service (DoS) and Execution of Arbitrary Code
Description:Stack-based buffer overflow in the cookedprint function in ntpq/ntpq.c in ntpq in NTP before 4.2.4p7-RC2 allows remote NTP servers to execute arbitrary code via a crafted response.
Family:unixClass:vulnerability
Status:ACCEPTEDReference(s):CVE-2009-0159
Platform(s):HP-UX 11
Product(s):
Definition Synopsis
  • Criteria meets HP Security Bulletin HPSBUX02927
  • HP-UX B.11.31
  • AND filesets tests
  • NTP.INETSVCS2-BOOT version is less than C.4.2.6.0.0
  • OR NTP.NTP-AUX version is less than C.4.2.6.0.0
  • OR NTP.NTP-RUN version is less than C.4.2.6.0.0
  • OR Criteria meets HP Security Bulletin HPSBUX02758
  • HP-UX B.11.31
  • AND filesets tests
  • Networking.NET-PRG is installed
  • OR Networking.NET-RUN is installed
  • OR OS-Core.SYS-ADMIN is installed
  • OR ProgSupport.C-INC is installed
  • OR Networking.NET-RUN-64 is installed
  • OR Networking.NET2-KRN is installed
  • OR Networking.NET2-RUN is installed
  • OR Networking.NMS2-KRN is installed
  • OR OS-Core.CORE2-KRN is installed
  • OR OS-Core.SYS2-ADMIN is installed
  • AND NOT Patch PHNE_42470 is installed
    • BACK