Lucene search
Copyright (C) 2009 Greenbone AGOPENVAS:136141256231066515HistoryDec 14, 2009 - 12:00 a.m.
Debian: Security Advisory (DSA-1948-1)
2009-12-1400:00:00
Copyright (C) 2009 Greenbone AG
plugins.openvas.org
9
CVSS2
6.4
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:P/A:P
AI Score
7.2
Confidence
High
EPSS
0.966
Percentile
99.7%
The remote host is missing an update for the Debian
# SPDX-FileCopyrightText: 2009 Greenbone AG
# Some text descriptions might be excerpted from (a) referenced
# source(s), and are Copyright (C) by the respective right holder(s).
#
# SPDX-License-Identifier: GPL-2.0-only
if(description)
{
script_oid("1.3.6.1.4.1.25623.1.0.66515");
script_cve_id("CVE-2009-3563");
script_tag(name:"creation_date", value:"2009-12-14 22:06:43 +0000 (Mon, 14 Dec 2009)");
script_version("2024-02-01T14:37:10+0000");
script_tag(name:"last_modification", value:"2024-02-01 14:37:10 +0000 (Thu, 01 Feb 2024)");
script_tag(name:"cvss_base", value:"6.4");
script_tag(name:"cvss_base_vector", value:"AV:N/AC:L/Au:N/C:N/I:P/A:P");
script_name("Debian: Security Advisory (DSA-1948-1)");
script_category(ACT_GATHER_INFO);
script_copyright("Copyright (C) 2009 Greenbone AG");
script_family("Debian Local Security Checks");
script_dependencies("gather-package-list.nasl");
script_mandatory_keys("ssh/login/debian_linux", "ssh/login/packages", re:"ssh/login/release=DEB(4|5)");
script_xref(name:"Advisory-ID", value:"DSA-1948-1");
script_xref(name:"URL", value:"https://www.debian.org/security/2009/DSA-1948-1");
script_xref(name:"URL", value:"https://security-tracker.debian.org/tracker/DSA-1948");
script_tag(name:"summary", value:"The remote host is missing an update for the Debian 'ntp' package(s) announced via the DSA-1948-1 advisory.");
script_tag(name:"vuldetect", value:"Checks if a vulnerable package version is present on the target host.");
script_tag(name:"insight", value:"Robin Park and Dmitri Vinokurov discovered that the daemon component of the ntp package, a reference implementation of the NTP protocol, is not properly reacting to certain incoming packets.
An unexpected NTP mode 7 packet (MODE_PRIVATE) with spoofed IP data can lead ntpd to reply with a mode 7 response to the spoofed address. This may result in the service playing packet ping-pong with other ntp servers or even itself which causes CPU usage and excessive disk use due to logging. An attacker can use this to conduct denial of service attacks.
For the oldstable distribution (etch), this problem has been fixed in version 1:4.2.2.p4+dfsg-2etch4.
For the stable distribution (lenny), this problem has been fixed in version 1:4.2.4p4+dfsg-8lenny3.
For the testing (squeeze) and unstable (sid) distribution, this problem will be fixed soon.
We recommend that you upgrade your ntp packages.");
script_tag(name:"affected", value:"'ntp' package(s) on Debian 4, Debian 5.");
script_tag(name:"solution", value:"Please install the updated package(s).");
script_tag(name:"solution_type", value:"VendorFix");
script_tag(name:"qod_type", value:"package");
exit(0);
}
include("revisions-lib.inc");
include("pkg-lib-deb.inc");
release = dpkg_get_ssh_release();
if(!release)
exit(0);
res = "";
report = "";
if(release == "DEB4") {
if(!isnull(res = isdpkgvuln(pkg:"ntp", ver:"1:4.2.2.p4+dfsg-2etch4", rls:"DEB4"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"ntp-doc", ver:"1:4.2.2.p4+dfsg-2etch4", rls:"DEB4"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"ntp-refclock", ver:"1:4.2.2.p4+dfsg-2etch4", rls:"DEB4"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"ntp-simple", ver:"1:4.2.2.p4+dfsg-2etch4", rls:"DEB4"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"ntpdate", ver:"1:4.2.2.p4+dfsg-2etch4", rls:"DEB4"))) {
report += res;
}
if(report != "") {
security_message(data:report);
} else if(__pkg_match) {
exit(99);
}
exit(0);
}
if(release == "DEB5") {
if(!isnull(res = isdpkgvuln(pkg:"ntp", ver:"1:4.2.4p4+dfsg-8lenny3", rls:"DEB5"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"ntp-doc", ver:"1:4.2.4p4+dfsg-8lenny3", rls:"DEB5"))) {
report += res;
}
if(!isnull(res = isdpkgvuln(pkg:"ntpdate", ver:"1:4.2.4p4+dfsg-8lenny3", rls:"DEB5"))) {
report += res;
}
if(report != "") {
security_message(data:report);
} else if(__pkg_match) {
exit(99);
}
exit(0);
}
exit(0);
Related
nessus
nessus
Slackware 10.0 / 10.1 / 10.2 / 11.0 / 12.0 / 12.1 / 12.2 / 13.0 / 8.1 / 9.0 / 9.1 / current : ntp (SSA:2009-343-01)
2009-12-11 00:00:00
Fedora 11 : ntp-4.2.4p7-3.fc11 (2009-13090)
2009-12-14 00:00:00
RHEL 4 / 5 : ntp (RHSA-2009:1648)
2009-12-09 00:00:00
openvas
openvas
NTP mode 7 MODE_PRIVATE Packet Remote Denial of Service Vulnerability
2009-12-15 00:00:00
HP-UX Update for XNTP HPSBUX02639
2011-06-06 00:00:00
NTP mode 7 MODE_PRIVATE Packet Remote Denial of Service Vulnerability
2009-12-15 00:00:00
cisco
cisco
securityvulns
securityvulns
[USN-867-1] Ntp vulnerability
2009-12-09 00:00:00
ntp server DoS
2009-12-09 00:00:00
[SECURITY] [DSA 1992-1] New chrony packages fix denial of service
2010-02-05 00:00:00
freebsd_advisory
freebsd_advisory
FreeBSD-SA-10:02.ntpd
2010-01-06 00:00:00
metasploit
metasploit
NTP.org ntpd Reserved Mode Denial of Service
2009-12-13 02:56:20
f5
f5
K10905 : NTP vulnerability - CVE-2009-3563
2013-07-05 00:00:00
SOL10905 - NTP vulnerability - CVE-2009-3563
2010-01-04 00:00:00
K000139026 : NTP vulnerability CVE-2009-3563
2024-03-25 00:00:00
redhat
redhat
(RHSA-2009:1648) Moderate: ntp security update
2009-12-08 00:00:00
(RHSA-2009:1651) Moderate: ntp security update
2009-12-08 00:00:00
(RHSA-2010:0095) Important: rhev-hypervisor security and bug fix update
2010-02-09 00:00:00
cvelist
cvelist
CVE-2009-3563
2009-12-09 00:00:00
CVE-2010-0292
2022-10-03 16:21:10
veracode
veracode
Denial Of Service (DoS)
2020-04-10 00:42:01
debian
debian
[SECURITY] [DSA 1948-1] New ntp packages fix denial of service
2009-12-08 19:07:15
[SECURITY] [DSA 1992-1] New chrony packages fix denial of service
2010-02-04 17:38:45
packetstorm
packetstorm
NTP.org ntpd Reserved Mode Denial of Service
2024-08-31 00:00:00
cert
cert
NTP mode 7 denial-of-service vulnerability
2009-12-08 00:00:00
gentoo
gentoo
NTP: Denial of service
2010-01-03 00:00:00
seebug
seebug
NTP MODE_PRIVATEζ₯ζθΏη¨ζη»ζε‘ζΌζ΄
2009-12-12 00:00:00
centos
centos
ntp security update
2009-12-08 22:33:14
ntp security update
2009-12-08 22:18:02
ubuntucve
ubuntucve
CVE-2009-3563
2009-12-08 00:00:00
CVE-2010-0292
2010-02-08 00:00:00
debiancve
debiancve
CVE-2009-3563
2009-12-09 18:30:00
CVE-2010-0292
2022-10-03 16:21:10
prion
prion
Code injection
2009-12-09 18:30:00
Sql injection
2010-02-08 20:30:00
fedora
fedora
[SECURITY] Fedora 12 Update: ntp-4.2.4p8-1.fc12
2009-12-11 18:14:28
[SECURITY] Fedora 11 Update: ntp-4.2.4p7-3.fc11
2009-12-11 18:23:49
[SECURITY] Fedora 10 Update: ntp-4.2.4p7-2.fc10
2009-12-11 18:32:53
slackware
slackware
[slackware-security] ntp
2009-12-10 08:39:43
checkpoint_advisories
checkpoint_advisories
Multiple Vendors NTP Mode 7 Denial of Service (CVE-2009-3563)
2010-02-02 00:00:00
Update Protection against Multiple Vendors NTP Mode 7 Denial of Service
2009-01-25 00:00:00
oraclelinux
oraclelinux
ntp security update
2009-12-08 00:00:00
ntp security update
2009-12-08 00:00:00
nvd
nvd
CVE-2009-3563
2009-12-09 18:30:00
CVE-2010-0292
2010-02-08 20:30:00
cve
cve
CVE-2009-3563
2009-12-09 18:30:00
CVE-2010-0292
2022-10-03 16:21:10
ubuntu
ubuntu
Ntp vulnerability
2009-12-08 00:00:00
redhatcve
redhatcve
CVE-2024-2169
2024-04-02 20:21:52
osv
osv
chrony - denial of service
2010-02-04 00:00:00
vmware
vmware
ESX Service Console and vMA third party updates
2010-03-03 00:00:00
ESX Service Console and vMA third party updates
2010-03-03 00:00:00
ESXi utilities and ESX Service Console third party updates
2010-05-27 00:00:00
CVSS2
6.4
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:N/I:P/A:P
AI Score
7.2
Confidence
High
EPSS
0.966
Percentile
99.7%
Related for OPENVAS:136141256231066515