Oval Definition:	oval:org.mitre.oval:def:7379
Revision Date: 2015-02-23 Version: 21 Title: DSA-1948 ntp -- denial of service Description: Robin Park and Dmitri Vinokurov discovered that the daemon component of the ntp package, a reference implementation of the NTP protocol, is not properly reacting to certain incoming packets. An unexpected NTP mode 7 packet with spoofed IP data can lead ntpd to reply with a mode 7 response to the spoofed address. This may result in the service playing packet ping-pong with other ntp servers or even itself which causes CPU usage and excessive disk use due to logging. An attacker can use this to conduct denial of service attacks. Family: unix Class: patch Status: ACCEPTED Reference(s): CVE-2009-3563 DSA-1948 Platform(s): Debian GNU/Linux 4.0 Debian GNU/Linux 5.0 Product(s): ntp Definition Synopsis Release section Debian GNU/Linux 5.0 is installed AND Architecture section Architecture independent section Installed architecture is all AND ntp-doc is earlier than 1:4.2.4p4+dfsg-8lenny3 OR Architecture dependent section Supported architectures section Installed architecture is s390 OR Installed architecture is amd64 OR Installed architecture is arm OR Installed architecture is i386 OR Installed architecture is armel OR Installed architecture is mips OR Installed architecture is ia64 OR Installed architecture is alpha OR Installed architecture is powerpc OR Installed architecture is mipsel OR Installed architecture is hppa AND Packages section ntpdate is earlier than 1:4.2.4p4+dfsg-8lenny3 OR ntp is earlier than 1:4.2.4p4+dfsg-8lenny3 OR Release section Debian GNU/Linux 4.0 is installed. AND Architecture section Architecture independent section Installed architecture is all AND Packages section ntp-doc is earlier than 1:4.2.2.p4+dfsg-2etch4 OR ntp-simple is earlier than 1:4.2.2.p4+dfsg-2etch4 OR ntp-refclock is earlier than 1:4.2.2.p4+dfsg-2etch4 OR ntp is earlier than 1:4.2.2.p4+dfsg-2etch4 OR ntpdate is earlier than 1:4.2.2.p4+dfsg-2etch4
BACK