Action not permitted
Modal body text goes here.
Modal Title
Modal Body
CVE-2009-3563 (GCVE-0-2009-3563)
Vulnerability from cvelistv5 – Published: 2009-12-09 00:00 – Updated: 2024-08-07 06:31
VLAI?
EPSS
Summary
ntp_request.c in ntpd in NTP before 4.2.4p8, and 4.2.5, allows remote attackers to cause a denial of service (CPU and bandwidth consumption) by using MODE_PRIVATE to send a spoofed (1) request or (2) response packet that triggers a continuous exchange of MODE_PRIVATE error responses between two NTP daemons.
Severity ?
No CVSS data available.
CWE
- n/a
Assigner
References
Date Public ?
2009-12-08 00:00
{
"containers": {
"adp": [
{
"providerMetadata": {
"dateUpdated": "2024-08-07T06:31:10.550Z",
"orgId": "af854a3a-2127-422b-91ae-364da2661108",
"shortName": "CVE"
},
"references": [
{
"name": "VU#568372",
"tags": [
"third-party-advisory",
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/568372"
},
{
"name": "38832",
"tags": [
"third-party-advisory",
"x_transferred"
],
"url": "http://secunia.com/advisories/38832"
},
{
"tags": [
"x_transferred"
],
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10673"
},
{
"name": "oval:org.mitre.oval:def:11225",
"tags": [
"vdb-entry",
"signature",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11225"
},
{
"tags": [
"x_transferred"
],
"url": "http://support.avaya.com/css/P8/documents/100071808"
},
{
"name": "38794",
"tags": [
"third-party-advisory",
"x_transferred"
],
"url": "http://secunia.com/advisories/38794"
},
{
"name": "[security-announce] 20100303 VMSA-2010-0004 ESX Service Console and vMA third party updates",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "http://lists.vmware.com/pipermail/security-announce/2010/000082.html"
},
{
"name": "FEDORA-2009-13121",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00809.html"
},
{
"tags": [
"x_transferred"
],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=531213"
},
{
"name": "38764",
"tags": [
"third-party-advisory",
"x_transferred"
],
"url": "http://secunia.com/advisories/38764"
},
{
"tags": [
"x_transferred"
],
"url": "http://support.ntp.org/bin/view/Main/SecurityNotice#DoS_attack_from_certain_NTP_mode"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/MAPG-7X7V6J"
},
{
"name": "oval:org.mitre.oval:def:19376",
"tags": [
"vdb-entry",
"signature",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19376"
},
{
"name": "37255",
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "http://www.securityfocus.com/bid/37255"
},
{
"name": "SSRT101144",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=136482797910018\u0026w=2"
},
{
"name": "39593",
"tags": [
"third-party-advisory",
"x_transferred"
],
"url": "http://secunia.com/advisories/39593"
},
{
"name": "IZ71047",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg1IZ71047"
},
{
"name": "ADV-2010-0993",
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/0993"
},
{
"name": "DSA-1948",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://www.debian.org/security/2009/dsa-1948"
},
{
"tags": [
"x_transferred"
],
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560074"
},
{
"tags": [
"x_transferred"
],
"url": "http://aix.software.ibm.com/aix/efixes/security/xntpd_advisory.asc"
},
{
"name": "HPSBUX02639",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=130168580504508\u0026w=2"
},
{
"name": "1021781",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021781.1-1"
},
{
"name": "IZ68659",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg1IZ68659"
},
{
"name": "SSRT100293",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=130168580504508\u0026w=2"
},
{
"tags": [
"x_transferred"
],
"url": "https://support.ntp.org/bugs/show_bug.cgi?id=1331"
},
{
"name": "oval:org.mitre.oval:def:7076",
"tags": [
"vdb-entry",
"signature",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7076"
},
{
"name": "37922",
"tags": [
"third-party-advisory",
"x_transferred"
],
"url": "http://secunia.com/advisories/37922"
},
{
"name": "NetBSD-SA2010-005",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2010-005.txt.asc"
},
{
"name": "38834",
"tags": [
"third-party-advisory",
"x_transferred"
],
"url": "http://secunia.com/advisories/38834"
},
{
"name": "FEDORA-2009-13090",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00763.html"
},
{
"tags": [
"x_transferred"
],
"url": "http://security-tracker.debian.org/tracker/CVE-2009-3563"
},
{
"name": "1023298",
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "http://securitytracker.com/id?1023298"
},
{
"name": "oval:org.mitre.oval:def:12141",
"tags": [
"vdb-entry",
"signature",
"x_transferred"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12141"
},
{
"name": "RHSA-2009:1651",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://rhn.redhat.com/errata/RHSA-2009-1651.html"
},
{
"name": "37629",
"tags": [
"third-party-advisory",
"x_transferred"
],
"url": "http://secunia.com/advisories/37629"
},
{
"name": "RHSA-2010:0095",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://rhn.redhat.com/errata/RHSA-2010-0095.html"
},
{
"tags": [
"x_transferred"
],
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10691"
},
{
"name": "HPSBUX02859",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "http://marc.info/?l=bugtraq\u0026m=136482797910018\u0026w=2"
},
{
"name": "[announce] 20091208 NTP 4.2.4p8 Released",
"tags": [
"mailing-list",
"x_transferred"
],
"url": "https://lists.ntp.org/pipermail/announce/2009-December/000086.html"
},
{
"name": "ADV-2010-0510",
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/0510"
},
{
"name": "RHSA-2009:1648",
"tags": [
"vendor-advisory",
"x_transferred"
],
"url": "https://rhn.redhat.com/errata/RHSA-2009-1648.html"
},
{
"tags": [
"x_transferred"
],
"url": "http://www.kb.cert.org/vuls/id/MAPG-7X7VD7"
},
{
"name": "ADV-2010-0528",
"tags": [
"vdb-entry",
"x_transferred"
],
"url": "http://www.vupen.com/english/advisories/2010/0528"
},
{
"name": "VU#417980",
"tags": [
"third-party-advisory",
"x_transferred"
],
"url": "https://www.kb.cert.org/vuls/id/417980"
}
],
"title": "CVE Program Container"
}
],
"cna": {
"affected": [
{
"product": "n/a",
"vendor": "n/a",
"versions": [
{
"status": "affected",
"version": "n/a"
}
]
}
],
"datePublic": "2009-12-08T00:00:00.000Z",
"descriptions": [
{
"lang": "en",
"value": "ntp_request.c in ntpd in NTP before 4.2.4p8, and 4.2.5, allows remote attackers to cause a denial of service (CPU and bandwidth consumption) by using MODE_PRIVATE to send a spoofed (1) request or (2) response packet that triggers a continuous exchange of MODE_PRIVATE error responses between two NTP daemons."
}
],
"problemTypes": [
{
"descriptions": [
{
"description": "n/a",
"lang": "en",
"type": "text"
}
]
}
],
"providerMetadata": {
"dateUpdated": "2024-03-19T21:06:04.060Z",
"orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"shortName": "mitre"
},
"references": [
{
"name": "VU#568372",
"tags": [
"third-party-advisory"
],
"url": "http://www.kb.cert.org/vuls/id/568372"
},
{
"name": "38832",
"tags": [
"third-party-advisory"
],
"url": "http://secunia.com/advisories/38832"
},
{
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10673"
},
{
"name": "oval:org.mitre.oval:def:11225",
"tags": [
"vdb-entry",
"signature"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11225"
},
{
"url": "http://support.avaya.com/css/P8/documents/100071808"
},
{
"name": "38794",
"tags": [
"third-party-advisory"
],
"url": "http://secunia.com/advisories/38794"
},
{
"name": "[security-announce] 20100303 VMSA-2010-0004 ESX Service Console and vMA third party updates",
"tags": [
"mailing-list"
],
"url": "http://lists.vmware.com/pipermail/security-announce/2010/000082.html"
},
{
"name": "FEDORA-2009-13121",
"tags": [
"vendor-advisory"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00809.html"
},
{
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=531213"
},
{
"name": "38764",
"tags": [
"third-party-advisory"
],
"url": "http://secunia.com/advisories/38764"
},
{
"url": "http://support.ntp.org/bin/view/Main/SecurityNotice#DoS_attack_from_certain_NTP_mode"
},
{
"url": "http://www.kb.cert.org/vuls/id/MAPG-7X7V6J"
},
{
"name": "oval:org.mitre.oval:def:19376",
"tags": [
"vdb-entry",
"signature"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19376"
},
{
"name": "37255",
"tags": [
"vdb-entry"
],
"url": "http://www.securityfocus.com/bid/37255"
},
{
"name": "SSRT101144",
"tags": [
"vendor-advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=136482797910018\u0026w=2"
},
{
"name": "39593",
"tags": [
"third-party-advisory"
],
"url": "http://secunia.com/advisories/39593"
},
{
"name": "IZ71047",
"tags": [
"vendor-advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg1IZ71047"
},
{
"name": "ADV-2010-0993",
"tags": [
"vdb-entry"
],
"url": "http://www.vupen.com/english/advisories/2010/0993"
},
{
"name": "DSA-1948",
"tags": [
"vendor-advisory"
],
"url": "http://www.debian.org/security/2009/dsa-1948"
},
{
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560074"
},
{
"url": "http://aix.software.ibm.com/aix/efixes/security/xntpd_advisory.asc"
},
{
"name": "HPSBUX02639",
"tags": [
"vendor-advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=130168580504508\u0026w=2"
},
{
"name": "1021781",
"tags": [
"vendor-advisory"
],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021781.1-1"
},
{
"name": "IZ68659",
"tags": [
"vendor-advisory"
],
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg1IZ68659"
},
{
"name": "SSRT100293",
"tags": [
"vendor-advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=130168580504508\u0026w=2"
},
{
"url": "https://support.ntp.org/bugs/show_bug.cgi?id=1331"
},
{
"name": "oval:org.mitre.oval:def:7076",
"tags": [
"vdb-entry",
"signature"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7076"
},
{
"name": "37922",
"tags": [
"third-party-advisory"
],
"url": "http://secunia.com/advisories/37922"
},
{
"name": "NetBSD-SA2010-005",
"tags": [
"vendor-advisory"
],
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2010-005.txt.asc"
},
{
"name": "38834",
"tags": [
"third-party-advisory"
],
"url": "http://secunia.com/advisories/38834"
},
{
"name": "FEDORA-2009-13090",
"tags": [
"vendor-advisory"
],
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00763.html"
},
{
"url": "http://security-tracker.debian.org/tracker/CVE-2009-3563"
},
{
"name": "1023298",
"tags": [
"vdb-entry"
],
"url": "http://securitytracker.com/id?1023298"
},
{
"name": "oval:org.mitre.oval:def:12141",
"tags": [
"vdb-entry",
"signature"
],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12141"
},
{
"name": "RHSA-2009:1651",
"tags": [
"vendor-advisory"
],
"url": "https://rhn.redhat.com/errata/RHSA-2009-1651.html"
},
{
"name": "37629",
"tags": [
"third-party-advisory"
],
"url": "http://secunia.com/advisories/37629"
},
{
"name": "RHSA-2010:0095",
"tags": [
"vendor-advisory"
],
"url": "https://rhn.redhat.com/errata/RHSA-2010-0095.html"
},
{
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10691"
},
{
"name": "HPSBUX02859",
"tags": [
"vendor-advisory"
],
"url": "http://marc.info/?l=bugtraq\u0026m=136482797910018\u0026w=2"
},
{
"name": "[announce] 20091208 NTP 4.2.4p8 Released",
"tags": [
"mailing-list"
],
"url": "https://lists.ntp.org/pipermail/announce/2009-December/000086.html"
},
{
"name": "ADV-2010-0510",
"tags": [
"vdb-entry"
],
"url": "http://www.vupen.com/english/advisories/2010/0510"
},
{
"name": "RHSA-2009:1648",
"tags": [
"vendor-advisory"
],
"url": "https://rhn.redhat.com/errata/RHSA-2009-1648.html"
},
{
"url": "http://www.kb.cert.org/vuls/id/MAPG-7X7VD7"
},
{
"name": "ADV-2010-0528",
"tags": [
"vdb-entry"
],
"url": "http://www.vupen.com/english/advisories/2010/0528"
},
{
"name": "VU#417980",
"tags": [
"third-party-advisory"
],
"url": "https://www.kb.cert.org/vuls/id/417980"
}
]
}
},
"cveMetadata": {
"assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca",
"assignerShortName": "mitre",
"cveId": "CVE-2009-3563",
"datePublished": "2009-12-09T00:00:00.000Z",
"dateReserved": "2009-10-05T00:00:00.000Z",
"dateUpdated": "2024-08-07T06:31:10.550Z",
"state": "PUBLISHED"
},
"dataType": "CVE_RECORD",
"dataVersion": "5.1",
"vulnerability-lookup:meta": {
"nvd": "{\"cve\":{\"id\":\"CVE-2009-3563\",\"sourceIdentifier\":\"cve@mitre.org\",\"published\":\"2009-12-09T18:30:00.390\",\"lastModified\":\"2025-04-09T00:30:58.490\",\"vulnStatus\":\"Deferred\",\"cveTags\":[],\"descriptions\":[{\"lang\":\"en\",\"value\":\"ntp_request.c in ntpd in NTP before 4.2.4p8, and 4.2.5, allows remote attackers to cause a denial of service (CPU and bandwidth consumption) by using MODE_PRIVATE to send a spoofed (1) request or (2) response packet that triggers a continuous exchange of MODE_PRIVATE error responses between two NTP daemons.\"},{\"lang\":\"es\",\"value\":\"ntp_request.c en ntpd en NTP anterior v4.2.4p8, y v4.2.5, permite a atacantes remotos causar una denegaci\u00f3n de servicio (consumo de CPU y ancho de banda) por uso de MODE_PRIVATE para enviar una suplantaci\u00f3n de (1) petici\u00f3n o (2) paquete respueta lo que lanza continuo intercambio de errores de respuesta MODE_PRIVATE entre dos demonios NTP.\"}],\"metrics\":{\"cvssMetricV2\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"cvssData\":{\"version\":\"2.0\",\"vectorString\":\"AV:N/AC:L/Au:N/C:N/I:P/A:P\",\"baseScore\":6.4,\"accessVector\":\"NETWORK\",\"accessComplexity\":\"LOW\",\"authentication\":\"NONE\",\"confidentialityImpact\":\"NONE\",\"integrityImpact\":\"PARTIAL\",\"availabilityImpact\":\"PARTIAL\"},\"baseSeverity\":\"MEDIUM\",\"exploitabilityScore\":10.0,\"impactScore\":4.9,\"acInsufInfo\":false,\"obtainAllPrivilege\":false,\"obtainUserPrivilege\":false,\"obtainOtherPrivilege\":false,\"userInteractionRequired\":false}]},\"weaknesses\":[{\"source\":\"nvd@nist.gov\",\"type\":\"Primary\",\"description\":[{\"lang\":\"en\",\"value\":\"NVD-CWE-Other\"}]}],\"configurations\":[{\"nodes\":[{\"operator\":\"OR\",\"negate\":false,\"cpeMatch\":[{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ntp:ntp:*:*:*:*:*:*:*:*\",\"versionEndIncluding\":\"4.2.2p4\",\"matchCriteriaId\":\"73B1FD64-D156-45BC-9713-77E163DF731C\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ntp:ntp:4.0.72:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"25AB2D70-2807-4970-ACD3-9B4751A1F9D6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ntp:ntp:4.0.73:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"06C78C19-5A09-4883-8144-AE861A244FEA\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ntp:ntp:4.0.90:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"437C8BA8-F437-4166-838D-EDC64E7A67DC\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ntp:ntp:4.0.91:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"104AEC97-3C2A-48D2-BA63-08502F88F8D2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ntp:ntp:4.0.92:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"87D67E30-E303-4F79-9929-4A5B587FCDB7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ntp:ntp:4.0.93:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B9BD95B5-322C-4CDC-A2DB-A06D4DA3B104\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ntp:ntp:4.0.94:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"0BD63969-D18D-41AF-9814-DA1A207BDE80\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ntp:ntp:4.0.95:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"7EAD8958-173A-4FCC-9420-A148BA5F73E2\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ntp:ntp:4.0.96:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B271F6AD-D829-4671-8FA7-7D921364B426\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ntp:ntp:4.0.97:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"C25E03A8-46B5-4AC7-8506-4C255D7CC400\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ntp:ntp:4.0.98:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"2C76CD53-CC9F-491A-952F-9A82D6E20058\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ntp:ntp:4.0.99:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"E749D64E-5C47-4A34-9F3C-1D34F8348058\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ntp:ntp:4.1.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EE0C9CBB-D52F-4F7C-B343-E685A3996BC6\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ntp:ntp:4.1.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"CB90A3FB-B107-46CF-A846-48EE0EDF637A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ntp:ntp:4.2.0:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"088BFFA4-1AAB-4699-9793-F731A81B296A\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ntp:ntp:4.2.2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"B3475779-383A-4128-9145-474EC08030FE\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ntp:ntp:4.2.2p1:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"782BAA3D-A639-4B25-83F0-741074C88D7F\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ntp:ntp:4.2.2p2:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"EF367FA4-2C7F-4040-89DE-8A97A069A802\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ntp:ntp:4.2.2p3:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"01D11498-3FC4-4890-9B10-BBA74A01C9E7\"},{\"vulnerable\":true,\"criteria\":\"cpe:2.3:a:ntp:ntp:4.2.5:*:*:*:*:*:*:*\",\"matchCriteriaId\":\"35C2B888-66D6-45D3-97E3-C711B1C6971A\"}]}]}],\"references\":[{\"url\":\"ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2010-005.txt.asc\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://aix.software.ibm.com/aix/efixes/security/xntpd_advisory.asc\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560074\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10673\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10691\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://lists.vmware.com/pipermail/security-announce/2010/000082.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=130168580504508\u0026w=2\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=136482797910018\u0026w=2\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/37629\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/37922\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/38764\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/38794\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/38832\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/38834\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://secunia.com/advisories/39593\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://security-tracker.debian.org/tracker/CVE-2009-3563\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://securitytracker.com/id?1023298\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021781.1-1\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://support.avaya.com/css/P8/documents/100071808\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://support.ntp.org/bin/view/Main/SecurityNotice#DoS_attack_from_certain_NTP_mode\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\"]},{\"url\":\"http://www-01.ibm.com/support/docview.wss?uid=isg1IZ68659\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www-01.ibm.com/support/docview.wss?uid=isg1IZ71047\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.debian.org/security/2009/dsa-1948\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\"]},{\"url\":\"http://www.kb.cert.org/vuls/id/568372\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\",\"US Government Resource\"]},{\"url\":\"http://www.kb.cert.org/vuls/id/MAPG-7X7V6J\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.kb.cert.org/vuls/id/MAPG-7X7VD7\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.securityfocus.com/bid/37255\",\"source\":\"cve@mitre.org\",\"tags\":[\"Patch\"]},{\"url\":\"http://www.vupen.com/english/advisories/2010/0510\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.vupen.com/english/advisories/2010/0528\",\"source\":\"cve@mitre.org\"},{\"url\":\"http://www.vupen.com/english/advisories/2010/0993\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=531213\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://lists.ntp.org/pipermail/announce/2009-December/000086.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11225\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12141\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19376\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7076\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://rhn.redhat.com/errata/RHSA-2009-1648.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://rhn.redhat.com/errata/RHSA-2009-1651.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://rhn.redhat.com/errata/RHSA-2010-0095.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://support.ntp.org/bugs/show_bug.cgi?id=1331\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://www.kb.cert.org/vuls/id/417980\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00763.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00809.html\",\"source\":\"cve@mitre.org\"},{\"url\":\"ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2010-005.txt.asc\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://aix.software.ibm.com/aix/efixes/security/xntpd_advisory.asc\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560074\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10673\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10691\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://lists.vmware.com/pipermail/security-announce/2010/000082.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=130168580504508\u0026w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://marc.info/?l=bugtraq\u0026m=136482797910018\u0026w=2\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/37629\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/37922\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/38764\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/38794\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/38832\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/38834\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://secunia.com/advisories/39593\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://security-tracker.debian.org/tracker/CVE-2009-3563\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://securitytracker.com/id?1023298\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021781.1-1\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://support.avaya.com/css/P8/documents/100071808\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://support.ntp.org/bin/view/Main/SecurityNotice#DoS_attack_from_certain_NTP_mode\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"http://www-01.ibm.com/support/docview.wss?uid=isg1IZ68659\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www-01.ibm.com/support/docview.wss?uid=isg1IZ71047\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.debian.org/security/2009/dsa-1948\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"http://www.kb.cert.org/vuls/id/568372\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\",\"US Government Resource\"]},{\"url\":\"http://www.kb.cert.org/vuls/id/MAPG-7X7V6J\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.kb.cert.org/vuls/id/MAPG-7X7VD7\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.securityfocus.com/bid/37255\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\",\"tags\":[\"Patch\"]},{\"url\":\"http://www.vupen.com/english/advisories/2010/0510\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.vupen.com/english/advisories/2010/0528\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"http://www.vupen.com/english/advisories/2010/0993\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://bugzilla.redhat.com/show_bug.cgi?id=531213\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://lists.ntp.org/pipermail/announce/2009-December/000086.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11225\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12141\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19376\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7076\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://rhn.redhat.com/errata/RHSA-2009-1648.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://rhn.redhat.com/errata/RHSA-2009-1651.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://rhn.redhat.com/errata/RHSA-2010-0095.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://support.ntp.org/bugs/show_bug.cgi?id=1331\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://www.kb.cert.org/vuls/id/417980\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00763.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"},{\"url\":\"https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00809.html\",\"source\":\"af854a3a-2127-422b-91ae-364da2661108\"}]}}"
}
}
CERTFR-2014-AVI-480
Vulnerability from certfr_avis - Published: 2014-11-13 - Updated: 2014-11-13
De multiples vulnérabilités ont été corrigées dans les produits Juniper. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, une exécution de code arbitraire et un déni de service à distance.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Juniper Networks | N/A | CTPOS versions antérieures à 6.6R2 | ||
| ESET | Security | Juniper Security Threat Response Manager versions 2012.1, 2013.1, 2013.2 | ||
| Juniper Networks | N/A | CTPView versions 4.2, 4.3, 4.4, 4.5, 4.6 | ||
| Juniper Networks | Junos Space | Junos Space jusqu'à la version 13.3 | ||
| Juniper Networks | Secure Analytics | Juniper Secure Analytics versions 2013.2, 2014.1, 2014.2 | ||
| ESET | Security | Network and Security Manager (NSM) version 2012.2 |
References
| Title | Publication Time | Tags | |||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "CTPOS versions ant\u00e9rieures \u00e0 6.6R2",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Juniper Security Threat Response Manager versions 2012.1, 2013.1, 2013.2",
"product": {
"name": "Security",
"vendor": {
"name": "ESET",
"scada": false
}
}
},
{
"description": "CTPView versions 4.2, 4.3, 4.4, 4.5, 4.6",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Junos Space jusqu\u0027\u00e0 la version 13.3",
"product": {
"name": "Junos Space",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Juniper Secure Analytics versions 2013.2, 2014.1, 2014.2",
"product": {
"name": "Secure Analytics",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Network and Security Manager (NSM) version 2012.2",
"product": {
"name": "Security",
"vendor": {
"name": "ESET",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2012-3158",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3158"
},
{
"name": "CVE-2010-3853",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3853"
},
{
"name": "CVE-2014-0075",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-0075"
},
{
"name": "CVE-2010-3081",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3081"
},
{
"name": "CVE-2012-0789",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-0789"
},
{
"name": "CVE-2012-2329",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-2329"
},
{
"name": "CVE-2014-0460",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-0460"
},
{
"name": "CVE-2011-4609",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-4609"
},
{
"name": "CVE-2011-0421",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0421"
},
{
"name": "CVE-2012-0781",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-0781"
},
{
"name": "CVE-2014-4827",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-4827"
},
{
"name": "CVE-2013-1635",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-1635"
},
{
"name": "CVE-2011-0216",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0216"
},
{
"name": "CVE-2013-1620",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-1620"
},
{
"name": "CVE-2014-0119",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-0119"
},
{
"name": "CVE-2012-2110",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-2110"
},
{
"name": "CVE-2014-7186",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-7186"
},
{
"name": "CVE-2009-2416",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-2416"
},
{
"name": "CVE-2012-0788",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-0788"
},
{
"name": "CVE-2010-4755",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-4755"
},
{
"name": "CVE-2013-1775",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-1775"
},
{
"name": "CVE-2009-5029",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-5029"
},
{
"name": "CVE-2011-1153",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-1153"
},
{
"name": "CVE-2009-3563",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-3563"
},
{
"name": "CVE-2014-0411",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-0411"
},
{
"name": "CVE-2013-1643",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-1643"
},
{
"name": "CVE-2013-0791",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-0791"
},
{
"name": "CVE-2010-1646",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-1646"
},
{
"name": "CVE-2014-7169",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-7169"
},
{
"name": "CVE-2011-1944",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-1944"
},
{
"name": "CVE-2014-0099",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-0099"
},
{
"name": "CVE-2011-0010",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0010"
},
{
"name": "CVE-2011-1398",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-1398"
},
{
"name": "CVE-2011-2834",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-2834"
},
{
"name": "CVE-2014-4825",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-4825"
},
{
"name": "CVE-2010-4707",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-4707"
},
{
"name": "CVE-2012-0882",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-0882"
},
{
"name": "CVE-2009-0159",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-0159"
},
{
"name": "CVE-2014-0453",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-0453"
},
{
"name": "CVE-2011-0708",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0708"
},
{
"name": "CVE-2014-6271",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-6271"
},
{
"name": "CVE-2014-6277",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-6277"
},
{
"name": "CVE-2014-1568",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-1568"
},
{
"name": "CVE-2010-0830",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-0830"
},
{
"name": "CVE-2010-0426",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-0426"
},
{
"name": "CVE-2014-0423",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-0423"
},
{
"name": "CVE-2012-2311",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-2311"
},
{
"name": "CVE-2014-0224",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-0224"
},
{
"name": "CVE-2014-4830",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-4830"
},
{
"name": "CVE-2011-3368",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3368"
},
{
"name": "CVE-2014-2532",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-2532"
},
{
"name": "CVE-2014-4828",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-4828"
},
{
"name": "CVE-2014-0095",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-0095"
},
{
"name": "CVE-2010-0427",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-0427"
},
{
"name": "CVE-2014-3470",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-3470"
},
{
"name": "CVE-2014-3062",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-3062"
},
{
"name": "CVE-2012-0831",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-0831"
},
{
"name": "CVE-2009-2414",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-2414"
},
{
"name": "CVE-2012-0057",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-0057"
},
{
"name": "CVE-2014-7187",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-7187"
},
{
"name": "CVE-2010-2956",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-2956"
},
{
"name": "CVE-2011-3905",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3905"
},
{
"name": "CVE-2014-4833",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-4833"
},
{
"name": "CVE-2011-4566",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-4566"
},
{
"name": "CVE-2014-0837",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-0837"
},
{
"name": "CVE-2010-4008",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-4008"
},
{
"name": "CVE-2014-6278",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-6278"
},
{
"name": "CVE-2012-1172",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-1172"
},
{
"name": "CVE-2014-0076",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-0076"
},
{
"name": "CVE-2010-1163",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-1163"
},
{
"name": "CVE-2011-4317",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-4317"
},
{
"name": "CVE-2011-4885",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-4885"
},
{
"name": "CVE-2010-5107",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-5107"
},
{
"name": "CVE-2009-1265",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-1265"
},
{
"name": "CVE-2010-3316",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3316"
},
{
"name": "CVE-2012-3510",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-3510"
},
{
"name": "CVE-2011-5000",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-5000"
},
{
"name": "CVE-2010-3435",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-3435"
},
{
"name": "CVE-2011-3919",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-3919"
},
{
"name": "CVE-2012-2337",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-2337"
},
{
"name": "CVE-2011-1089",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-1089"
},
{
"name": "CVE-2014-0096",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-0096"
},
{
"name": "CVE-2013-5908",
"url": "https://www.cve.org/CVERecord?id=CVE-2013-5908"
},
{
"name": "CVE-2014-3091",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-3091"
},
{
"name": "CVE-2012-2131",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-2131"
}
],
"initial_release_date": "2014-11-13T00:00:00",
"last_revision_date": "2014-11-13T00:00:00",
"links": [],
"reference": "CERTFR-2014-AVI-480",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2014-11-13T00:00:00.000000"
}
],
"risks": [
{
"description": "Injection de code indirecte \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
},
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "D\u00e9ni de service"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans les produits \u003cspan\nclass=\"textit\"\u003eJuniper\u003c/span\u003e. Certaines d\u0027entre elles permettent \u00e0 un\nattaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, une\nex\u00e9cution de code arbitraire et un d\u00e9ni de service \u00e0 distance.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Juniper",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10661 du 11 novembre 2014",
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10661"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10657 du 11 novembre 2014",
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10657"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10658 du 11 novembre 2014",
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10658"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10659 du 11 novembre 2014",
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10659"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10660 du 11 novembre 2014",
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10660"
}
]
}
CERTA-2010-AVI-106
Vulnerability from certfr_avis - Published: 2010-03-04 - Updated: 2010-03-04
Plusieurs vulnérabilités découvertes dans les produits VMware peuvent être exploitées à distance par un utilisateur malintentionné afin de compromettre le système ou d'entraver son bon fonctionnement.
Description
Les vulnérabilités présentes dans les produits VMware peuvent être exploitées afin de porter atteinte à l'intégrité et à la confidentialité des données, de réaliser un déni de service, d'injecter et d'exécuter indirectement du code arbitraire, d'élever ses privilèges ou d'exécuter du code arbitraire.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "VMware vMA 4.0 sans le patch 3.",
"product": {
"name": "N/A",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "VMware ESX 3.0.3 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "VMware ESX 3.5 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "VMware ESX 2.5.5 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "VMware",
"scada": false
}
}
},
{
"description": "VMware ESX 4.0 sans les patchs SX400-201002404-SG, SX400-201002406-SG, SX400-201002407-SG ;",
"product": {
"name": "N/A",
"vendor": {
"name": "VMware",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Description\n\nLes vuln\u00e9rabilit\u00e9s pr\u00e9sentes dans les produits VMware peuvent \u00eatre\nexploit\u00e9es afin de porter atteinte \u00e0 l\u0027int\u00e9grit\u00e9 et \u00e0 la confidentialit\u00e9\ndes donn\u00e9es, de r\u00e9aliser un d\u00e9ni de service, d\u0027injecter et d\u0027ex\u00e9cuter\nindirectement du code arbitraire, d\u0027\u00e9lever ses privil\u00e8ges ou d\u0027ex\u00e9cuter\ndu code arbitraire.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2009-2905",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-2905"
},
{
"name": "CVE-2009-1387",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-1387"
},
{
"name": "CVE-2009-3560",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-3560"
},
{
"name": "CVE-2009-2849",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-2849"
},
{
"name": "CVE-2009-3916",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-3916"
},
{
"name": "CVE-2009-0115",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-0115"
},
{
"name": "CVE-2009-1379",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-1379"
},
{
"name": "CVE-2009-3613",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-3613"
},
{
"name": "CVE-2009-4022",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-4022"
},
{
"name": "CVE-2009-3563",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-3563"
},
{
"name": "CVE-2009-3620",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-3620"
},
{
"name": "CVE-2009-1189",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-1189"
},
{
"name": "CVE-2009-3228",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-3228"
},
{
"name": "CVE-2009-3547",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-3547"
},
{
"name": "CVE-2009-2695",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-2695"
},
{
"name": "CVE-2008-4316",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-4316"
},
{
"name": "CVE-2009-1378",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-1378"
},
{
"name": "CVE-2008-3916",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-3916"
},
{
"name": "CVE-2009-1386",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-1386"
},
{
"name": "CVE-2009-1377",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-1377"
},
{
"name": "CVE-2009-0590",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-0590"
},
{
"name": "CVE-2009-3286",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-3286"
},
{
"name": "CVE-2008-4552",
"url": "https://www.cve.org/CVERecord?id=CVE-2008-4552"
},
{
"name": "CVE-2009-3612",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-3612"
},
{
"name": "CVE-2009-3621",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-3621"
},
{
"name": "CVE-2009-3720",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-3720"
},
{
"name": "CVE-2009-2904",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-2904"
},
{
"name": "CVE-2009-2908",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-2908"
},
{
"name": "CVE-2009-3726",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-3726"
}
],
"initial_release_date": "2010-03-04T00:00:00",
"last_revision_date": "2010-03-04T00:00:00",
"links": [],
"reference": "CERTA-2010-AVI-106",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2010-03-04T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Injection de code indirecte \u00e0 distance"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "Plusieurs vuln\u00e9rabilit\u00e9s d\u00e9couvertes dans les produits VMware peuvent\n\u00eatre exploit\u00e9es \u00e0 distance par un utilisateur malintentionn\u00e9 afin de\ncompromettre le syst\u00e8me ou d\u0027entraver son bon fonctionnement.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits VMware",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 VMware du 03 mars 2010",
"url": "http://lists.vmware.com/pipermail/security-announce/2010/000082.html"
}
]
}
CERTFR-2015-AVI-146
Vulnerability from certfr_avis - Published: 2015-04-13 - Updated: 2015-04-13
De multiples vulnérabilités ont été corrigées dans les produits Juniper. Certaines d'entre elles permettent à un attaquant de provoquer une exécution de code arbitraire à distance, un déni de service à distance et un déni de service.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Juniper Networks | N/A | Juniper NSM versions antérieures à 2012.2R12 | ||
| Juniper Networks | Junos OS | Juniper Junos OS versions antérieures à 12.3R9 | ||
| Juniper Networks | N/A | Juniper CTPOS versions antérieures à 6.6R5 | ||
| Juniper Networks | Junos OS | Juniper Junos OS versions antérieures à 12.2X50-D70 | ||
| Juniper Networks | Junos OS | Juniper Junos OS versions antérieures à 11.4R12 | ||
| Juniper Networks | Junos OS | Juniper Junos OS versions antérieures à 13.2X51-D30 | ||
| Juniper Networks | Junos OS | Juniper Junos OS versions antérieures à 12.3R7 | ||
| Juniper Networks | N/A | Juniper NSM versions antérieures à 2012.2R11 | ||
| Juniper Networks | Junos OS | Juniper Junos OS versions antérieures à 12.3R10 | ||
| Juniper Networks | Junos OS | Juniper Junos OS versions antérieures à 13.2R6 | ||
| Juniper Networks | N/A | Juniper CTPView versions antérieures à 7.1R1 | ||
| Juniper Networks | Junos OS | Juniper Junos OS versions antérieures à 13.3R6 | ||
| Juniper Networks | Junos OS | Juniper Junos OS versions antérieures à 14.2R1 | ||
| Juniper Networks | Junos OS | Juniper Junos OS versions antérieures à 12.3X48-D10 | ||
| Juniper Networks | N/A | Juniper CTPOS versions antérieures à 7.0R4 | ||
| Juniper Networks | Junos OS | Juniper Junos OS versions antérieures à 14.1X53-D10 | ||
| Juniper Networks | Junos OS | Juniper Junos OS versions antérieures à 12.1X46-D35 | ||
| Juniper Networks | Junos OS | Juniper Junos OS versions antérieures à 12.1X47-D25 | ||
| Juniper Networks | Junos OS | Juniper Junos OS versions antérieures à 14.1R5 | ||
| Juniper Networks | N/A | Juniper CTPOS versions antérieures à 7.1R1 | ||
| Juniper Networks | Junos OS | Juniper Junos OS versions antérieures à 12.1X44-D50 | ||
| Juniper Networks | Junos OS | Juniper Junos OS versions antérieures à 13.3R5 | ||
| Juniper Networks | Junos OS | Juniper Junos OS versions antérieures à 13.2X52-D15 | ||
| Juniper Networks | Junos OS | Juniper Junos OS versions antérieures à 14.1R3 | ||
| Juniper Networks | Junos OS | Juniper Junos OS versions antérieures à 14.2R3 | ||
| Juniper Networks | Junos OS | Juniper Junos OS versions antérieures à 13.2R8 | ||
| Juniper Networks | Junos OS | Juniper Junos OS versions antérieures à 12.2R9 | ||
| Juniper Networks | Junos OS | Juniper Junos OS versions antérieures à 13.1X50-D30 | ||
| Juniper Networks | N/A | Juniper IDP OS versions antérieures à 5.1r4 |
References
| Title | Publication Time | Tags | |||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "Juniper NSM versions ant\u00e9rieures \u00e0 2012.2R12",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Juniper Junos OS versions ant\u00e9rieures \u00e0 12.3R9",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Juniper CTPOS versions ant\u00e9rieures \u00e0 6.6R5",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Juniper Junos OS versions ant\u00e9rieures \u00e0 12.2X50-D70",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Juniper Junos OS versions ant\u00e9rieures \u00e0 11.4R12",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Juniper Junos OS versions ant\u00e9rieures \u00e0 13.2X51-D30",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Juniper Junos OS versions ant\u00e9rieures \u00e0 12.3R7",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Juniper NSM versions ant\u00e9rieures \u00e0 2012.2R11",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Juniper Junos OS versions ant\u00e9rieures \u00e0 12.3R10",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Juniper Junos OS versions ant\u00e9rieures \u00e0 13.2R6",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Juniper CTPView versions ant\u00e9rieures \u00e0 7.1R1",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Juniper Junos OS versions ant\u00e9rieures \u00e0 13.3R6",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Juniper Junos OS versions ant\u00e9rieures \u00e0 14.2R1",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Juniper Junos OS versions ant\u00e9rieures \u00e0 12.3X48-D10",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Juniper CTPOS versions ant\u00e9rieures \u00e0 7.0R4",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Juniper Junos OS versions ant\u00e9rieures \u00e0 14.1X53-D10",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Juniper Junos OS versions ant\u00e9rieures \u00e0 12.1X46-D35",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Juniper Junos OS versions ant\u00e9rieures \u00e0 12.1X47-D25",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Juniper Junos OS versions ant\u00e9rieures \u00e0 14.1R5",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Juniper CTPOS versions ant\u00e9rieures \u00e0 7.1R1",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Juniper Junos OS versions ant\u00e9rieures \u00e0 12.1X44-D50",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Juniper Junos OS versions ant\u00e9rieures \u00e0 13.3R5",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Juniper Junos OS versions ant\u00e9rieures \u00e0 13.2X52-D15",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Juniper Junos OS versions ant\u00e9rieures \u00e0 14.1R3",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Juniper Junos OS versions ant\u00e9rieures \u00e0 14.2R3",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Juniper Junos OS versions ant\u00e9rieures \u00e0 13.2R8",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Juniper Junos OS versions ant\u00e9rieures \u00e0 12.2R9",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Juniper Junos OS versions ant\u00e9rieures \u00e0 13.1X50-D30",
"product": {
"name": "Junos OS",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
},
{
"description": "Juniper IDP OS versions ant\u00e9rieures \u00e0 5.1r4",
"product": {
"name": "N/A",
"vendor": {
"name": "Juniper Networks",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2015-0208",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-0208"
},
{
"name": "CVE-2015-0292",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-0292"
},
{
"name": "CVE-2014-3571",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-3571"
},
{
"name": "CVE-2015-0286",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-0286"
},
{
"name": "CVE-2015-3002",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-3002"
},
{
"name": "CVE-2014-3570",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-3570"
},
{
"name": "CVE-2015-3004",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-3004"
},
{
"name": "CVE-2009-3563",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-3563"
},
{
"name": "CVE-2015-0288",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-0288"
},
{
"name": "CVE-2015-0206",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-0206"
},
{
"name": "CVE-2015-0290",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-0290"
},
{
"name": "CVE-2014-6271",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-6271"
},
{
"name": "CVE-2012-5195",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-5195"
},
{
"name": "CVE-2011-0539",
"url": "https://www.cve.org/CVERecord?id=CVE-2011-0539"
},
{
"name": "CVE-2015-0207",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-0207"
},
{
"name": "CVE-2010-4478",
"url": "https://www.cve.org/CVERecord?id=CVE-2010-4478"
},
{
"name": "CVE-2015-0285",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-0285"
},
{
"name": "CVE-2014-4478",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-4478"
},
{
"name": "CVE-2015-3003",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-3003"
},
{
"name": "CVE-2012-0814",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-0814"
},
{
"name": "CVE-2015-0204",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-0204"
},
{
"name": "CVE-2015-0293",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-0293"
},
{
"name": "CVE-2015-0287",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-0287"
},
{
"name": "CVE-2015-1787",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-1787"
},
{
"name": "CVE-2014-8275",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-8275"
},
{
"name": "CVE-2015-0205",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-0205"
},
{
"name": "CVE-2015-0209",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-0209"
},
{
"name": "CVE-2015-0291",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-0291"
},
{
"name": "CVE-2015-0289",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-0289"
},
{
"name": "CVE-2014-3572",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-3572"
},
{
"name": "CVE-2014-3569",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-3569"
},
{
"name": "CVE-2015-3005",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-3005"
},
{
"name": "CVE-2014-8500",
"url": "https://www.cve.org/CVERecord?id=CVE-2014-8500"
},
{
"name": "CVE-2012-2131",
"url": "https://www.cve.org/CVERecord?id=CVE-2012-2131"
},
{
"name": "CVE-2015-3006",
"url": "https://www.cve.org/CVERecord?id=CVE-2015-3006"
}
],
"initial_release_date": "2015-04-13T00:00:00",
"last_revision_date": "2015-04-13T00:00:00",
"links": [],
"reference": "CERTFR-2015-AVI-146",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2015-04-13T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
},
{
"description": "Ex\u00e9cution de code arbitraire \u00e0 distance"
},
{
"description": "Atteinte \u00e0 l\u0027int\u00e9grit\u00e9 des donn\u00e9es"
},
{
"description": "Injection de code indirecte \u00e0 distance"
},
{
"description": "D\u00e9ni de service"
},
{
"description": "Contournement de la politique de s\u00e9curit\u00e9"
},
{
"description": "Atteinte \u00e0 la confidentialit\u00e9 des donn\u00e9es"
},
{
"description": "\u00c9l\u00e9vation de privil\u00e8ges"
}
],
"summary": "De multiples vuln\u00e9rabilit\u00e9s ont \u00e9t\u00e9 corrig\u00e9es dans les produits \u003cspan\nclass=\"textit\"\u003eJuniper\u003c/span\u003e. Certaines d\u0027entre elles permettent \u00e0 un\nattaquant de provoquer une ex\u00e9cution de code arbitraire \u00e0 distance, un\nd\u00e9ni de service \u00e0 distance et un d\u00e9ni de service.\n",
"title": "Multiples vuln\u00e9rabilit\u00e9s dans les produits Juniper",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10679 du 07 avril 2015",
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10679"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10676 du 07 avril 2015",
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10676"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10673 du 07 avril 2015",
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10673"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10672 du 07 avril 2015",
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10672"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10680 du 07 avril 2015",
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10680"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10677 du 07 avril 2015",
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10677"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10678 du 07 avril 2015",
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10678"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10675 du 07 avril 2015",
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10675"
},
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Juniper JSA10674 du 07 avril 2015",
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10674"
}
]
}
CERTFR-2023-AVI-0553
Vulnerability from certfr_avis - Published: 2023-07-17 - Updated: 2023-07-17
Une vulnérabilité a été découverte dans les commutateurs Moxa. Elle permet à un attaquant de provoquer un déni de service à distance.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
| Vendor | Product | Description | ||
|---|---|---|---|---|
| Moxa | N/A | séries PT-7728 versions 3.8 et antérieures sans le dernier correctif de sécurité | ||
| Moxa | N/A | séries PT-G7828 versions 6.2 et antérieures sans le dernier correctif de sécurité | ||
| Moxa | N/A | séries PT-7828 versions 3.9 et antérieures sans le dernier correctif de sécurité | ||
| Moxa | N/A | séries PT-508 versions 3.8 et antérieures sans le dernier correctif de sécurité | ||
| Moxa | N/A | séries MDS-G4012 versions 1.2 et antérieures sans le dernier correctif de sécurité |
References
| Title | Publication Time | Tags | |||
|---|---|---|---|---|---|
|
|||||
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "s\u00e9ries PT-7728 versions 3.8 et ant\u00e9rieures sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "N/A",
"vendor": {
"name": "Moxa",
"scada": true
}
}
},
{
"description": "s\u00e9ries PT-G7828 versions 6.2 et ant\u00e9rieures sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "N/A",
"vendor": {
"name": "Moxa",
"scada": true
}
}
},
{
"description": "s\u00e9ries PT-7828 versions 3.9 et ant\u00e9rieures sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "N/A",
"vendor": {
"name": "Moxa",
"scada": true
}
}
},
{
"description": "s\u00e9ries PT-508 versions 3.8 et ant\u00e9rieures sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "N/A",
"vendor": {
"name": "Moxa",
"scada": true
}
}
},
{
"description": "s\u00e9ries MDS-G4012 versions 1.2 et ant\u00e9rieures sans le dernier correctif de s\u00e9curit\u00e9",
"product": {
"name": "N/A",
"vendor": {
"name": "Moxa",
"scada": true
}
}
}
],
"affected_systems_content": null,
"content": "## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2009-3563",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-3563"
}
],
"initial_release_date": "2023-07-17T00:00:00",
"last_revision_date": "2023-07-17T00:00:00",
"links": [],
"reference": "CERTFR-2023-AVI-0553",
"revisions": [
{
"description": "Version initiale",
"revision_date": "2023-07-17T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
}
],
"summary": "Une vuln\u00e9rabilit\u00e9 a \u00e9t\u00e9 d\u00e9couverte dans les commutateurs Moxa. Elle\npermet \u00e0 un attaquant de provoquer un d\u00e9ni de service \u00e0 distance.\n",
"title": "Vuln\u00e9rabilit\u00e9 dans les commutateurs Moxa",
"vendor_advisories": [
{
"published_at": null,
"title": "Bulletin de s\u00e9curit\u00e9 Moxa MPSA-230307 du 13 juillet 2023",
"url": "https://www.moxa.com/en/support/product-support/security-advisory/mpsa-230307-multiple-switch-series-affected-by-ntp-denial-of-service-vulnerability"
}
]
}
CERTA-2010-AVI-002
Vulnerability from certfr_avis - Published: 2010-01-07 - Updated: 2010-10-06
Une vulnérabilité dans NTPD permet à un utilisateur d'effectuer un déni de service à distance.
Description
Une vulnérabilité dans NTPD permet à un utilisateur d'effectuer un déni de service à distance en envoyant un paquet UDP spécialement construit.
Solution
Se référer au bulletin de sécurité de l'éditeur pour l'obtention des correctifs (cf. section Documentation).
NoneImpacted products
References
| Title | Publication Time | Tags | |
|---|---|---|---|
{
"$ref": "https://www.cert.ssi.gouv.fr/openapi.json",
"affected_systems": [
{
"description": "NTPD versions ant\u00e9rieures \u00e0 4.2.4p8 ;",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
},
{
"description": "NTPD versions ant\u00e9rieures \u00e0 4.2.6.",
"product": {
"name": "N/A",
"vendor": {
"name": "N/A",
"scada": false
}
}
}
],
"affected_systems_content": null,
"content": "## Description\n\nUne vuln\u00e9rabilit\u00e9 dans NTPD permet \u00e0 un utilisateur d\u0027effectuer un d\u00e9ni\nde service \u00e0 distance en envoyant un paquet UDP sp\u00e9cialement construit.\n\n## Solution\n\nSe r\u00e9f\u00e9rer au bulletin de s\u00e9curit\u00e9 de l\u0027\u00e9diteur pour l\u0027obtention des\ncorrectifs (cf. section Documentation).\n",
"cves": [
{
"name": "CVE-2009-3563",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-3563"
}
],
"initial_release_date": "2010-01-07T00:00:00",
"last_revision_date": "2010-10-06T00:00:00",
"links": [
{
"title": "Bulletin de s\u00e9curit\u00e9 HP #c01961959 du 23 mars 2010 :",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document/.jsp?objectID=c01961959"
},
{
"title": "Bulletin de s\u00e9curit\u00e9 HP Tru64 UNIX c01961950 du 04 octobre 2010 :",
"url": "http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c01961950"
}
],
"reference": "CERTA-2010-AVI-002",
"revisions": [
{
"description": "version initiale.",
"revision_date": "2010-01-07T00:00:00.000000"
},
{
"description": "ajout de la r\u00e9f\u00e9rence au bulletin de s\u00e9curit\u00e9 HP.",
"revision_date": "2010-03-26T00:00:00.000000"
},
{
"description": "Ajout du bulletin de s\u00e9curit\u00e9 HP Tru64 UNIX.",
"revision_date": "2010-10-06T00:00:00.000000"
}
],
"risks": [
{
"description": "D\u00e9ni de service \u00e0 distance"
}
],
"summary": "Une vuln\u00e9rabilit\u00e9 dans NTPD permet \u00e0 un utilisateur d\u0027effectuer un d\u00e9ni\nde service \u00e0 distance.\n",
"title": "Vuln\u00e9rabilit\u00e9 dans NTPD",
"vendor_advisories": [
{
"published_at": null,
"title": "Rapport de bogue #1331 de NTP du 31 d\u00e9cembre 2009",
"url": "http://support.ntp.org/bugs/show_bug.cgi?id=1331"
}
]
}
VAR-200912-0769
Vulnerability from variot - Updated: 2026-03-07 20:12ntp_request.c in ntpd in NTP before 4.2.4p8, and 4.2.5, allows remote attackers to cause a denial of service (CPU and bandwidth consumption) by using MODE_PRIVATE to send a spoofed (1) request or (2) response packet that triggers a continuous exchange of MODE_PRIVATE error responses between two NTP daemons. A novel traffic-loop vulnerability has been identified against certain implementations of UDP-based applications protocols. An unauthenticated attacker can use maliciously-crafted packets against a UDP-based vulnerable implementation of application protocols (e.g., DNS, NTP, TFTP) that can lead to Denial-of-Service (DOS) and/or abuse of resources.CVE-2009-3563 Unknown CVE-2024-1309 Unknown CVE-2024-2169 AffectedCVE-2009-3563 Unknown CVE-2024-1309 Unknown CVE-2024-2169 Affected. NTP for, mode 7 A vulnerability exists due to packet processing. NTP Then "restrict ... noquery" or "restrict ... ignore" There are no restrictions due to the settings of IP From the address, an invalid mode 7 request or mode 7 If you receive an error response, mode 7 Returns and logs the error message. NTP The sender address was spoofed. mode 7 A vulnerability exists due to packet processing.Service operation obstruction by a remote third party (DoS) You may be attacked. NTP is prone to a remote denial-of-service vulnerability because it fails to properly handle certain incoming network packets. An attacker can exploit this issue to cause the application to consume excessive CPU resources and fill disk space with log messages.
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3563
Updated Packages:
Mandriva Linux 2008.0: 7377623e9f89c5f6f6cc7af577974458 2008.0/i586/ntp-4.2.4-10.3mdv2008.0.i586.rpm 977fdaf289c9eff53fb6d563b8a60ede 2008.0/i586/ntp-client-4.2.4-10.3mdv2008.0.i586.rpm e2701dc192a578b141f9408d355522b6 2008.0/i586/ntp-doc-4.2.4-10.3mdv2008.0.i586.rpm 167e3a9dbf1bd10fd576e6a91a2cbc10 2008.0/SRPMS/ntp-4.2.4-10.3mdv2008.0.src.rpm
Mandriva Linux 2008.0/X86_64: 4fa28ef04548ded3dc604ea61a671cc5 2008.0/x86_64/ntp-4.2.4-10.3mdv2008.0.x86_64.rpm b79353be7c2da1fadf3bc55c2c06a6a6 2008.0/x86_64/ntp-client-4.2.4-10.3mdv2008.0.x86_64.rpm c93dd45fc32ece044874c09aac85ce66 2008.0/x86_64/ntp-doc-4.2.4-10.3mdv2008.0.x86_64.rpm 167e3a9dbf1bd10fd576e6a91a2cbc10 2008.0/SRPMS/ntp-4.2.4-10.3mdv2008.0.src.rpm
Mandriva Linux 2009.0: 6a38837b845970b62520f48273362485 2009.0/i586/ntp-4.2.4-18.5mdv2009.0.i586.rpm 4f9d98a186c4ca4348f8296fde0bf174 2009.0/i586/ntp-client-4.2.4-18.5mdv2009.0.i586.rpm 0ae26de5f1bddba4c2718a55463d94b7 2009.0/i586/ntp-doc-4.2.4-18.5mdv2009.0.i586.rpm 45b55bdbde84289b20e295b9dbf188fb 2009.0/SRPMS/ntp-4.2.4-18.5mdv2009.0.src.rpm
Mandriva Linux 2009.0/X86_64: e31f3f71e730e5777d9832cd76430b17 2009.0/x86_64/ntp-4.2.4-18.5mdv2009.0.x86_64.rpm 67a998da616d287fe9e15092bbd45ff6 2009.0/x86_64/ntp-client-4.2.4-18.5mdv2009.0.x86_64.rpm ab02dd7a3457f0ba75248390827c69a4 2009.0/x86_64/ntp-doc-4.2.4-18.5mdv2009.0.x86_64.rpm 45b55bdbde84289b20e295b9dbf188fb 2009.0/SRPMS/ntp-4.2.4-18.5mdv2009.0.src.rpm
Mandriva Linux 2009.1: b6597f0ee96ec99c7ddbe5e18a588e48 2009.1/i586/ntp-4.2.4-22.3mdv2009.1.i586.rpm 069667f851886c39daa0309a5e920619 2009.1/i586/ntp-client-4.2.4-22.3mdv2009.1.i586.rpm 9d5b87f008f00ad30b3c652e5f62eea2 2009.1/i586/ntp-doc-4.2.4-22.3mdv2009.1.i586.rpm e2686dd1237f529bb08f2837052fb46f 2009.1/SRPMS/ntp-4.2.4-22.3mdv2009.1.src.rpm
Mandriva Linux 2009.1/X86_64: e88121b38c942c572b61ba7631130104 2009.1/x86_64/ntp-4.2.4-22.3mdv2009.1.x86_64.rpm c10eaf7ecbeb3b5db5eac978cb2ae78e 2009.1/x86_64/ntp-client-4.2.4-22.3mdv2009.1.x86_64.rpm 8ff34e79ed1f88fa2e7b7e8030232a30 2009.1/x86_64/ntp-doc-4.2.4-22.3mdv2009.1.x86_64.rpm e2686dd1237f529bb08f2837052fb46f 2009.1/SRPMS/ntp-4.2.4-22.3mdv2009.1.src.rpm
Mandriva Linux 2010.0: 2913258a9be65654a3ce5e16c1bd5b25 2010.0/i586/ntp-4.2.4-27.1mdv2010.0.i586.rpm 90cf8d7f8fb468461f8b8baf7d97daa4 2010.0/i586/ntp-client-4.2.4-27.1mdv2010.0.i586.rpm 0b8527559ef05049461cea2f5a83bd6d 2010.0/i586/ntp-doc-4.2.4-27.1mdv2010.0.i586.rpm 7bbd4271086ace434dd8a958bc7c2488 2010.0/SRPMS/ntp-4.2.4-27.1mdv2010.0.src.rpm
Mandriva Linux 2010.0/X86_64: 2e938e58d48f3f581ffaab085dacc1f2 2010.0/x86_64/ntp-4.2.4-27.1mdv2010.0.x86_64.rpm cde3421867c549169751f2964420a578 2010.0/x86_64/ntp-client-4.2.4-27.1mdv2010.0.x86_64.rpm d9799e7286a49420699d3995e8bc1e47 2010.0/x86_64/ntp-doc-4.2.4-27.1mdv2010.0.x86_64.rpm 7bbd4271086ace434dd8a958bc7c2488 2010.0/SRPMS/ntp-4.2.4-27.1mdv2010.0.src.rpm
Corporate 3.0: 65dda36544e7a43175abfd64aa725b34 corporate/3.0/i586/ntp-4.2.0-2.4.C30mdk.i586.rpm a485cad0631598335af0e89ea399ff9d corporate/3.0/SRPMS/ntp-4.2.0-2.4.C30mdk.src.rpm
Corporate 3.0/X86_64: 44130a38552f20b3f34d176c47aa5aab corporate/3.0/x86_64/ntp-4.2.0-2.4.C30mdk.x86_64.rpm a485cad0631598335af0e89ea399ff9d corporate/3.0/SRPMS/ntp-4.2.0-2.4.C30mdk.src.rpm
Corporate 4.0: a2f5a598865d390f7c537fc9e1a9a758 corporate/4.0/i586/ntp-4.2.0-21.7.20060mlcs4.i586.rpm f7eb3884bc0aa71f8237d9500d24489e corporate/4.0/i586/ntp-client-4.2.0-21.7.20060mlcs4.i586.rpm d2ed46d981570f66763f85c822b14179 corporate/4.0/SRPMS/ntp-4.2.0-21.7.20060mlcs4.src.rpm
Corporate 4.0/X86_64: 1bd4395c9c80b583bad4ce5085c0d557 corporate/4.0/x86_64/ntp-4.2.0-21.7.20060mlcs4.x86_64.rpm 95f812f672cf79fccee411154c23d6ee corporate/4.0/x86_64/ntp-client-4.2.0-21.7.20060mlcs4.x86_64.rpm d2ed46d981570f66763f85c822b14179 corporate/4.0/SRPMS/ntp-4.2.0-21.7.20060mlcs4.src.rpm
Mandriva Enterprise Server 5: 16e3975f3e4bb9a830eb1e8166f2fec7 mes5/i586/ntp-4.2.4-18.5mdvmes5.i586.rpm 2af9623d6f3685d54dd4db31f9622f7a mes5/i586/ntp-client-4.2.4-18.5mdvmes5.i586.rpm 5abb771d456b4094d123c5cf24701aee mes5/i586/ntp-doc-4.2.4-18.5mdvmes5.i586.rpm 086a05988392a6602c023f4e453bcc32 mes5/SRPMS/ntp-4.2.4-18.5mdvmes5.src.rpm
Mandriva Enterprise Server 5/X86_64: 9b40b186bf9ebeb70c1350f9a158ac92 mes5/x86_64/ntp-4.2.4-18.5mdvmes5.x86_64.rpm f4a42229dc9b408b04f0c83aa3a25720 mes5/x86_64/ntp-client-4.2.4-18.5mdvmes5.x86_64.rpm 2022447e5d9dbf6ee1a6e594935b1d04 mes5/x86_64/ntp-doc-4.2.4-18.5mdvmes5.x86_64.rpm 086a05988392a6602c023f4e453bcc32 mes5/SRPMS/ntp-4.2.4-18.5mdvmes5.src.rpm
Multi Network Firewall 2.0: 56a2596fd513295f0700508c08a6a3da mnf/2.0/i586/ntp-4.2.0-2.4.C30mdk.i586.rpm f8218643f02c3168e0331852630835a0 mnf/2.0/SRPMS/ntp-4.2.0-2.4.C30mdk.src.rpm
To upgrade automatically use MandrivaUpdate or urpmi. The verification of md5 checksums and GPG signatures is performed automatically for you.
All packages are signed by Mandriva for security. You can obtain the GPG public key of the Mandriva Security Team by executing:
gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98
You can view other update advisories for Mandriva Linux at:
http://www.mandriva.com/security/advisories
If you want to report vulnerabilities, please contact
security_(at)_mandriva.com
Type Bits/KeyID Date User ID pub 1024D/22458A98 2000-07-10 Mandriva Security Team -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (GNU/Linux)
iD8DBQFLHtsAmqjQ0CJFipgRAi1pAKDUH87qI312n3XHGnl4TgVNC+IuvACbBhUw nLO5FqSyfvZaqSNZ93vTSUw= =XCg1 -----END PGP SIGNATURE----- . -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
VMware Security Advisory
Advisory ID: VMSA-2010-0004 Synopsis: ESX Service Console and vMA third party updates Issue date: 2010-03-03 Updated on: 2010-03-03 (initial release of advisory) CVE numbers: CVE-2009-2905 CVE-2008-4552 CVE-2008-4316 CVE-2009-1377 CVE-2009-1378 CVE-2009-1379 CVE-2009-1386 CVE-2009-1387 CVE-2009-0590 CVE-2009-4022 CVE-2009-3560 CVE-2009-3720 CVE-2009-2904 CVE-2009-3563 CVE-2009-2695 CVE-2009-2849 CVE-2009-2695 CVE-2009-2908 CVE-2009-3228 CVE-2009-3286 CVE-2009-3547 CVE-2009-3613 CVE-2009-3612 CVE-2009-3620 CVE-2009-3621 CVE-2009-3726 CVE-2008-3916 CVE-2009-1189 CVE-2009-0115
- Summary
ESX Service Console updates for newt, nfs-utils, and glib2 packages.
vMA updates for newt, nfs-util, glib2, kpartx, libvolume-id, device-mapper-multipath, fipscheck, dbus, dbus-libs, ed, openssl, bind, expat, openssh, ntp and kernel packages.
- Relevant releases
VMware ESX 4.0.0 without patch ESX400-201002404-SG, ESX400-201002407-SG, ESX400-201002406-SG
VMware vMA 4.0 before patch 3
- Problem Description
a. vMA and Service Console update for newt to 0.52.2-12.el5_4.1
Newt is a programming library for color text mode, widget based
user interfaces. Newt can be used to add stacked windows, entry
widgets, checkboxes, radio buttons, labels, plain text fields,
scrollbars, etc., to text mode user interfaces.
A heap-based buffer overflow flaw was found in the way newt
processes content that is to be displayed in a text dialog box.
A local attacker could issue a specially-crafted text dialog box
display request (direct or via a custom application), leading to a
denial of service (application crash) or, potentially, arbitrary
code execution with the privileges of the user running the
application using the newt library.
The Common Vulnerabilities and Exposures Project (cve.mitre.org)
has assigned the name CVE-2009-2905 to this issue.
The following table lists what action remediates the vulnerability
(column 4) if a solution is available.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
VirtualCenter any Windows not affected
hosted * any any not affected
ESXi any ESXi not affected
ESX 4.0 ESX ESX400-201002406-SG
ESX 3.5 ESX not affected
ESX 3.0.3 ESX not affected
ESX 2.5.5 ESX not affected
vMA 4.0 RHEL5 Patch 3
- hosted products are VMware Workstation, Player, ACE, Server, Fusion.
b. vMA and Service Console update for vMA package nfs-utils to 1.0.9-42.el5
The nfs-utils package provides a daemon for the kernel NFS server
and related tools.
It was discovered that nfs-utils did not use tcp_wrappers
correctly. Certain hosts access rules defined in "/etc/hosts.allow"
and "/etc/hosts.deny" may not have been honored, possibly allowing
remote attackers to bypass intended access restrictions.
The Common Vulnerabilities and Exposures Project (cve.mitre.org)
has assigned the name CVE-2008-4552 to this issue.
The following table lists what action remediates the vulnerability
(column 4) if a solution is available.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
VirtualCenter any Windows not affected
hosted * any any not affected
ESXi any ESXi not affected
ESX 4.0 ESX ESX400-201002407-SG
ESX 3.5 ESX not affected
ESX 3.0.3 ESX not affected
ESX 2.5.5 ESX not affected
vMA 4.0 RHEL5 Patch 3
- hosted products are VMware Workstation, Player, ACE, Server, Fusion.
c. vMA and Service Console package glib2 updated to 2.12.3-4.el5_3.1
GLib is the low-level core library that forms the basis for projects
such as GTK+ and GNOME. It provides data structure handling for C, portability wrappers, and interfaces for such runtime functionality as an event loop, threads, dynamic loading, and an object system.
Multiple integer overflows in glib/gbase64.c in GLib before 2.20
allow context-dependent attackers to execute arbitrary code via a
long string that is converted either from or to a base64
representation.
The Common Vulnerabilities and Exposures Project (cve.mitre.org)
has assigned the name CVE-2008-4316 to this issue.
The following table lists what action remediates the vulnerability
(column 4) if a solution is available.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
VirtualCenter any Windows not affected
hosted * any any not affected
ESXi any ESXi not affected
ESX 4.0 ESX ESX400-201002404-SG
ESX 3.5 ESX not affected
ESX 3.0.3 ESX not affected
ESX 2.5.5 ESX not affected
vMA 4.0 RHEL5 Patch 3
- hosted products are VMware Workstation, Player, ACE, Server, Fusion.
d. vMA and Service Console update for openssl to 0.9.8e-12.el5
SSL is a toolkit implementing SSL v2/v3 and TLS protocols with full-
strength cryptography world-wide.
Multiple denial of service flaws were discovered in OpenSSL's DTLS
implementation. A remote attacker could use these flaws to cause a
DTLS server to use excessive amounts of memory, or crash on an
invalid memory access or NULL pointer dereference.
The Common Vulnerabilities and Exposures Project (cve.mitre.org)
has assigned the names CVE-2009-1377, CVE-2009-1378,
CVE-2009-1379, CVE-2009-1386, CVE-2009-1387 to these issues.
An input validation flaw was found in the handling of the BMPString
and UniversalString ASN1 string types in OpenSSL's
ASN1_STRING_print_ex() function. An attacker could use this flaw to
create a specially-crafted X.509 certificate that could cause
applications using the affected function to crash when printing
certificate contents.
The Common Vulnerabilities and Exposures Project (cve.mitre.org)
has assigned the name CVE-2009-0590 to this issue.
The following table lists what action remediates the vulnerability
(column 4) if a solution is available.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
VirtualCenter any Windows not affected
hosted * any any not affected
ESXi any ESXi not affected
ESX 4.0 ESX affected, patch pending
ESX 3.5 ESX not affected
ESX 3.0.3 ESX not affected
ESX 2.5.5 ESX not affected
vMA 4.0 RHEL5 Patch 3
- hosted products are VMware Workstation, Player, ACE, Server, Fusion.
e. vMA and Service Console package bind updated to 9.3.6-4.P1.el5_4.1
It was discovered that BIND was incorrectly caching responses
without performing proper DNSSEC validation, when those responses
were received during the resolution of a recursive client query
that requested DNSSEC records but indicated that checking should be
disabled. A remote attacker could use this flaw to bypass the DNSSEC
validation check and perform a cache poisoning attack if the target
BIND server was receiving such client queries.
The Common Vulnerabilities and Exposures Project (cve.mitre.org)
has assigned the name CVE-2009-4022 to this issue.
The following table lists what action remediates the vulnerability
(column 4) if a solution is available.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
VirtualCenter any Windows not affected
hosted * any any not affected
ESXi any ESXi not applicable
ESX 4.0 ESX affected, patch pending
ESX 3.5 ESX not affected
ESX 3.0.3 ESX not affected
ESX 2.5.5 ESX not affected
vMA 4.0 RHEL5 Patch 3
- hosted products are VMware Workstation, Player, ACE, Server, Fusion.
f. vMA and Service Console package expat updated to 1.95.8-8.3.el5_4.2.
Two buffer over-read flaws were found in the way Expat handled
malformed UTF-8 sequences when processing XML files. A specially-
crafted XML file could cause applications using Expat to fail while
parsing the file.
The Common Vulnerabilities and Exposures Project (cve.mitre.org)
has assigned the names CVE-2009-3560 and CVE-2009-3720 to these
issues.
The following table lists what action remediates the vulnerability
(column 4) if a solution is available.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
VirtualCenter any Windows not affected
hosted * any any not affected
ESXi any ESXi not applicable
ESX 4.0 ESX affected, patch pending
ESX 3.5 ESX affected, patch pending
ESX 3.0.3 ESX affected, patch pending
ESX 2.5.5 ESX affected, patch pending
vMA 4.0 RHEL5 Patch 3
- hosted products are VMware Workstation, Player, ACE, Server, Fusion.
g. vMA and Service Console package openssh update to 4.3p2-36.el5_4.2
A Red Hat specific patch used in the openssh packages as shipped in
Red Hat Enterprise Linux 5.4 (RHSA-2009:1287) loosened certain
ownership requirements for directories used as arguments for the
ChrootDirectory configuration options. A malicious user that also
has or previously had non-chroot shell access to a system could
possibly use this flaw to escalate their privileges and run
commands as any system user.
The Common Vulnerabilities and Exposures Project (cve.mitre.org)
has assigned the name CVE-2009-2904 to this issue.
The following table lists what action remediates the vulnerability
(column 4) if a solution is available.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
VirtualCenter any Windows not affected
hosted * any any not affected
ESXi any ESXi not applicable
ESX 4.0 ESX affected, patch pending
ESX 3.5 ESX not affected
ESX 3.0.3 ESX not affected
ESX 2.5.5 ESX not affected
vMA 4.0 RHEL5 Patch 3
- hosted products are VMware Workstation, Player, ACE, Server, Fusion.
h. vMA and Service Console package ntp updated to ntp-4.2.2p1-9.el5_4.1.i386.rpm
A flaw was discovered in the way ntpd handled certain malformed NTP
packets. ntpd logged information about all such packets and replied
with an NTP packet that was treated as malformed when received by
another ntpd.
The Common Vulnerabilities and Exposures Project (cve.mitre.org)
has assigned the name CVE-2009-3563 to this issue.
The following table lists what action remediates the vulnerability
(column 4) if a solution is available.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
VirtualCenter any Windows not affected
hosted * any any not affected
ESXi any ESXi not applicable
ESX 4.0 ESX affected, patch pending
ESX 3.5 ESX affected, patch pending
ESX 3.0.3 ESX affected, patch pending
ESX 2.5.5 ESX affected, patch pending
vMA 4.0 RHEL5 Patch 3
- hosted products are VMware Workstation, Player, ACE, Server, Fusion.
i. vMA update for package kernel to 2.6.18-164.9.1.el5
Updated vMA package kernel addresses the security issues listed
below.
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the name CVE-2009-2849 to the security issue fixed in
kernel 2.6.18-128.2.1
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the names CVE-2009-2695, CVE-2009-2908, CVE-2009-3228,
CVE-2009-3286, CVE-2009-3547, CVE-2009-3613 to the security issues
fixed in kernel 2.6.18-128.6.1
The Common Vulnerabilities and Exposures project (cve.mitre.org)
has assigned the names CVE-2009-3612, CVE-2009-3620, CVE-2009-3621,
CVE-2009-3726 to the security issues fixed in kernel
2.6.18-128.9.1
The following table lists what action remediates the vulnerability
(column 4) if a solution is available.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
VirtualCenter any Windows not affected
hosted * any any not affected
ESXi any ESXi not affected
ESX 4.0 ESX affected, patch pending
ESX 3.5 ESX not affected
ESX 3.0.3 ESX not affected
ESX 2.5.5 ESX not affected
vMA 4.0 RHEL5 Patch 3 **
- hosted products are VMware Workstation, Player, ACE, Fusion.
** vMA is updated to kernel version 2.6.18-164.9.1
j. vMA 4.0 updates for the packages kpartx, libvolume-id, device-mapper-multipath, fipscheck, dbus, dbus-libs, and ed
kpartx updated to 0.4.7-23.el5_3.4, libvolume-id updated to
095-14.20.el5 device-mapper-multipath package updated to
0.4.7-23.el5_3.4, fipscheck updated to 1.0.3-1.el5, dbus
updated to 1.1.2-12.el5, dbus-libs updated to 1.1.2-12.el5,
and ed package updated to 0.2-39.el5_2.
The Common Vulnerabilities and Exposures Project (cve.mitre.org)
has assigned the names CVE-2008-3916, CVE-2009-1189 and
CVE-2009-0115 to these issues.
The following table lists what action remediates the vulnerability
(column 4) if a solution is available.
VMware Product Running Replace with/
Product Version on Apply Patch
============= ======== ======= =================
VirtualCenter any Windows not affected
hosted * any any not affected
ESXi any ESXi not affected
ESX 4.0 ESX not affected
ESX 3.5 ESX not affected
ESX 3.0.3 ESX not affected
ESX 3.0.2 ESX not affected
ESX 2.5.5 ESX not affected
vMA 4.0 RHEL5 Patch 3
-
hosted products are VMware Workstation, Player, ACE, Server, Fusion.
-
Solution
Please review the patch/release notes for your product and version and verify the md5sum of your downloaded file.
ESX 4.0
https://hostupdate.vmware.com/software/VUM/OFFLINE/release-192-20100228-732 240/ESX400-201002001.zip md5sum: de62cbccaffa4b2b6831617f18c1ccb4 sha1sum: 4083f191fa4acd6600c9a87e4852f9f5700e91ab http://kb.vmware.com/kb/1018403
Note: ESX400-201002001 contains the following security bulletins ESX400-201002404-SG, ESX400-201002407-SG, and ESX400-201002406-SG.
To install an individual bulletin use esxupdate with the -b option. esxupdate --bundle ESX400-201002001.zip -b ESX400-201002404-SG \ -b ESX400-201002407-SG -b ESX400-201002406-SG update
vMA 4.0
To update VIMA 1 Log in to VIMA as vi-admin. 2 type 'sudo /usr/sbin/vima-update update' this will apply all currently available updates. See http://tinyurl.com/yfekgrx for more information.
- References
CVE numbers http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2905 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4552 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4316 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1377 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1378 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1379
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1386 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1387 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0590 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4022 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3560 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3720 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2904 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3563 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2695 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2849 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2695 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2908 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3228 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3286 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3547 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3613 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3612 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3620 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3621 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3726 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3916 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1189 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0115
- Change log
2010-03-03 VMSA-2010-0004 Initial security advisory after release of bulletins for ESX 4.0 on 2010-03-03 and release of vMA Patch 3 on 2010-02-25.
- Contact
E-mail list for product security notifications and announcements: http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce
This Security Advisory is posted to the following lists:
- security-announce at lists.vmware.com
- bugtraq at securityfocus.com
- full-disclosure at lists.grok.org.uk
E-mail: security at vmware.com PGP key at: http://kb.vmware.com/kb/1055
VMware Security Center http://www.vmware.com/security
VMware security response policy http://www.vmware.com/support/policies/security_response.html
General support life cycle policy http://www.vmware.com/support/policies/eos.html
VMware Infrastructure support life cycle policy http://www.vmware.com/support/policies/eos_vi.html
Copyright 2010 VMware Inc. All rights reserved.
-----BEGIN PGP SIGNATURE----- Version: PGP Desktop 9.8.3 (Build 4028) Charset: utf-8
wj8DBQFLj1c6S2KysvBH1xkRAnl5AJ9RcHVB7qooSwOPFdVoDFTjohDypgCfZ44O 2z0ICIcntM88ZONMfDNUM6Y= =14fN -----END PGP SIGNATURE----- .
For the oldstable distribution (etch), this problem has been fixed in version 1:4.2.2.p4+dfsg-2etch4.
For the stable distribution (lenny), this problem has been fixed in version 1:4.2.4p4+dfsg-8lenny3.
For the testing (squeeze) and unstable (sid) distribution, this problem will be fixed soon.
We recommend that you upgrade your ntp packages.
Upgrade instructions
wget url will fetch the file for you dpkg -i file.deb will install the referenced file.
If you are using the apt-get package manager, use the line for sources.list as given below:
apt-get update will update the internal database apt-get upgrade will install corrected packages
You may use an automated update by adding the resources from the footer to the proper configuration.
Debian GNU/Linux 4.0 alias etch
Debian (oldstable)
Oldstable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.
Source archives:
http://security.debian.org/pool/updates/main/n/ntp/ntp_4.2.2.p4+dfsg-2etch4.dsc Size/MD5 checksum: 906 115e93f010e32aa1c90231461487503a http://security.debian.org/pool/updates/main/n/ntp/ntp_4.2.2.p4+dfsg.orig.tar.gz Size/MD5 checksum: 2199764 ad746cda2d90dbb9ed06fe164273c5d0 http://security.debian.org/pool/updates/main/n/ntp/ntp_4.2.2.p4+dfsg-2etch4.diff.gz Size/MD5 checksum: 182632 80aa236bd0a39096c5e5d462c0b9b279
Architecture independent packages:
http://security.debian.org/pool/updates/main/n/ntp/ntp-refclock_4.2.2.p4+dfsg-2etch4_all.deb Size/MD5 checksum: 28596 df605f89c08a01116c2ff799777f6a2c http://security.debian.org/pool/updates/main/n/ntp/ntp-simple_4.2.2.p4+dfsg-2etch4_all.deb Size/MD5 checksum: 28594 0c683ac7e7f5b131515f956aed87de3d http://security.debian.org/pool/updates/main/n/ntp/ntp-doc_4.2.2.p4+dfsg-2etch4_all.deb Size/MD5 checksum: 912886 1af5a623cbf5f145f34dab7beefcd183
alpha architecture (DEC Alpha)
http://security.debian.org/pool/updates/main/n/ntp/ntp_4.2.2.p4+dfsg-2etch4_alpha.deb Size/MD5 checksum: 408070 ca33235c58a26ad1a839084b4f2d385c http://security.debian.org/pool/updates/main/n/ntp/ntpdate_4.2.2.p4+dfsg-2etch4_alpha.deb Size/MD5 checksum: 65056 e527eb4c93d427c025374805fb5288cb
amd64 architecture (AMD x86_64 (AMD64))
http://security.debian.org/pool/updates/main/n/ntp/ntpdate_4.2.2.p4+dfsg-2etch4_amd64.deb Size/MD5 checksum: 62258 13a4f4faaf699913e421c093e598f2a9 http://security.debian.org/pool/updates/main/n/ntp/ntp_4.2.2.p4+dfsg-2etch4_amd64.deb Size/MD5 checksum: 359384 1a289aa1f8439e2ef736cbf29bbe140f
arm architecture (ARM)
http://security.debian.org/pool/updates/main/n/ntp/ntpdate_4.2.2.p4+dfsg-2etch4_arm.deb Size/MD5 checksum: 59784 8a84cae4e8f643cbd3ed684e5a7eb0ff http://security.debian.org/pool/updates/main/n/ntp/ntp_4.2.2.p4+dfsg-2etch4_arm.deb Size/MD5 checksum: 344316 57066e8abfdf51c36d63600c993f3c20
hppa architecture (HP PA RISC)
http://security.debian.org/pool/updates/main/n/ntp/ntp_4.2.2.p4+dfsg-2etch4_hppa.deb Size/MD5 checksum: 372448 0b8f9b90bb03a2f572066fe8b47c7202 http://security.debian.org/pool/updates/main/n/ntp/ntpdate_4.2.2.p4+dfsg-2etch4_hppa.deb Size/MD5 checksum: 62160 88dc964fa357187ddc97d37513a863ba
i386 architecture (Intel ia32)
http://security.debian.org/pool/updates/main/n/ntp/ntpdate_4.2.2.p4+dfsg-2etch4_i386.deb Size/MD5 checksum: 58316 90fc92e7a8f6582ee21076849ae0dfba http://security.debian.org/pool/updates/main/n/ntp/ntp_4.2.2.p4+dfsg-2etch4_i386.deb Size/MD5 checksum: 333772 e5fbae24686d444fff118f3ce9cc45db
ia64 architecture (Intel ia64)
http://security.debian.org/pool/updates/main/n/ntp/ntp_4.2.2.p4+dfsg-2etch4_ia64.deb Size/MD5 checksum: 523358 0032e3c9bcb4a27a312a47fb95d1f9a1 http://security.debian.org/pool/updates/main/n/ntp/ntpdate_4.2.2.p4+dfsg-2etch4_ia64.deb Size/MD5 checksum: 74712 72c1b601f4beb41c6c04a54534ba9c51
mips architecture (MIPS (Big Endian))
http://security.debian.org/pool/updates/main/n/ntp/ntp_4.2.2.p4+dfsg-2etch4_mips.deb Size/MD5 checksum: 382868 2980d63a9ca6344e6a76698d0e808f8c http://security.debian.org/pool/updates/main/n/ntp/ntpdate_4.2.2.p4+dfsg-2etch4_mips.deb Size/MD5 checksum: 63610 d523930b9b98d6353bf4e6fb7d7e57f5
mipsel architecture (MIPS (Little Endian))
http://security.debian.org/pool/updates/main/n/ntp/ntpdate_4.2.2.p4+dfsg-2etch4_mipsel.deb Size/MD5 checksum: 64134 e4042de5af081701911a7cece69c6cce http://security.debian.org/pool/updates/main/n/ntp/ntp_4.2.2.p4+dfsg-2etch4_mipsel.deb Size/MD5 checksum: 390142 b50dc2bd5970f224b6994c460f8f560a
powerpc architecture (PowerPC)
http://security.debian.org/pool/updates/main/n/ntp/ntp_4.2.2.p4+dfsg-2etch4_powerpc.deb Size/MD5 checksum: 358860 432b58ad621ac266455f7e5124d2eb1c http://security.debian.org/pool/updates/main/n/ntp/ntpdate_4.2.2.p4+dfsg-2etch4_powerpc.deb Size/MD5 checksum: 61760 2c9dd1b3a8d61bece4f420e533b7a6eb
s390 architecture (IBM S/390)
http://security.debian.org/pool/updates/main/n/ntp/ntp_4.2.2.p4+dfsg-2etch4_s390.deb Size/MD5 checksum: 350300 40a28748d5016101c179bd4a22c08390 http://security.debian.org/pool/updates/main/n/ntp/ntpdate_4.2.2.p4+dfsg-2etch4_s390.deb Size/MD5 checksum: 61242 14c08344bfd0561ced0d54aa2cd23a2e
sparc architecture (Sun SPARC/UltraSPARC)
http://security.debian.org/pool/updates/main/n/ntp/ntpdate_4.2.2.p4+dfsg-2etch4_sparc.deb Size/MD5 checksum: 58584 0e573ef22b1514b12e01fa6ac2bb1ddb http://security.debian.org/pool/updates/main/n/ntp/ntp_4.2.2.p4+dfsg-2etch4_sparc.deb Size/MD5 checksum: 332284 4589ff44bc97ad73513d8ba5419c7845
Debian GNU/Linux 5.0 alias lenny
Debian (stable)
Stable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc.
Source archives:
http://security.debian.org/pool/updates/main/n/ntp/ntp_4.2.4p4+dfsg-8lenny3.dsc Size/MD5 checksum: 1459 81e70fe84f27e3bfabdbfb9f3122492b http://security.debian.org/pool/updates/main/n/ntp/ntp_4.2.4p4+dfsg.orig.tar.gz Size/MD5 checksum: 2835029 dc2b3ac9cc04b0f29df35467514c9884 http://security.debian.org/pool/updates/main/n/ntp/ntp_4.2.4p4+dfsg-8lenny3.diff.gz Size/MD5 checksum: 300928 b568f39eda3e46f27239ad44021f968c
Architecture independent packages:
http://security.debian.org/pool/updates/main/n/ntp/ntp-doc_4.2.4p4+dfsg-8lenny3_all.deb Size/MD5 checksum: 927658 8db03976b7b105057ead2da4bae09219
alpha architecture (DEC Alpha)
http://security.debian.org/pool/updates/main/n/ntp/ntpdate_4.2.4p4+dfsg-8lenny3_alpha.deb Size/MD5 checksum: 66706 9213dcba9a99fa363f0ce48c514a008b http://security.debian.org/pool/updates/main/n/ntp/ntp_4.2.4p4+dfsg-8lenny3_alpha.deb Size/MD5 checksum: 538492 de37b288ef933f34446ab78a8d8ed76b
amd64 architecture (AMD x86_64 (AMD64))
http://security.debian.org/pool/updates/main/n/ntp/ntpdate_4.2.4p4+dfsg-8lenny3_amd64.deb Size/MD5 checksum: 63836 a0b5b030abe6a6c32591366febcec1d1 http://security.debian.org/pool/updates/main/n/ntp/ntp_4.2.4p4+dfsg-8lenny3_amd64.deb Size/MD5 checksum: 479472 277efe45a76a24da6ca14ae581d0a3a2
arm architecture (ARM)
http://security.debian.org/pool/updates/main/n/ntp/ntpdate_4.2.4p4+dfsg-8lenny3_arm.deb Size/MD5 checksum: 61220 d4905eea52795330e517acca903059f4 http://security.debian.org/pool/updates/main/n/ntp/ntp_4.2.4p4+dfsg-8lenny3_arm.deb Size/MD5 checksum: 448164 cc28e545eb359eba225abfcb02cc4377
armel architecture (ARM EABI)
http://security.debian.org/pool/updates/main/n/ntp/ntpdate_4.2.4p4+dfsg-8lenny3_armel.deb Size/MD5 checksum: 62794 e5a43b8076a77643cc742348f0e63de1 http://security.debian.org/pool/updates/main/n/ntp/ntp_4.2.4p4+dfsg-8lenny3_armel.deb Size/MD5 checksum: 458908 3721b8d7b7a67b31db6249521dd9f015
hppa architecture (HP PA RISC)
http://security.debian.org/pool/updates/main/n/ntp/ntpdate_4.2.4p4+dfsg-8lenny3_hppa.deb Size/MD5 checksum: 63872 53a7009f1888c06b162c258a9bb5d6fb http://security.debian.org/pool/updates/main/n/ntp/ntp_4.2.4p4+dfsg-8lenny3_hppa.deb Size/MD5 checksum: 485744 b8e950ba02a13ecacfe332db56c0c887
i386 architecture (Intel ia32)
http://security.debian.org/pool/updates/main/n/ntp/ntp_4.2.4p4+dfsg-8lenny3_i386.deb Size/MD5 checksum: 434672 6ccfb060f39cc56f39ef8806865b767d http://security.debian.org/pool/updates/main/n/ntp/ntpdate_4.2.4p4+dfsg-8lenny3_i386.deb Size/MD5 checksum: 60114 2f0914ae2191ddf3f74529bc896299da
ia64 architecture (Intel ia64)
http://security.debian.org/pool/updates/main/n/ntp/ntp_4.2.4p4+dfsg-8lenny3_ia64.deb Size/MD5 checksum: 707812 eb960c732894d56589ba62d76c5ba568 http://security.debian.org/pool/updates/main/n/ntp/ntpdate_4.2.4p4+dfsg-8lenny3_ia64.deb Size/MD5 checksum: 76366 6b5b986e454276661e8b483f095bd16e
mips architecture (MIPS (Big Endian))
http://security.debian.org/pool/updates/main/n/ntp/ntpdate_4.2.4p4+dfsg-8lenny3_mips.deb Size/MD5 checksum: 64116 ab287c70d2c2daf7b1a8808db8dcedc9 http://security.debian.org/pool/updates/main/n/ntp/ntp_4.2.4p4+dfsg-8lenny3_mips.deb Size/MD5 checksum: 490394 0009cb5333123767dc3afcde682d9e10
mipsel architecture (MIPS (Little Endian))
http://security.debian.org/pool/updates/main/n/ntp/ntp_4.2.4p4+dfsg-8lenny3_mipsel.deb Size/MD5 checksum: 500786 3b842b738e616f301c31cd025c595235 http://security.debian.org/pool/updates/main/n/ntp/ntpdate_4.2.4p4+dfsg-8lenny3_mipsel.deb Size/MD5 checksum: 64776 fd31cdaa7a78d7e3fa072b746dd98e01
powerpc architecture (PowerPC)
http://security.debian.org/pool/updates/main/n/ntp/ntp_4.2.4p4+dfsg-8lenny3_powerpc.deb Size/MD5 checksum: 490620 21d03b435c327c2884fe587a56fe10fb http://security.debian.org/pool/updates/main/n/ntp/ntpdate_4.2.4p4+dfsg-8lenny3_powerpc.deb Size/MD5 checksum: 65470 6966f71002ae63c104e608af1a7daa3a
s390 architecture (IBM S/390)
http://security.debian.org/pool/updates/main/n/ntp/ntpdate_4.2.4p4+dfsg-8lenny3_s390.deb Size/MD5 checksum: 63678 4b143ad2444681bdb1ee44d395996a29 http://security.debian.org/pool/updates/main/n/ntp/ntp_4.2.4p4+dfsg-8lenny3_s390.deb Size/MD5 checksum: 474000 6fb44a33381b0d582599eb33896d8f0f
These files will probably be moved into the stable distribution on its next update.
Product/Patch kit ITRC Download Location MD5 and SHA1 Checksum
HP Tru64 UNIX v 5.1B-4 PK6 (BL27) T64KIT1001787-V51BB27-ES-20100817 http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=T64KIT1001787-V51BB27-ES-20100817 MD5 results: 2b3a21a96b7855d9ca223f483bd5bfed SHA1 results: ac2221c9d025008b258ac8592a210e16e775fbcf
HP Tru64 UNIX v 5.1B-5 PK7 (BL28) T64KIT1001786-V51BB28-ES-20100816 http://www13.itrc.hp.com/service/patch/patchDetail.do?patchid=T64KIT1001786-V51BB28-ES-20100816 MD5 results: b34d028797577408d565da27d93c30a9 SHA1 results: b34d028797577408d565da27d93c30a9
Note: The patch kit installation instructions and the Patch Summary and Release Notes documents provide patch kit installation and removal instructions and a summary of each patch. Please read these documents prior to installing patches. HP TCP/IP Services for OpenVMS v5.4, v5.5, v5.6, and v5.7 (only affected by CVE-2009-3563) on Itanium and Alpha platforms. Patch kit installation instructions are provided in the file readme.txt . ESXi userworld update for ntp
The Network Time Protocol (NTP) is used to synchronize the time of
a computer client or server to another server or reference time
source.
A vulnerability was discovered which may allow remote attackers to
spoof certificates by using MD2 design flaws to generate a hash
collision in less than brute-force time. NOTE: the scope of this
issue is currently limited because the amount of computation
required is still large.
This update also includes security fixes that were first addressed
in version openssl-0.9.8e-12.el5.i386.rpm.
Kerberos is a network authentication protocol. It is designed to
provide strong authentication for client/server applications by
using secret-key cryptography. This update fixes a flaw found in pam_krb5. In
some non-default configurations (specifically, where pam_krb5 would
be the first module to prompt for a password), a remote attacker
could use this flaw to recognize valid usernames, which would aid a
dictionary-based password guess attack. Service Console package bind updated to 9.3.6-4.P1.el5_4.2
BIND (Berkeley Internet Name Daemon) is by far the most widely used
Domain Name System (DNS) software on the Internet.
A vulnerability was discovered which could allow remote attacker to
add the Authenticated Data (AD) flag to a forged NXDOMAIN response
for an existing domain.
A vulnerability was found in the way that bind handles out-of-
bailiwick data accompanying a secure response without re-fetching
from the original source, which could allow remote attackers to
have an unspecified impact via a crafted response.
NOTE: ESX does not use the BIND name service daemon by default. Service Console package gcc updated to 3.2.3-60
The GNU Compiler Collection includes front ends for C, C++,
Objective-C, Fortran, Java, and Ada, as well as libraries for these
languages
GNU Libtool's ltdl.c attempts to open .la library files in the
current working directory. This could allow a local user to gain
privileges via a Trojan horse file. The GNU C Compiler collection
(gcc) provided in ESX contains a statically linked version of the
vulnerable code, and is being replaced. Service Console package sudo updated to 1.6.9p17-6.el5_4
Sudo (su "do") allows a system administrator to delegate authority
to give certain users (or groups of users) the ability to run some
(or all) commands as root or another user while providing an audit
trail of the commands and their arguments.
When a pseudo-command is enabled, sudo permits a match between the
name of the pseudo-command and the name of an executable file in an
arbitrary directory, which allows local users to gain privileges
via a crafted executable file.
When the runas_default option is used, sudo does not properly set
group memberships, which allows local users to gain privileges via
a sudo command.
Corrected: 2010-01-06 21:45:30 UTC (RELENG_8, 8.0-STABLE) 2010-01-06 21:45:30 UTC (RELENG_8_0, 8.0-RELEASE-p2) 2010-01-06 21:45:30 UTC (RELENG_7, 7.2-STABLE) 2010-01-06 21:45:30 UTC (RELENG_7_2, 7.2-RELEASE-p6) 2010-01-06 21:45:30 UTC (RELENG_7_1, 7.1-RELEASE-p10) 2010-01-06 21:45:30 UTC (RELENG_6, 6.4-STABLE) 2010-01-06 21:45:30 UTC (RELENG_6_4, 6.4-RELEASE-p9) 2010-01-06 21:45:30 UTC (RELENG_6_3, 6.3-RELEASE-p15) CVE Name: CVE-2009-3563
For general information regarding FreeBSD Security Advisories, including descriptions of the fields above, security branches, and the following sections, please visit .
II.
III.
IV. Workaround
Proper filtering of mode 7 NTP packets by a firewall can limit the number of systems used to attack your resources. Solution
Perform one of the following:
1) Upgrade your vulnerable system to 6-STABLE, 7-STABLE or 8-STABLE, or to the RELENG_8_0, RELENG_7_2, RELENG_7_1, RELENG_6_4, or RELENG_6_3 security branch dated after the correction date.
2) To patch your present system:
The following patches have been verified to apply to FreeBSD 6.3, 6.4, 7.1, 7.2, and 8.0 systems.
a) Download the relevant patch from the location below, and verify the detached PGP signature using your PGP utility.
fetch http://security.FreeBSD.org/patches/SA-10:02/ntpd.patch
fetch http://security.FreeBSD.org/patches/SA-10:02/ntpd.patch.asc
b) Execute the following commands as root:
cd /usr/src
patch < /path/to/patch
cd /usr/src/usr.sbin/ntp/ntpd
make obj && make depend && make && make install
/etc/rc.d/ntpd restart
VI. Correction details
The following list contains the revision numbers of each file that was corrected in FreeBSD.
CVS:
Branch Revision Path
RELENG_6 src/contrib/ntp/ntpd/ntp_request.c 1.1.1.4.8.2 RELENG_6_4 src/UPDATING 1.416.2.40.2.13 src/sys/conf/newvers.sh 1.69.2.18.2.15 src/contrib/ntp/ntpd/ntp_request.c 1.1.1.4.8.1.2.1 RELENG_6_3 src/UPDATING 1.416.2.37.2.20 src/sys/conf/newvers.sh 1.69.2.15.2.19 src/contrib/ntp/ntpd/ntp_request.c 1.1.1.4.20.1 RELENG_7 src/contrib/ntp/ntpd/ntp_request.c 1.1.1.4.18.2 RELENG_7_2 src/UPDATING 1.507.2.23.2.9 src/sys/conf/newvers.sh 1.72.2.11.2.10 src/contrib/ntp/ntpd/ntp_request.c 1.1.1.4.18.1.4.1 RELENG_7_1 src/UPDATING 1.507.2.13.2.13 src/sys/conf/newvers.sh 1.72.2.9.2.14 src/contrib/ntp/ntpd/ntp_request.c 1.1.1.4.18.1.2.1 RELENG_8 src/contrib/ntp/ntpd/ntp_request.c 1.2.2.1 RELENG_8_0 src/UPDATING 1.632.2.7.2.5 src/sys/conf/newvers.sh 1.83.2.6.2.5 src/contrib/ntp/ntpd/ntp_request.c 1.2.4.1
Subversion:
Branch/path Revision
stable/6/ r201679 releng/6.4/ r201679 releng/6.3/ r201679 stable/7/ r201679 releng/7.2/ r201679 releng/7.1/ r201679 stable/8/ r201679 releng/8.0/ r201679 head/ r200576
VII. The upgrade is available by downloading from software.hp.com -> HPUX 11i Software -> Internet ready and networking -> HP-UX Network Time Protocol version 4 or directly from https://h20392.www2.hp.com/portal/swdepot/displayP roductInfo.do?productNumber=HPUX-NTP Please review the Installation link at the bottom of the page. For other issues about the content of this Security Bulletin, send e-mail to security-alert@hp.com.
Release Date: 2011-03-28 Last Updated: 2011-03-24
Potential Security Impact: Remote Denial of Service (DoS)
Source: Hewlett-Packard Company, HP Software Security Response Team
VULNERABILITY SUMMARY A potential security vulnerability has been identified with HP-UX running XNTP. The vulnerability could be exploited remotely create a Denial of Service (DoS).
References: CVE-2009-3563
SUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. HP-UX B.11.11, B.11.23, B.11.31 running XNTP.
BACKGROUND
CVSS 2.0 Base Metrics
Reference Base Vector Base Score CVE-2009-3563 (AV:N/AC:L/Au:N/C:N/I:P/A:P) 6.4 =========================================================== Information on CVSS is documented in HP Customer Notice: HPSN-2008-002
RESOLUTION
HP has provided the following patches to resolve this vulnerability. The patches are available by contacting HP Support.
http://itrc.hp.com
HP-UX Release / Patch ID
B.11.11 (11i v1) / PHNE_41907
B.11.23 (11i v2) / PHNE_41908
B.11.31 (11i v3) / PHNE_41177
MANUAL ACTIONS: No
PRODUCT SPECIFIC INFORMATION
HP-UX Software Assistant: HP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check. It analyzes all Security Bulletins issued by HP and lists recommended actions that may apply to a specific HP-UX system. It can also download patches and create a depot automatically. For more information see: https://www.hp.com/go/swa
The following text is for use by the HP-UX Software Assistant.
AFFECTED VERSIONS
HP-UX B.11.11
InternetSrvcs.INETSVCS-BOOT action: install patch PHNE_41907 or subsequent
HP-UX B.11.23
InternetSrvcs.INETSVCS2-BOOT action: install patch PHNE_41908 or subsequent
HP-UX B.11.31
NTP.NTP-RUN action: install patch PHNE_41177 or subsequent
END AFFECTED VERSIONS
HISTORY Version:1 (rev.1) 28 March 2011 Initial release
Third Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer's patch management policy.
Support: For further information, contact normal HP Services support channel.
Report: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com It is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. To get the security-alert PGP key, please send an e-mail message as follows: To: security-alert@hp.com Subject: get key Subscribe: To initiate a subscription to receive future HP Security Bulletins via Email: http://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA&langcode=USENG&jumpid=in_SC-GEN__driverITRC&topiccode=ITRC On the web page: ITRC security bulletins and patch sign-up Under Step1: your ITRC security bulletins and patches -check ALL categories for which alerts are required and continue. Under Step2: your ITRC operating systems -verify your operating system selections are checked and save.
To update an existing subscription: http://h30046.www3.hp.com/subSignIn.php Log in on the web page: Subscriber's choice for Business: sign-in. On the web page: Subscriber's Choice: your profile summary - use Edit Profile to update appropriate sections.
To review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do
- The Software Product Category that this Security Bulletin relates to is represented by the 5th and 6th characters of the Bulletin number in the title:
GN = HP General SW MA = HP Management Agents MI = Misc. 3rd Party SW MP = HP MPE/iX NS = HP NonStop Servers OV = HP OpenVMS PI = HP Printing & Imaging ST = HP Storage SW TL = HP Trusted Linux TU = HP Tru64 UNIX UX = HP-UX VV = HP VirtualVault
System management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions.
"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user's use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement."
Copyright 2009 Hewlett-Packard Development Company, L.P. Hewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided "as is" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits;damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners
Show details on source website{
"affected_products": {
"_id": null,
"data": [
{
"_id": null,
"model": "unified communications manager 5.1",
"scope": null,
"trust": 2.1,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "ntp",
"scope": "eq",
"trust": 1.9,
"vendor": "ntp",
"version": "4.1.2"
},
{
"_id": null,
"model": "ntp",
"scope": "eq",
"trust": 1.6,
"vendor": "ntp",
"version": "4.2.2p2"
},
{
"_id": null,
"model": "ntp",
"scope": "eq",
"trust": 1.6,
"vendor": "ntp",
"version": "4.0.91"
},
{
"_id": null,
"model": "ntp",
"scope": "eq",
"trust": 1.6,
"vendor": "ntp",
"version": "4.2.2p3"
},
{
"_id": null,
"model": "ntp",
"scope": "eq",
"trust": 1.6,
"vendor": "ntp",
"version": "4.0.93"
},
{
"_id": null,
"model": "ntp",
"scope": "eq",
"trust": 1.6,
"vendor": "ntp",
"version": "4.2.2p1"
},
{
"_id": null,
"model": "ntp",
"scope": "eq",
"trust": 1.6,
"vendor": "ntp",
"version": "4.0.73"
},
{
"_id": null,
"model": "ntp",
"scope": "eq",
"trust": 1.6,
"vendor": "ntp",
"version": "4.0.92"
},
{
"_id": null,
"model": "ntp",
"scope": "eq",
"trust": 1.6,
"vendor": "ntp",
"version": "4.0.90"
},
{
"_id": null,
"model": "ntp",
"scope": "eq",
"trust": 1.6,
"vendor": "ntp",
"version": "4.0.94"
},
{
"_id": null,
"model": "ntp",
"scope": "eq",
"trust": 1.0,
"vendor": "ntp",
"version": "4.0.96"
},
{
"_id": null,
"model": "ntp",
"scope": "eq",
"trust": 1.0,
"vendor": "ntp",
"version": "4.0.98"
},
{
"_id": null,
"model": "ntp",
"scope": "eq",
"trust": 1.0,
"vendor": "ntp",
"version": "4.0.97"
},
{
"_id": null,
"model": "ntp",
"scope": "eq",
"trust": 1.0,
"vendor": "ntp",
"version": "4.2.5"
},
{
"_id": null,
"model": "ntp",
"scope": "eq",
"trust": 1.0,
"vendor": "ntp",
"version": "4.2.2"
},
{
"_id": null,
"model": "ntp",
"scope": "eq",
"trust": 1.0,
"vendor": "ntp",
"version": "4.1.0"
},
{
"_id": null,
"model": "ntp",
"scope": "eq",
"trust": 1.0,
"vendor": "ntp",
"version": "4.2.0"
},
{
"_id": null,
"model": "ntp",
"scope": "lte",
"trust": 1.0,
"vendor": "ntp",
"version": "4.2.2p4"
},
{
"_id": null,
"model": "ntp",
"scope": "eq",
"trust": 1.0,
"vendor": "ntp",
"version": "4.0.99"
},
{
"_id": null,
"model": "ntp",
"scope": "eq",
"trust": 1.0,
"vendor": "ntp",
"version": "4.0.72"
},
{
"_id": null,
"model": "ntp",
"scope": "eq",
"trust": 1.0,
"vendor": "ntp",
"version": "4.0.95"
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "apple",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "debian gnu linux",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "gentoo linux",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "meinberg funkuhren",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "qnx",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "red hat",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "sun microsystems",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "the sco group",
"version": null
},
{
"_id": null,
"model": null,
"scope": null,
"trust": 0.8,
"vendor": "ubuntu",
"version": null
},
{
"_id": null,
"model": "sparc",
"scope": null,
"trust": 0.8,
"vendor": "\u30aa\u30e9\u30af\u30eb",
"version": null
},
{
"_id": null,
"model": "sun solaris",
"scope": null,
"trust": 0.8,
"vendor": "\u30b5\u30f3 \u30de\u30a4\u30af\u30ed\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"_id": null,
"model": "aix",
"scope": null,
"trust": 0.8,
"vendor": "ibm",
"version": null
},
{
"_id": null,
"model": "asianux server",
"scope": null,
"trust": 0.8,
"vendor": "\u30b5\u30a4\u30d0\u30fc\u30c8\u30e9\u30b9\u30c8\u682a\u5f0f\u4f1a\u793e",
"version": null
},
{
"_id": null,
"model": "red hat enterprise linux",
"scope": null,
"trust": 0.8,
"vendor": "\u30ec\u30c3\u30c9\u30cf\u30c3\u30c8",
"version": null
},
{
"_id": null,
"model": "securebranch",
"scope": null,
"trust": 0.8,
"vendor": "\u65e5\u672c\u96fb\u6c17",
"version": null
},
{
"_id": null,
"model": "ntp",
"scope": null,
"trust": 0.8,
"vendor": "ntp",
"version": null
},
{
"_id": null,
"model": "hp tru64 unix",
"scope": null,
"trust": 0.8,
"vendor": "\u30d2\u30e5\u30fc\u30ec\u30c3\u30c8 \u30d1\u30c3\u30ab\u30fc\u30c9",
"version": null
},
{
"_id": null,
"model": "netshelter\u30b7\u30ea\u30fc\u30ba",
"scope": null,
"trust": 0.8,
"vendor": "\u5bcc\u58eb\u901a",
"version": null
},
{
"_id": null,
"model": "ip8800/s,/r",
"scope": null,
"trust": 0.8,
"vendor": "\u65e5\u672c\u96fb\u6c17",
"version": null
},
{
"_id": null,
"model": "ipcom\u30b7\u30ea\u30fc\u30ba",
"scope": null,
"trust": 0.8,
"vendor": "\u5bcc\u58eb\u901a",
"version": null
},
{
"_id": null,
"model": "netra sparc",
"scope": null,
"trust": 0.8,
"vendor": "\u30aa\u30e9\u30af\u30eb",
"version": null
},
{
"_id": null,
"model": "red hat enterprise linux desktop",
"scope": null,
"trust": 0.8,
"vendor": "\u30ec\u30c3\u30c9\u30cf\u30c3\u30c8",
"version": null
},
{
"_id": null,
"model": "hp-ux",
"scope": null,
"trust": 0.8,
"vendor": "\u30d2\u30e5\u30fc\u30ec\u30c3\u30c8 \u30d1\u30c3\u30ab\u30fc\u30c9",
"version": null
},
{
"_id": null,
"model": "red hat enterprise linux eus",
"scope": null,
"trust": 0.8,
"vendor": "\u30ec\u30c3\u30c9\u30cf\u30c3\u30c8",
"version": null
},
{
"_id": null,
"model": "opensolaris",
"scope": null,
"trust": 0.8,
"vendor": "\u30b5\u30f3 \u30de\u30a4\u30af\u30ed\u30b7\u30b9\u30c6\u30e0\u30ba",
"version": null
},
{
"_id": null,
"model": "unified communications manager su1",
"scope": "eq",
"trust": 0.6,
"vendor": "cisco",
"version": "6.1"
},
{
"_id": null,
"model": "unified callmanager 4.3 sr1a",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "opensolaris build snv 131",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "unified meetingplace express",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "opensolaris build snv 95",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "linux hppa",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"_id": null,
"model": "-release-p2",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "7.1"
},
{
"_id": null,
"model": "opensolaris build snv 54",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "opensolaris build snv 93",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "tcp/ip services for openvms alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.4"
},
{
"_id": null,
"model": "networks enterprise voip tm-cs1000",
"scope": null,
"trust": 0.3,
"vendor": "nortel",
"version": null
},
{
"_id": null,
"model": "proactive contact",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.1.1"
},
{
"_id": null,
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "4.0"
},
{
"_id": null,
"model": "big-ip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "9.3"
},
{
"_id": null,
"model": "rtos",
"scope": "eq",
"trust": 0.3,
"vendor": "qnx",
"version": "6.1"
},
{
"_id": null,
"model": "big-ip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "9.0.3"
},
{
"_id": null,
"model": "ace appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"_id": null,
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"_id": null,
"model": "meeting exchange sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1"
},
{
"_id": null,
"model": "opensolaris build snv 121",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "big-ip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "9.4.5"
},
{
"_id": null,
"model": "big-ip application security manager",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "9.4.7"
},
{
"_id": null,
"model": "big-ip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "9.0.5"
},
{
"_id": null,
"model": "opensolaris build snv 99",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "cms server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "15.0"
},
{
"_id": null,
"model": "rtos",
"scope": "eq",
"trust": 0.3,
"vendor": "qnx",
"version": "6.3.2"
},
{
"_id": null,
"model": "unified callmanager 4.1 sr5",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "4.0.2"
},
{
"_id": null,
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"_id": null,
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.7"
},
{
"_id": null,
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.2.2"
},
{
"_id": null,
"model": "big-ip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "9.6.1"
},
{
"_id": null,
"model": "solaris 8 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.3"
},
{
"_id": null,
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"_id": null,
"model": "unified callmanager 3.3 sr2a",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "aura system platform",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "6.0"
},
{
"_id": null,
"model": "opensolaris build snv 100",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "opensolaris build snv 124",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "opensolaris build snv 123",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "unified communications manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.0"
},
{
"_id": null,
"model": "big-ip build",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "9.2413.1"
},
{
"_id": null,
"model": "linux alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"_id": null,
"model": "opensolaris build snv 49",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "linux mipsel",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"_id": null,
"model": "-release-p5",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.0"
},
{
"_id": null,
"model": "wide area application services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.17"
},
{
"_id": null,
"model": "opensolaris build snv 114",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "aura communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1"
},
{
"_id": null,
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2009.1"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "9.1"
},
{
"_id": null,
"model": "opensolaris build snv 128",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "opensolaris build snv 85",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "opensolaris build snv 19",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "nexus",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "70000"
},
{
"_id": null,
"model": "opensolaris build snv 107",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "wireless location appliance",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "opensolaris build snv 45",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "-prerelease",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "7.0"
},
{
"_id": null,
"model": "unified communications",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5000"
},
{
"_id": null,
"model": "wide area application services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "message networking",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"_id": null,
"model": "meeting exchange sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"_id": null,
"model": "cms server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "14.1"
},
{
"_id": null,
"model": "vma",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "4.0"
},
{
"_id": null,
"model": "opensolaris build snv 78",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "voice portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"_id": null,
"model": "opensolaris build snv 108",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "rtos",
"scope": "ne",
"trust": 0.3,
"vendor": "qnx",
"version": "6.4.2"
},
{
"_id": null,
"model": "opensolaris build snv 28",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "big-ip application security manager",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "9.4.8"
},
{
"_id": null,
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.10"
},
{
"_id": null,
"model": "big-ip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "9.2"
},
{
"_id": null,
"model": "unified callmanager sr5c",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"_id": null,
"model": "big-ip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "9.4.3"
},
{
"_id": null,
"model": "unified callmanager 3.3 sr2b",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "opensolaris build snv 89",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "6.3-release-p10",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "big-ip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "1.0"
},
{
"_id": null,
"model": "big-ip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "9.4.6"
},
{
"_id": null,
"model": "unified communications manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.0"
},
{
"_id": null,
"model": "opensolaris build snv 39",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "message networking mn",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"_id": null,
"model": "enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"_id": null,
"model": "-release-p8",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.3"
},
{
"_id": null,
"model": "p1",
"scope": "eq",
"trust": 0.3,
"vendor": "ntp",
"version": "4.2.2"
},
{
"_id": null,
"model": "linux lpia",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.04"
},
{
"_id": null,
"model": "cms server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "14.0"
},
{
"_id": null,
"model": "opensolaris build snv 90",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "opensolaris build snv 68",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "unified communications manager 7.0",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"_id": null,
"model": "unified communications manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.3"
},
{
"_id": null,
"model": "tcp/ip services for openvms alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.5"
},
{
"_id": null,
"model": "6.3-release-p11",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "opensolaris build snv 67",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "opensolaris build snv 120",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "opensolaris build snv 51",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "7.2-rc2",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "big-ip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "9.6"
},
{
"_id": null,
"model": "unified communications manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1(3)"
},
{
"_id": null,
"model": "unified communications manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.0(1)"
},
{
"_id": null,
"model": "7.0-release-p12",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "unified callmanager 4.1 sr8a",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.1"
},
{
"_id": null,
"model": "unified callmanager 4.3 sr1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "aura system platform sp1.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"_id": null,
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2010.0"
},
{
"_id": null,
"model": "rtos",
"scope": "eq",
"trust": 0.3,
"vendor": "qnx",
"version": "6.2.1"
},
{
"_id": null,
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.3"
},
{
"_id": null,
"model": "opensolaris build snv 77",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "opensolaris build snv 61",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.0"
},
{
"_id": null,
"model": "7.1-release-p4",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2009.0"
},
{
"_id": null,
"model": "opensolaris build snv 82",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "7.0-stable",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "opensolaris build snv 29",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "meeting exchange sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"_id": null,
"model": "linux armel",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"_id": null,
"model": "opensolaris build snv 41",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "big-ip application security manager",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "9.4.5"
},
{
"_id": null,
"model": "ace xml gateway",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "multi network firewall",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "2.0"
},
{
"_id": null,
"model": "unified callmanager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0"
},
{
"_id": null,
"model": "opensolaris build snv 126",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "7.2-release-p4",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "esxi server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "3.5"
},
{
"_id": null,
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "5.0.1"
},
{
"_id": null,
"model": "7.1-release-p5",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "7.0-release-p8",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "voice portal sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "rpath",
"version": "1"
},
{
"_id": null,
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"_id": null,
"model": "opensolaris build snv 35",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "tcp/ip services for openvms alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.6"
},
{
"_id": null,
"model": "aura sip enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1"
},
{
"_id": null,
"model": "unified communications manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.0(2)"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "12.2"
},
{
"_id": null,
"model": "unified callmanager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0(4)"
},
{
"_id": null,
"model": "ctpos 6.6r2",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "intuity audix lx sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"_id": null,
"model": "enterprise linux desktop version",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"_id": null,
"model": "mds",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "95000"
},
{
"_id": null,
"model": "unified callmanager 3.3 sr3",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "tcp/ip services for openvms i64",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.5"
},
{
"_id": null,
"model": "unified callmanager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2"
},
{
"_id": null,
"model": "opensolaris build snv 130",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "7.1-stable",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.0"
},
{
"_id": null,
"model": "enterprise linux desktop client",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"_id": null,
"model": "opensolaris build snv 105",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "unified communications manager 6.1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"_id": null,
"model": "-pre-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "7.1"
},
{
"_id": null,
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"_id": null,
"model": "wide area application services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.19"
},
{
"_id": null,
"model": "aura sip enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"_id": null,
"model": "messaging storage server",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"_id": null,
"model": "unified callmanager 4.1 sr4",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "unified communications manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1(2)"
},
{
"_id": null,
"model": "opensolaris build snv 88",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"_id": null,
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2008.0"
},
{
"_id": null,
"model": "8.0-release",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "unified communications manager 7.1 su1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "sparc t3-1b",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "0"
},
{
"_id": null,
"model": "unified callmanager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.0"
},
{
"_id": null,
"model": "unified callmanager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"_id": null,
"model": "unified communications manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.1"
},
{
"_id": null,
"model": "proactive contact",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "0"
},
{
"_id": null,
"model": "linux lts sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"_id": null,
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "5.0"
},
{
"_id": null,
"model": "unified callmanager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0(3)"
},
{
"_id": null,
"model": "cms server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "16.0"
},
{
"_id": null,
"model": "opensolaris build snv 111",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "linux lts i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"_id": null,
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.2"
},
{
"_id": null,
"model": "opensolaris build snv 118",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "7.0"
},
{
"_id": null,
"model": "opensolaris build snv 59",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "7.2-prerelease",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "8.1"
},
{
"_id": null,
"model": "wide area application services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.18"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "12.1"
},
{
"_id": null,
"model": "opensolaris build snv 112",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "corporate server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"_id": null,
"model": "sparc t3-2",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "0"
},
{
"_id": null,
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "4.0"
},
{
"_id": null,
"model": "7.2-stable",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "meeting exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.0"
},
{
"_id": null,
"model": "solaris 8 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "unified communications manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.1(3)"
},
{
"_id": null,
"model": "p8",
"scope": "ne",
"trust": 0.3,
"vendor": "ntp",
"version": "4.2.4"
},
{
"_id": null,
"model": "solaris 10 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "opensolaris build snv 96",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "rtos",
"scope": "eq",
"trust": 0.3,
"vendor": "qnx",
"version": "6.4"
},
{
"_id": null,
"model": "tcp/ip services for openvms alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.7"
},
{
"_id": null,
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.10"
},
{
"_id": null,
"model": "-release-p9",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.3"
},
{
"_id": null,
"model": "appliance platform linux service",
"scope": "eq",
"trust": 0.3,
"vendor": "rpath",
"version": "1"
},
{
"_id": null,
"model": "netra sparc t3-1b",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "0"
},
{
"_id": null,
"model": "unified communications manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.1(4)"
},
{
"_id": null,
"model": "linux alpha",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"_id": null,
"model": "-release-p3",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.4"
},
{
"_id": null,
"model": "linux enterprise server sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"_id": null,
"model": "opensolaris build snv 132",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "rtos",
"scope": "eq",
"trust": 0.3,
"vendor": "qnx",
"version": "6.3"
},
{
"_id": null,
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"_id": null,
"model": "opensolaris build snv 36",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.0"
},
{
"_id": null,
"model": "opensolaris build snv 48",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "aura sip enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2.1"
},
{
"_id": null,
"model": "linux enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "9"
},
{
"_id": null,
"model": "-release-p1",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "7.1"
},
{
"_id": null,
"model": "tcp/ip services for openvms i64",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.4"
},
{
"_id": null,
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1.3"
},
{
"_id": null,
"model": "opensolaris build snv 94",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "unified communications manager 4.3 sr1b",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "esx server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "4.0"
},
{
"_id": null,
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"_id": null,
"model": "unified callmanager 4.1 sr7",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "-release-p6",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.3"
},
{
"_id": null,
"model": "opensolaris build snv 50",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "rtos update patch a",
"scope": "eq",
"trust": 0.3,
"vendor": "qnx",
"version": "6.2"
},
{
"_id": null,
"model": "unified callmanager 4.2 sr4b",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "8.0-stable",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1"
},
{
"_id": null,
"model": "7.1-release-p6",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "proactive contact",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.0"
},
{
"_id": null,
"model": "big-ip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "9.0.1"
},
{
"_id": null,
"model": "-release-p9",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "7.0"
},
{
"_id": null,
"model": "corporate server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "3.0"
},
{
"_id": null,
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"_id": null,
"model": "wide area application services 4.1.1b",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "unified communications manager sr4",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2"
},
{
"_id": null,
"model": "enterprise server x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "5"
},
{
"_id": null,
"model": "big-ip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "10.0"
},
{
"_id": null,
"model": "aura communication manager",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"_id": null,
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1.6"
},
{
"_id": null,
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1.4"
},
{
"_id": null,
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2009.1"
},
{
"_id": null,
"model": "p4",
"scope": "eq",
"trust": 0.3,
"vendor": "ntp",
"version": "4.2.4"
},
{
"_id": null,
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.04"
},
{
"_id": null,
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.9"
},
{
"_id": null,
"model": "opensolaris build snv 01",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "message networking",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"_id": null,
"model": "opensolaris build snv 92",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "linux x86 64 -current",
"scope": null,
"trust": 0.3,
"vendor": "slackware",
"version": null
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "rpath",
"version": "2"
},
{
"_id": null,
"model": "linux ia-64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"_id": null,
"model": "big-ip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "9.1.1"
},
{
"_id": null,
"model": "rtos",
"scope": "eq",
"trust": 0.3,
"vendor": "qnx",
"version": "4.25"
},
{
"_id": null,
"model": "big-ip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "9.0.2"
},
{
"_id": null,
"model": "opensolaris build snv 83",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "meeting exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.1"
},
{
"_id": null,
"model": "opensolaris build snv 106",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"_id": null,
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.0"
},
{
"_id": null,
"model": "6.4-release-p2",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "opensolaris build snv 125",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "7.0-release-p3",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "-stable",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.4"
},
{
"_id": null,
"model": "telepresence readiness assessment manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "1.0"
},
{
"_id": null,
"model": "netbsd",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "4.0.1"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "9.0"
},
{
"_id": null,
"model": "enterprise server",
"scope": "eq",
"trust": 0.3,
"vendor": "mandrakesoft",
"version": "5"
},
{
"_id": null,
"model": "wide area application services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.9"
},
{
"_id": null,
"model": "proactive contact",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.0.2"
},
{
"_id": null,
"model": "big-ip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "9.3.1"
},
{
"_id": null,
"model": "idp 5.1r4",
"scope": "ne",
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "proactive contact",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.1"
},
{
"_id": null,
"model": "messaging storage server",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "pardus",
"version": "20080"
},
{
"_id": null,
"model": "enterprise linux es",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"_id": null,
"model": "meeting exchange",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"_id": null,
"model": "6.4-release-p4",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "opensolaris build snv 76",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "unified communications manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.1(2)"
},
{
"_id": null,
"model": "big-ip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "9.4"
},
{
"_id": null,
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3"
},
{
"_id": null,
"model": "proactive contact",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.0"
},
{
"_id": null,
"model": "7.0-release",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "opensolaris build snv 101a",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.10"
},
{
"_id": null,
"model": "opensolaris build snv 111a",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "opensolaris build snv 87",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2010.0"
},
{
"_id": null,
"model": "opensolaris build snv 113",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "linux mandrake",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2009.0"
},
{
"_id": null,
"model": "opensolaris build snv 57",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "-releng",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "7.0"
},
{
"_id": null,
"model": "unified communication manager business edition",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "big-ip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "9.0.4"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.0.x"
},
{
"_id": null,
"model": "meetingplace",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "appliance platform linux service",
"scope": "eq",
"trust": 0.3,
"vendor": "rpath",
"version": "2"
},
{
"_id": null,
"model": "opensolaris build snv 119",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "wide area application services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.13"
},
{
"_id": null,
"model": "linux lts sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"_id": null,
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.1"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.2"
},
{
"_id": null,
"model": "opensolaris build snv 110",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.10"
},
{
"_id": null,
"model": "unified communications manager 4.2 sr2",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "opensolaris build snv 71",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "aura sip enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.1"
},
{
"_id": null,
"model": "linux lts lpia",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"_id": null,
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.10"
},
{
"_id": null,
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.8"
},
{
"_id": null,
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.04"
},
{
"_id": null,
"model": "sparc t3-4",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "0"
},
{
"_id": null,
"model": "rtos",
"scope": "eq",
"trust": 0.3,
"vendor": "qnx",
"version": "6.4.1"
},
{
"_id": null,
"model": "unified communications manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.3(2)"
},
{
"_id": null,
"model": "unified communications manager 4.3 sr1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "telepresence recording server",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "unified callmanager 5.0",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "enterprise linux as",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "4"
},
{
"_id": null,
"model": "unified callmanager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1"
},
{
"_id": null,
"model": "unified callmanager 5.0 su1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "unified callmanager 4.1 sr8",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "big-ip application security manager",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "9.4.3"
},
{
"_id": null,
"model": "linux m68k",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"_id": null,
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"_id": null,
"model": "opensolaris build snv 122",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "tcp/ip services for openvms i64",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.6"
},
{
"_id": null,
"model": "big-ip application security manager",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "9.4.6"
},
{
"_id": null,
"model": "hp-ux b.11.31",
"scope": null,
"trust": 0.3,
"vendor": "hp",
"version": null
},
{
"_id": null,
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"_id": null,
"model": "opensolaris build snv 109",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "big-ip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "9.2.5"
},
{
"_id": null,
"model": "linux hppa",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"_id": null,
"model": "digital media player",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "opensolaris build snv 102",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.04"
},
{
"_id": null,
"model": "solaris 9 sparc",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "opensolaris build snv 02",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "unified callmanager sr5b",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.1"
},
{
"_id": null,
"model": "6.0-releng",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "linux mipsel",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"_id": null,
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.10"
},
{
"_id": null,
"model": "big-ip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "9.2.2"
},
{
"_id": null,
"model": "4.2.0.a",
"scope": null,
"trust": 0.3,
"vendor": "ntp",
"version": null
},
{
"_id": null,
"model": "opensolaris build snv 80",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"_id": null,
"model": "opensolaris build snv 104",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "ip interoperability \u0026 communications system ipics",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "linux i386",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.10"
},
{
"_id": null,
"model": "netra sparc t3-1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "0"
},
{
"_id": null,
"model": "opensolaris build snv 56",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "opensolaris build snv 38",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "linux x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.0"
},
{
"_id": null,
"model": "unified communications manager sr2b",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2"
},
{
"_id": null,
"model": "rtos",
"scope": "eq",
"trust": 0.3,
"vendor": "qnx",
"version": "6.2"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "12.0"
},
{
"_id": null,
"model": "sparc t3-1",
"scope": "eq",
"trust": 0.3,
"vendor": "sun",
"version": "0"
},
{
"_id": null,
"model": "opensolaris build snv 129",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "rtos sp3",
"scope": "eq",
"trust": 0.3,
"vendor": "qnx",
"version": "6.3.0"
},
{
"_id": null,
"model": "aura application enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "5.2"
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "10.0"
},
{
"_id": null,
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.0"
},
{
"_id": null,
"model": "unified callmanager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0(2)"
},
{
"_id": null,
"model": "intuity audix lx r1.1",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"_id": null,
"model": "linux lts powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "6.06"
},
{
"_id": null,
"model": "beta4",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "7.0"
},
{
"_id": null,
"model": "rtos",
"scope": "eq",
"trust": 0.3,
"vendor": "qnx",
"version": "2.4"
},
{
"_id": null,
"model": "unified communications manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "7.1"
},
{
"_id": null,
"model": "-release",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.4"
},
{
"_id": null,
"model": "unified callmanager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "3.3"
},
{
"_id": null,
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "6.1.2"
},
{
"_id": null,
"model": "linux lts amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"_id": null,
"model": "linux sparc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.10"
},
{
"_id": null,
"model": "intuity audix lx",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "1.0"
},
{
"_id": null,
"model": "linux lts powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.04"
},
{
"_id": null,
"model": "big-ip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "9.2.3.30"
},
{
"_id": null,
"model": "tcp/ip services for openvms i64",
"scope": "eq",
"trust": 0.3,
"vendor": "hp",
"version": "5.7"
},
{
"_id": null,
"model": "7.2-release-p1",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "big-ip application security manager",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "9.4.4"
},
{
"_id": null,
"model": "opensolaris build snv 84",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "11.0"
},
{
"_id": null,
"model": "intuity audix lx sp1",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"_id": null,
"model": "linux enterprise server sp2",
"scope": "eq",
"trust": 0.3,
"vendor": "suse",
"version": "10"
},
{
"_id": null,
"model": "messaging storage server mm3.0",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"_id": null,
"model": "ace application control engine",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "47000"
},
{
"_id": null,
"model": "big-ip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "9.1"
},
{
"_id": null,
"model": "opensolaris build snv 98",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "opensolaris build snv 117",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "opensolaris build snv 133",
"scope": "ne",
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "opensolaris build snv 58",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "voice portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.0"
},
{
"_id": null,
"model": "linux -current",
"scope": null,
"trust": 0.3,
"vendor": "slackware",
"version": null
},
{
"_id": null,
"model": "linux ia-32",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"_id": null,
"model": "aura sip enablement services",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.0"
},
{
"_id": null,
"model": "big-ip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "9.2.3"
},
{
"_id": null,
"model": "opensolaris build snv 86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "nexus",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "50000"
},
{
"_id": null,
"model": "opensolaris build snv 22",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "linux lpia",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.10"
},
{
"_id": null,
"model": "opensolaris build snv 81",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "linux",
"scope": "eq",
"trust": 0.3,
"vendor": "slackware",
"version": "13.0"
},
{
"_id": null,
"model": "message networking",
"scope": null,
"trust": 0.3,
"vendor": "avaya",
"version": null
},
{
"_id": null,
"model": "opensolaris build snv 103",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "esxi server",
"scope": "eq",
"trust": 0.3,
"vendor": "vmware",
"version": "4.0"
},
{
"_id": null,
"model": "unified callmanager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0"
},
{
"_id": null,
"model": "ctpos 6.6r1",
"scope": null,
"trust": 0.3,
"vendor": "juniper",
"version": null
},
{
"_id": null,
"model": "unified communications manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.1(1)"
},
{
"_id": null,
"model": "linux powerpc",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"_id": null,
"model": "linux",
"scope": null,
"trust": 0.3,
"vendor": "gentoo",
"version": null
},
{
"_id": null,
"model": "7.0-release-p11",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "beta2",
"scope": "eq",
"trust": 0.3,
"vendor": "netbsd",
"version": "4.0"
},
{
"_id": null,
"model": "opensolaris build snv 13",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "unified communications manager 4.3 sr.1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "unified communications manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.1(1)"
},
{
"_id": null,
"model": "unified callmanager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "5.0(1)"
},
{
"_id": null,
"model": "enterprise linux server",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "5"
},
{
"_id": null,
"model": "p4",
"scope": "eq",
"trust": 0.3,
"vendor": "ntp",
"version": "4.2.2"
},
{
"_id": null,
"model": "big-ip",
"scope": "eq",
"trust": 0.3,
"vendor": "f5",
"version": "9.0"
},
{
"_id": null,
"model": "opensolaris build snv 91",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "unified communications manager 7.0 su1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "unified communications manager",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "6.1(2)"
},
{
"_id": null,
"model": "voice portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "4.1"
},
{
"_id": null,
"model": "opensolaris build snv 47",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "opensolaris build snv 64",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "linux s/390",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"_id": null,
"model": "aix",
"scope": "eq",
"trust": 0.3,
"vendor": "ibm",
"version": "5.3.10"
},
{
"_id": null,
"model": "opensolaris build snv 37",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "opensolaris build snv 101",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "unified communications manager sr3",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.2"
},
{
"_id": null,
"model": "opensolaris build snv 115",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "voice portal",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "3.0"
},
{
"_id": null,
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"_id": null,
"model": "linux armel",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "4.0"
},
{
"_id": null,
"model": "enterprise linux ws",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3"
},
{
"_id": null,
"model": "solaris 10 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "desktop",
"scope": "eq",
"trust": 0.3,
"vendor": "redhat",
"version": "3.0"
},
{
"_id": null,
"model": "linux lpia",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "8.10"
},
{
"_id": null,
"model": "freebsd",
"scope": "eq",
"trust": 0.3,
"vendor": "freebsd",
"version": "6.3"
},
{
"_id": null,
"model": "linux amd64",
"scope": "eq",
"trust": 0.3,
"vendor": "ubuntu",
"version": "9.04"
},
{
"_id": null,
"model": "linux mandrake x86 64",
"scope": "eq",
"trust": 0.3,
"vendor": "mandriva",
"version": "2008.0"
},
{
"_id": null,
"model": "intuity audix lx",
"scope": "eq",
"trust": 0.3,
"vendor": "avaya",
"version": "2.0"
},
{
"_id": null,
"model": "solaris 9 x86",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "linux mips",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"_id": null,
"model": "unified meetingplace",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "0"
},
{
"_id": null,
"model": "wide area application services",
"scope": "eq",
"trust": 0.3,
"vendor": "cisco",
"version": "4.0.7"
},
{
"_id": null,
"model": "opensolaris build snv 116",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "opensolaris build snv 127",
"scope": null,
"trust": 0.3,
"vendor": "sun",
"version": null
},
{
"_id": null,
"model": "idp",
"scope": "eq",
"trust": 0.3,
"vendor": "juniper",
"version": "5.1"
},
{
"_id": null,
"model": "6.4-releng",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
},
{
"_id": null,
"model": "linux m68k",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"_id": null,
"model": "unified callmanager 4.2 sr1",
"scope": null,
"trust": 0.3,
"vendor": "cisco",
"version": null
},
{
"_id": null,
"model": "linux arm",
"scope": "eq",
"trust": 0.3,
"vendor": "debian",
"version": "5.0"
},
{
"_id": null,
"model": "6.4-release-p5",
"scope": null,
"trust": 0.3,
"vendor": "freebsd",
"version": null
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#568372"
},
{
"db": "BID",
"id": "37255"
},
{
"db": "CNNVD",
"id": "CNNVD-200912-113"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002446"
},
{
"db": "NVD",
"id": "CVE-2009-3563"
}
]
},
"credits": {
"_id": null,
"data": "Statement Date:\u00a0\u00a0 January 17, 2024",
"sources": [
{
"db": "CERT/CC",
"id": "VU#417980"
}
],
"trust": 0.8
},
"cve": "CVE-2009-3563",
"cvss": {
"_id": null,
"data": [
{
"cvssV2": [
{
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"author": "nvd@nist.gov",
"availabilityImpact": "PARTIAL",
"baseScore": 6.4,
"confidentialityImpact": "NONE",
"exploitabilityScore": 10.0,
"id": "CVE-2009-3563",
"impactScore": 4.9,
"integrityImpact": "PARTIAL",
"severity": "MEDIUM",
"trust": 1.9,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P",
"version": "2.0"
}
],
"cvssV3": [],
"severity": [
{
"author": "nvd@nist.gov",
"id": "CVE-2009-3563",
"trust": 1.0,
"value": "MEDIUM"
},
{
"author": "NVD",
"id": "CVE-2009-3563",
"trust": 0.8,
"value": "Medium"
},
{
"author": "CNNVD",
"id": "CNNVD-200912-113",
"trust": 0.6,
"value": "MEDIUM"
},
{
"author": "VULMON",
"id": "CVE-2009-3563",
"trust": 0.1,
"value": "MEDIUM"
}
]
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2009-3563"
},
{
"db": "CNNVD",
"id": "CNNVD-200912-113"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002446"
},
{
"db": "NVD",
"id": "CVE-2009-3563"
}
]
},
"description": {
"_id": null,
"data": "ntp_request.c in ntpd in NTP before 4.2.4p8, and 4.2.5, allows remote attackers to cause a denial of service (CPU and bandwidth consumption) by using MODE_PRIVATE to send a spoofed (1) request or (2) response packet that triggers a continuous exchange of MODE_PRIVATE error responses between two NTP daemons. A novel traffic-loop vulnerability has been identified against certain implementations of UDP-based applications protocols. An unauthenticated attacker can use maliciously-crafted packets against a UDP-based vulnerable implementation of application protocols (e.g., DNS, NTP, TFTP) that can lead to Denial-of-Service (DOS) and/or abuse of resources.CVE-2009-3563 Unknown\nCVE-2024-1309 Unknown\nCVE-2024-2169 AffectedCVE-2009-3563 Unknown\nCVE-2024-1309 Unknown\nCVE-2024-2169 Affected. NTP for, mode 7 A vulnerability exists due to packet processing. NTP Then \"restrict ... noquery\" or \"restrict ... ignore\" There are no restrictions due to the settings of IP From the address, an invalid mode 7 request or mode 7 If you receive an error response, mode 7 Returns and logs the error message. NTP The sender address was spoofed. mode 7 A vulnerability exists due to packet processing.Service operation obstruction by a remote third party (DoS) You may be attacked. NTP is prone to a remote denial-of-service vulnerability because it fails to properly handle certain incoming network packets. \nAn attacker can exploit this issue to cause the application to consume excessive CPU resources and fill disk space with log messages. \n _______________________________________________________________________\n\n References:\n\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3563\n _______________________________________________________________________\n\n Updated Packages:\n\n Mandriva Linux 2008.0:\n 7377623e9f89c5f6f6cc7af577974458 2008.0/i586/ntp-4.2.4-10.3mdv2008.0.i586.rpm\n 977fdaf289c9eff53fb6d563b8a60ede 2008.0/i586/ntp-client-4.2.4-10.3mdv2008.0.i586.rpm\n e2701dc192a578b141f9408d355522b6 2008.0/i586/ntp-doc-4.2.4-10.3mdv2008.0.i586.rpm \n 167e3a9dbf1bd10fd576e6a91a2cbc10 2008.0/SRPMS/ntp-4.2.4-10.3mdv2008.0.src.rpm\n\n Mandriva Linux 2008.0/X86_64:\n 4fa28ef04548ded3dc604ea61a671cc5 2008.0/x86_64/ntp-4.2.4-10.3mdv2008.0.x86_64.rpm\n b79353be7c2da1fadf3bc55c2c06a6a6 2008.0/x86_64/ntp-client-4.2.4-10.3mdv2008.0.x86_64.rpm\n c93dd45fc32ece044874c09aac85ce66 2008.0/x86_64/ntp-doc-4.2.4-10.3mdv2008.0.x86_64.rpm \n 167e3a9dbf1bd10fd576e6a91a2cbc10 2008.0/SRPMS/ntp-4.2.4-10.3mdv2008.0.src.rpm\n\n Mandriva Linux 2009.0:\n 6a38837b845970b62520f48273362485 2009.0/i586/ntp-4.2.4-18.5mdv2009.0.i586.rpm\n 4f9d98a186c4ca4348f8296fde0bf174 2009.0/i586/ntp-client-4.2.4-18.5mdv2009.0.i586.rpm\n 0ae26de5f1bddba4c2718a55463d94b7 2009.0/i586/ntp-doc-4.2.4-18.5mdv2009.0.i586.rpm \n 45b55bdbde84289b20e295b9dbf188fb 2009.0/SRPMS/ntp-4.2.4-18.5mdv2009.0.src.rpm\n\n Mandriva Linux 2009.0/X86_64:\n e31f3f71e730e5777d9832cd76430b17 2009.0/x86_64/ntp-4.2.4-18.5mdv2009.0.x86_64.rpm\n 67a998da616d287fe9e15092bbd45ff6 2009.0/x86_64/ntp-client-4.2.4-18.5mdv2009.0.x86_64.rpm\n ab02dd7a3457f0ba75248390827c69a4 2009.0/x86_64/ntp-doc-4.2.4-18.5mdv2009.0.x86_64.rpm \n 45b55bdbde84289b20e295b9dbf188fb 2009.0/SRPMS/ntp-4.2.4-18.5mdv2009.0.src.rpm\n\n Mandriva Linux 2009.1:\n b6597f0ee96ec99c7ddbe5e18a588e48 2009.1/i586/ntp-4.2.4-22.3mdv2009.1.i586.rpm\n 069667f851886c39daa0309a5e920619 2009.1/i586/ntp-client-4.2.4-22.3mdv2009.1.i586.rpm\n 9d5b87f008f00ad30b3c652e5f62eea2 2009.1/i586/ntp-doc-4.2.4-22.3mdv2009.1.i586.rpm \n e2686dd1237f529bb08f2837052fb46f 2009.1/SRPMS/ntp-4.2.4-22.3mdv2009.1.src.rpm\n\n Mandriva Linux 2009.1/X86_64:\n e88121b38c942c572b61ba7631130104 2009.1/x86_64/ntp-4.2.4-22.3mdv2009.1.x86_64.rpm\n c10eaf7ecbeb3b5db5eac978cb2ae78e 2009.1/x86_64/ntp-client-4.2.4-22.3mdv2009.1.x86_64.rpm\n 8ff34e79ed1f88fa2e7b7e8030232a30 2009.1/x86_64/ntp-doc-4.2.4-22.3mdv2009.1.x86_64.rpm \n e2686dd1237f529bb08f2837052fb46f 2009.1/SRPMS/ntp-4.2.4-22.3mdv2009.1.src.rpm\n\n Mandriva Linux 2010.0:\n 2913258a9be65654a3ce5e16c1bd5b25 2010.0/i586/ntp-4.2.4-27.1mdv2010.0.i586.rpm\n 90cf8d7f8fb468461f8b8baf7d97daa4 2010.0/i586/ntp-client-4.2.4-27.1mdv2010.0.i586.rpm\n 0b8527559ef05049461cea2f5a83bd6d 2010.0/i586/ntp-doc-4.2.4-27.1mdv2010.0.i586.rpm \n 7bbd4271086ace434dd8a958bc7c2488 2010.0/SRPMS/ntp-4.2.4-27.1mdv2010.0.src.rpm\n\n Mandriva Linux 2010.0/X86_64:\n 2e938e58d48f3f581ffaab085dacc1f2 2010.0/x86_64/ntp-4.2.4-27.1mdv2010.0.x86_64.rpm\n cde3421867c549169751f2964420a578 2010.0/x86_64/ntp-client-4.2.4-27.1mdv2010.0.x86_64.rpm\n d9799e7286a49420699d3995e8bc1e47 2010.0/x86_64/ntp-doc-4.2.4-27.1mdv2010.0.x86_64.rpm \n 7bbd4271086ace434dd8a958bc7c2488 2010.0/SRPMS/ntp-4.2.4-27.1mdv2010.0.src.rpm\n\n Corporate 3.0:\n 65dda36544e7a43175abfd64aa725b34 corporate/3.0/i586/ntp-4.2.0-2.4.C30mdk.i586.rpm \n a485cad0631598335af0e89ea399ff9d corporate/3.0/SRPMS/ntp-4.2.0-2.4.C30mdk.src.rpm\n\n Corporate 3.0/X86_64:\n 44130a38552f20b3f34d176c47aa5aab corporate/3.0/x86_64/ntp-4.2.0-2.4.C30mdk.x86_64.rpm \n a485cad0631598335af0e89ea399ff9d corporate/3.0/SRPMS/ntp-4.2.0-2.4.C30mdk.src.rpm\n\n Corporate 4.0:\n a2f5a598865d390f7c537fc9e1a9a758 corporate/4.0/i586/ntp-4.2.0-21.7.20060mlcs4.i586.rpm\n f7eb3884bc0aa71f8237d9500d24489e corporate/4.0/i586/ntp-client-4.2.0-21.7.20060mlcs4.i586.rpm \n d2ed46d981570f66763f85c822b14179 corporate/4.0/SRPMS/ntp-4.2.0-21.7.20060mlcs4.src.rpm\n\n Corporate 4.0/X86_64:\n 1bd4395c9c80b583bad4ce5085c0d557 corporate/4.0/x86_64/ntp-4.2.0-21.7.20060mlcs4.x86_64.rpm\n 95f812f672cf79fccee411154c23d6ee corporate/4.0/x86_64/ntp-client-4.2.0-21.7.20060mlcs4.x86_64.rpm \n d2ed46d981570f66763f85c822b14179 corporate/4.0/SRPMS/ntp-4.2.0-21.7.20060mlcs4.src.rpm\n\n Mandriva Enterprise Server 5:\n 16e3975f3e4bb9a830eb1e8166f2fec7 mes5/i586/ntp-4.2.4-18.5mdvmes5.i586.rpm\n 2af9623d6f3685d54dd4db31f9622f7a mes5/i586/ntp-client-4.2.4-18.5mdvmes5.i586.rpm\n 5abb771d456b4094d123c5cf24701aee mes5/i586/ntp-doc-4.2.4-18.5mdvmes5.i586.rpm \n 086a05988392a6602c023f4e453bcc32 mes5/SRPMS/ntp-4.2.4-18.5mdvmes5.src.rpm\n\n Mandriva Enterprise Server 5/X86_64:\n 9b40b186bf9ebeb70c1350f9a158ac92 mes5/x86_64/ntp-4.2.4-18.5mdvmes5.x86_64.rpm\n f4a42229dc9b408b04f0c83aa3a25720 mes5/x86_64/ntp-client-4.2.4-18.5mdvmes5.x86_64.rpm\n 2022447e5d9dbf6ee1a6e594935b1d04 mes5/x86_64/ntp-doc-4.2.4-18.5mdvmes5.x86_64.rpm \n 086a05988392a6602c023f4e453bcc32 mes5/SRPMS/ntp-4.2.4-18.5mdvmes5.src.rpm\n\n Multi Network Firewall 2.0:\n 56a2596fd513295f0700508c08a6a3da mnf/2.0/i586/ntp-4.2.0-2.4.C30mdk.i586.rpm \n f8218643f02c3168e0331852630835a0 mnf/2.0/SRPMS/ntp-4.2.0-2.4.C30mdk.src.rpm\n _______________________________________________________________________\n\n To upgrade automatically use MandrivaUpdate or urpmi. The verification\n of md5 checksums and GPG signatures is performed automatically for you. \n\n All packages are signed by Mandriva for security. You can obtain the\n GPG public key of the Mandriva Security Team by executing:\n\n gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98\n\n You can view other update advisories for Mandriva Linux at:\n\n http://www.mandriva.com/security/advisories\n\n If you want to report vulnerabilities, please contact\n\n security_(at)_mandriva.com\n _______________________________________________________________________\n\n Type Bits/KeyID Date User ID\n pub 1024D/22458A98 2000-07-10 Mandriva Security Team\n \u003csecurity*mandriva.com\u003e\n-----BEGIN PGP SIGNATURE-----\nVersion: GnuPG v1.4.9 (GNU/Linux)\n\niD8DBQFLHtsAmqjQ0CJFipgRAi1pAKDUH87qI312n3XHGnl4TgVNC+IuvACbBhUw\nnLO5FqSyfvZaqSNZ93vTSUw=\n=XCg1\n-----END PGP SIGNATURE-----\n. -----BEGIN PGP SIGNED MESSAGE-----\nHash: SHA1\n\n- ------------------------------------------------------------------------\n VMware Security Advisory\n\nAdvisory ID: VMSA-2010-0004\nSynopsis: ESX Service Console and vMA third party updates\nIssue date: 2010-03-03\nUpdated on: 2010-03-03 (initial release of advisory)\nCVE numbers: CVE-2009-2905 CVE-2008-4552 CVE-2008-4316\n CVE-2009-1377 CVE-2009-1378 CVE-2009-1379\n CVE-2009-1386 CVE-2009-1387 CVE-2009-0590\n CVE-2009-4022 CVE-2009-3560 CVE-2009-3720\n CVE-2009-2904 CVE-2009-3563 CVE-2009-2695\n CVE-2009-2849 CVE-2009-2695 CVE-2009-2908\n CVE-2009-3228 CVE-2009-3286 CVE-2009-3547\n CVE-2009-3613 CVE-2009-3612 CVE-2009-3620\n CVE-2009-3621 CVE-2009-3726 CVE-2008-3916\n CVE-2009-1189 CVE-2009-0115\n\n- ------------------------------------------------------------------------\n\n1. Summary\n\n ESX Service Console updates for newt, nfs-utils, and glib2 packages. \n\n vMA updates for newt, nfs-util, glib2, kpartx, libvolume-id,\n device-mapper-multipath, fipscheck, dbus, dbus-libs, ed, openssl,\n bind, expat, openssh, ntp and kernel packages. \n\n2. Relevant releases\n\n VMware ESX 4.0.0 without patch ESX400-201002404-SG, ESX400-201002407-SG,\n ESX400-201002406-SG\n\n VMware vMA 4.0 before patch 3\n\n3. Problem Description\n\n a. vMA and Service Console update for newt to 0.52.2-12.el5_4.1\n\n Newt is a programming library for color text mode, widget based\n user interfaces. Newt can be used to add stacked windows, entry\n widgets, checkboxes, radio buttons, labels, plain text fields,\n scrollbars, etc., to text mode user interfaces. \n\n A heap-based buffer overflow flaw was found in the way newt\n processes content that is to be displayed in a text dialog box. \n A local attacker could issue a specially-crafted text dialog box\n display request (direct or via a custom application), leading to a\n denial of service (application crash) or, potentially, arbitrary\n code execution with the privileges of the user running the\n application using the newt library. \n\n The Common Vulnerabilities and Exposures Project (cve.mitre.org)\n has assigned the name CVE-2009-2905 to this issue. \n\n The following table lists what action remediates the vulnerability\n (column 4) if a solution is available. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch\n ============= ======== ======= =================\n VirtualCenter any Windows not affected\n\n hosted * any any not affected\n\n ESXi any ESXi not affected\n\n ESX 4.0 ESX ESX400-201002406-SG\n ESX 3.5 ESX not affected\n ESX 3.0.3 ESX not affected\n ESX 2.5.5 ESX not affected\n\n vMA 4.0 RHEL5 Patch 3\n\n * hosted products are VMware Workstation, Player, ACE, Server, Fusion. \n\n b. vMA and Service Console update for vMA package nfs-utils to\n 1.0.9-42.el5\n\n The nfs-utils package provides a daemon for the kernel NFS server\n and related tools. \n\n It was discovered that nfs-utils did not use tcp_wrappers\n correctly. Certain hosts access rules defined in \"/etc/hosts.allow\"\n and \"/etc/hosts.deny\" may not have been honored, possibly allowing\n remote attackers to bypass intended access restrictions. \n\n The Common Vulnerabilities and Exposures Project (cve.mitre.org)\n has assigned the name CVE-2008-4552 to this issue. \n\n The following table lists what action remediates the vulnerability\n (column 4) if a solution is available. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch\n ============= ======== ======= =================\n VirtualCenter any Windows not affected\n\n hosted * any any not affected\n\n ESXi any ESXi not affected\n\n ESX 4.0 ESX ESX400-201002407-SG\n ESX 3.5 ESX not affected\n ESX 3.0.3 ESX not affected\n ESX 2.5.5 ESX not affected\n\n vMA 4.0 RHEL5 Patch 3\n\n * hosted products are VMware Workstation, Player, ACE, Server, Fusion. \n\n c. vMA and Service Console package glib2 updated to 2.12.3-4.el5_3.1\n\n GLib is the low-level core library that forms the basis for projects\nsuch\n as GTK+ and GNOME. It provides data structure handling for C,\n portability wrappers, and interfaces for such runtime functionality\n as an event loop, threads, dynamic loading, and an object system. \n\n Multiple integer overflows in glib/gbase64.c in GLib before 2.20\n allow context-dependent attackers to execute arbitrary code via a\n long string that is converted either from or to a base64\n representation. \n\n The Common Vulnerabilities and Exposures Project (cve.mitre.org)\n has assigned the name CVE-2008-4316 to this issue. \n\n The following table lists what action remediates the vulnerability\n (column 4) if a solution is available. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch\n ============= ======== ======= =================\n VirtualCenter any Windows not affected\n\n hosted * any any not affected\n\n ESXi any ESXi not affected\n\n ESX 4.0 ESX ESX400-201002404-SG\n ESX 3.5 ESX not affected\n ESX 3.0.3 ESX not affected\n ESX 2.5.5 ESX not affected\n\n vMA 4.0 RHEL5 Patch 3\n\n * hosted products are VMware Workstation, Player, ACE, Server, Fusion. \n\n d. vMA and Service Console update for openssl to 0.9.8e-12.el5\n\n SSL is a toolkit implementing SSL v2/v3 and TLS protocols with full-\n strength cryptography world-wide. \n\n Multiple denial of service flaws were discovered in OpenSSL\u0027s DTLS\n implementation. A remote attacker could use these flaws to cause a\n DTLS server to use excessive amounts of memory, or crash on an\n invalid memory access or NULL pointer dereference. \n\n The Common Vulnerabilities and Exposures Project (cve.mitre.org)\n has assigned the names CVE-2009-1377, CVE-2009-1378,\n CVE-2009-1379, CVE-2009-1386, CVE-2009-1387 to these issues. \n\n An input validation flaw was found in the handling of the BMPString\n and UniversalString ASN1 string types in OpenSSL\u0027s\n ASN1_STRING_print_ex() function. An attacker could use this flaw to\n create a specially-crafted X.509 certificate that could cause\n applications using the affected function to crash when printing\n certificate contents. \n\n The Common Vulnerabilities and Exposures Project (cve.mitre.org)\n has assigned the name CVE-2009-0590 to this issue. \n\n The following table lists what action remediates the vulnerability\n (column 4) if a solution is available. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch\n ============= ======== ======= =================\n VirtualCenter any Windows not affected\n\n hosted * any any not affected\n\n ESXi any ESXi not affected\n\n ESX 4.0 ESX affected, patch pending\n ESX 3.5 ESX not affected\n ESX 3.0.3 ESX not affected\n ESX 2.5.5 ESX not affected\n\n vMA 4.0 RHEL5 Patch 3\n\n * hosted products are VMware Workstation, Player, ACE, Server, Fusion. \n\n e. vMA and Service Console package bind updated to 9.3.6-4.P1.el5_4.1\n\n It was discovered that BIND was incorrectly caching responses\n without performing proper DNSSEC validation, when those responses\n were received during the resolution of a recursive client query\n that requested DNSSEC records but indicated that checking should be\n disabled. A remote attacker could use this flaw to bypass the DNSSEC\n validation check and perform a cache poisoning attack if the target\n BIND server was receiving such client queries. \n\n The Common Vulnerabilities and Exposures Project (cve.mitre.org)\n has assigned the name CVE-2009-4022 to this issue. \n\n The following table lists what action remediates the vulnerability\n (column 4) if a solution is available. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch\n ============= ======== ======= =================\n VirtualCenter any Windows not affected\n\n hosted * any any not affected\n\n ESXi any ESXi not applicable\n\n ESX 4.0 ESX affected, patch pending\n ESX 3.5 ESX not affected\n ESX 3.0.3 ESX not affected\n ESX 2.5.5 ESX not affected\n\n vMA 4.0 RHEL5 Patch 3\n\n * hosted products are VMware Workstation, Player, ACE, Server, Fusion. \n\n f. vMA and Service Console package expat updated to 1.95.8-8.3.el5_4.2. \n\n Two buffer over-read flaws were found in the way Expat handled\n malformed UTF-8 sequences when processing XML files. A specially-\n crafted XML file could cause applications using Expat to fail while\n parsing the file. \n\n The Common Vulnerabilities and Exposures Project (cve.mitre.org)\n has assigned the names CVE-2009-3560 and CVE-2009-3720 to these\n issues. \n\n The following table lists what action remediates the vulnerability\n (column 4) if a solution is available. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch\n ============= ======== ======= =================\n VirtualCenter any Windows not affected\n\n hosted * any any not affected\n\n ESXi any ESXi not applicable\n\n ESX 4.0 ESX affected, patch pending\n ESX 3.5 ESX affected, patch pending\n ESX 3.0.3 ESX affected, patch pending\n ESX 2.5.5 ESX affected, patch pending\n\n vMA 4.0 RHEL5 Patch 3\n\n * hosted products are VMware Workstation, Player, ACE, Server, Fusion. \n\n g. vMA and Service Console package openssh update to 4.3p2-36.el5_4.2\n \n A Red Hat specific patch used in the openssh packages as shipped in\n Red Hat Enterprise Linux 5.4 (RHSA-2009:1287) loosened certain\n ownership requirements for directories used as arguments for the\n ChrootDirectory configuration options. A malicious user that also\n has or previously had non-chroot shell access to a system could\n possibly use this flaw to escalate their privileges and run\n commands as any system user. \n\n The Common Vulnerabilities and Exposures Project (cve.mitre.org)\n has assigned the name CVE-2009-2904 to this issue. \n\n The following table lists what action remediates the vulnerability\n (column 4) if a solution is available. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch\n ============= ======== ======= =================\n VirtualCenter any Windows not affected\n\n hosted * any any not affected\n\n ESXi any ESXi not applicable\n\n ESX 4.0 ESX affected, patch pending\n ESX 3.5 ESX not affected\n ESX 3.0.3 ESX not affected\n ESX 2.5.5 ESX not affected\n\n vMA 4.0 RHEL5 Patch 3\n\n * hosted products are VMware Workstation, Player, ACE, Server, Fusion. \n\n h. vMA and Service Console package ntp updated to\n ntp-4.2.2p1-9.el5_4.1.i386.rpm\n\n A flaw was discovered in the way ntpd handled certain malformed NTP\n packets. ntpd logged information about all such packets and replied\n with an NTP packet that was treated as malformed when received by\n another ntpd. \n\n The Common Vulnerabilities and Exposures Project (cve.mitre.org)\n has assigned the name CVE-2009-3563 to this issue. \n\n The following table lists what action remediates the vulnerability\n (column 4) if a solution is available. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch\n ============= ======== ======= =================\n VirtualCenter any Windows not affected\n\n hosted * any any not affected\n\n ESXi any ESXi not applicable\n\n ESX 4.0 ESX affected, patch pending\n ESX 3.5 ESX affected, patch pending\n ESX 3.0.3 ESX affected, patch pending\n ESX 2.5.5 ESX affected, patch pending\n\n vMA 4.0 RHEL5 Patch 3\n\n * hosted products are VMware Workstation, Player, ACE, Server, Fusion. \n\n i. vMA update for package kernel to 2.6.18-164.9.1.el5\n\n Updated vMA package kernel addresses the security issues listed\n below. \n \n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the name CVE-2009-2849 to the security issue fixed in\n kernel 2.6.18-128.2.1\n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the names CVE-2009-2695, CVE-2009-2908, CVE-2009-3228,\n CVE-2009-3286, CVE-2009-3547, CVE-2009-3613 to the security issues\n fixed in kernel 2.6.18-128.6.1\n\n The Common Vulnerabilities and Exposures project (cve.mitre.org)\n has assigned the names CVE-2009-3612, CVE-2009-3620, CVE-2009-3621,\n CVE-2009-3726 to the security issues fixed in kernel\n 2.6.18-128.9.1\n\n The following table lists what action remediates the vulnerability\n (column 4) if a solution is available. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch\n ============= ======== ======= =================\n VirtualCenter any Windows not affected\n\n hosted * any any not affected\n\n ESXi any ESXi not affected\n\n ESX 4.0 ESX affected, patch pending\n ESX 3.5 ESX not affected\n ESX 3.0.3 ESX not affected\n ESX 2.5.5 ESX not affected\n\n vMA 4.0 RHEL5 Patch 3 **\n\n * hosted products are VMware Workstation, Player, ACE, Fusion. \n\n ** vMA is updated to kernel version 2.6.18-164.9.1\n\n j. vMA 4.0 updates for the packages kpartx, libvolume-id,\n device-mapper-multipath, fipscheck, dbus, dbus-libs, and ed\n\n kpartx updated to 0.4.7-23.el5_3.4, libvolume-id updated to\n 095-14.20.el5 device-mapper-multipath package updated to\n 0.4.7-23.el5_3.4, fipscheck updated to 1.0.3-1.el5, dbus\n updated to 1.1.2-12.el5, dbus-libs updated to 1.1.2-12.el5,\n and ed package updated to 0.2-39.el5_2. \n\n The Common Vulnerabilities and Exposures Project (cve.mitre.org)\n has assigned the names CVE-2008-3916, CVE-2009-1189 and\n CVE-2009-0115 to these issues. \n\n The following table lists what action remediates the vulnerability\n (column 4) if a solution is available. \n\n VMware Product Running Replace with/\n Product Version on Apply Patch\n ============= ======== ======= =================\n VirtualCenter any Windows not affected\n\n hosted * any any not affected\n\n ESXi any ESXi not affected\n\n ESX 4.0 ESX not affected\n ESX 3.5 ESX not affected\n ESX 3.0.3 ESX not affected\n ESX 3.0.2 ESX not affected\n ESX 2.5.5 ESX not affected\n\n vMA 4.0 RHEL5 Patch 3\n\n * hosted products are VMware Workstation, Player, ACE, Server, Fusion. \n\n4. Solution\n\n Please review the patch/release notes for your product and version\n and verify the md5sum of your downloaded file. \n\n ESX 4.0\n -------\n \nhttps://hostupdate.vmware.com/software/VUM/OFFLINE/release-192-20100228-732\n240/ESX400-201002001.zip\n md5sum: de62cbccaffa4b2b6831617f18c1ccb4\n sha1sum: 4083f191fa4acd6600c9a87e4852f9f5700e91ab\n http://kb.vmware.com/kb/1018403\n\n Note: ESX400-201002001 contains the following security bulletins\n ESX400-201002404-SG, ESX400-201002407-SG, and ESX400-201002406-SG. \n\n To install an individual bulletin use esxupdate with the -b option. \n esxupdate --bundle ESX400-201002001.zip -b ESX400-201002404-SG \\\n -b ESX400-201002407-SG -b ESX400-201002406-SG update\n\n vMA 4.0\n -------\n To update VIMA\n 1 Log in to VIMA as vi-admin. \n 2 type \u0027sudo /usr/sbin/vima-update update\u0027 this will apply all\n currently available updates. See http://tinyurl.com/yfekgrx\n for more information. \n\n5. References\n\n CVE numbers\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2905\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4552\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4316\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1377\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1378\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1379 \n \n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1386\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1387\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0590\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-4022\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3560\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3720\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2904\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3563\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2695\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2849\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2695\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-2908\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3228\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3286\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3547\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3613\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3612\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3620\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3621\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3726\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-3916\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-1189\n http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0115\n\n- ------------------------------------------------------------------------\n6. Change log\n\n2010-03-03 VMSA-2010-0004\nInitial security advisory after release of bulletins for ESX 4.0\non 2010-03-03 and release of vMA Patch 3 on 2010-02-25. \n\n- -----------------------------------------------------------------------\n7. Contact\n\nE-mail list for product security notifications and announcements:\nhttp://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce\n\nThis Security Advisory is posted to the following lists:\n\n * security-announce at lists.vmware.com\n * bugtraq at securityfocus.com\n * full-disclosure at lists.grok.org.uk\n\nE-mail: security at vmware.com\nPGP key at: http://kb.vmware.com/kb/1055\n\nVMware Security Center\nhttp://www.vmware.com/security\n\nVMware security response policy\nhttp://www.vmware.com/support/policies/security_response.html\n\nGeneral support life cycle policy\nhttp://www.vmware.com/support/policies/eos.html\n\nVMware Infrastructure support life cycle policy\nhttp://www.vmware.com/support/policies/eos_vi.html\n\nCopyright 2010 VMware Inc. All rights reserved. \n\n-----BEGIN PGP SIGNATURE-----\nVersion: PGP Desktop 9.8.3 (Build 4028)\nCharset: utf-8\n\nwj8DBQFLj1c6S2KysvBH1xkRAnl5AJ9RcHVB7qooSwOPFdVoDFTjohDypgCfZ44O\n2z0ICIcntM88ZONMfDNUM6Y=\n=14fN\n-----END PGP SIGNATURE-----\n. \n\n\nFor the oldstable distribution (etch), this problem has been fixed in\nversion 1:4.2.2.p4+dfsg-2etch4. \n\nFor the stable distribution (lenny), this problem has been fixed in\nversion 1:4.2.4p4+dfsg-8lenny3. \n\nFor the testing (squeeze) and unstable (sid) distribution, this problem\nwill be fixed soon. \n\n\nWe recommend that you upgrade your ntp packages. \n\nUpgrade instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file. \n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration. \n\n\nDebian GNU/Linux 4.0 alias etch\n- -------------------------------\n\nDebian (oldstable)\n- ------------------\n\nOldstable updates are available for alpha, amd64, arm, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc. \n\nSource archives:\n\n http://security.debian.org/pool/updates/main/n/ntp/ntp_4.2.2.p4+dfsg-2etch4.dsc\n Size/MD5 checksum: 906 115e93f010e32aa1c90231461487503a\n http://security.debian.org/pool/updates/main/n/ntp/ntp_4.2.2.p4+dfsg.orig.tar.gz\n Size/MD5 checksum: 2199764 ad746cda2d90dbb9ed06fe164273c5d0\n http://security.debian.org/pool/updates/main/n/ntp/ntp_4.2.2.p4+dfsg-2etch4.diff.gz\n Size/MD5 checksum: 182632 80aa236bd0a39096c5e5d462c0b9b279\n\nArchitecture independent packages:\n\n http://security.debian.org/pool/updates/main/n/ntp/ntp-refclock_4.2.2.p4+dfsg-2etch4_all.deb\n Size/MD5 checksum: 28596 df605f89c08a01116c2ff799777f6a2c\n http://security.debian.org/pool/updates/main/n/ntp/ntp-simple_4.2.2.p4+dfsg-2etch4_all.deb\n Size/MD5 checksum: 28594 0c683ac7e7f5b131515f956aed87de3d\n http://security.debian.org/pool/updates/main/n/ntp/ntp-doc_4.2.2.p4+dfsg-2etch4_all.deb\n Size/MD5 checksum: 912886 1af5a623cbf5f145f34dab7beefcd183\n\nalpha architecture (DEC Alpha)\n\n http://security.debian.org/pool/updates/main/n/ntp/ntp_4.2.2.p4+dfsg-2etch4_alpha.deb\n Size/MD5 checksum: 408070 ca33235c58a26ad1a839084b4f2d385c\n http://security.debian.org/pool/updates/main/n/ntp/ntpdate_4.2.2.p4+dfsg-2etch4_alpha.deb\n Size/MD5 checksum: 65056 e527eb4c93d427c025374805fb5288cb\n\namd64 architecture (AMD x86_64 (AMD64))\n\n http://security.debian.org/pool/updates/main/n/ntp/ntpdate_4.2.2.p4+dfsg-2etch4_amd64.deb\n Size/MD5 checksum: 62258 13a4f4faaf699913e421c093e598f2a9\n http://security.debian.org/pool/updates/main/n/ntp/ntp_4.2.2.p4+dfsg-2etch4_amd64.deb\n Size/MD5 checksum: 359384 1a289aa1f8439e2ef736cbf29bbe140f\n\narm architecture (ARM)\n\n http://security.debian.org/pool/updates/main/n/ntp/ntpdate_4.2.2.p4+dfsg-2etch4_arm.deb\n Size/MD5 checksum: 59784 8a84cae4e8f643cbd3ed684e5a7eb0ff\n http://security.debian.org/pool/updates/main/n/ntp/ntp_4.2.2.p4+dfsg-2etch4_arm.deb\n Size/MD5 checksum: 344316 57066e8abfdf51c36d63600c993f3c20\n\nhppa architecture (HP PA RISC)\n\n http://security.debian.org/pool/updates/main/n/ntp/ntp_4.2.2.p4+dfsg-2etch4_hppa.deb\n Size/MD5 checksum: 372448 0b8f9b90bb03a2f572066fe8b47c7202\n http://security.debian.org/pool/updates/main/n/ntp/ntpdate_4.2.2.p4+dfsg-2etch4_hppa.deb\n Size/MD5 checksum: 62160 88dc964fa357187ddc97d37513a863ba\n\ni386 architecture (Intel ia32)\n\n http://security.debian.org/pool/updates/main/n/ntp/ntpdate_4.2.2.p4+dfsg-2etch4_i386.deb\n Size/MD5 checksum: 58316 90fc92e7a8f6582ee21076849ae0dfba\n http://security.debian.org/pool/updates/main/n/ntp/ntp_4.2.2.p4+dfsg-2etch4_i386.deb\n Size/MD5 checksum: 333772 e5fbae24686d444fff118f3ce9cc45db\n\nia64 architecture (Intel ia64)\n\n http://security.debian.org/pool/updates/main/n/ntp/ntp_4.2.2.p4+dfsg-2etch4_ia64.deb\n Size/MD5 checksum: 523358 0032e3c9bcb4a27a312a47fb95d1f9a1\n http://security.debian.org/pool/updates/main/n/ntp/ntpdate_4.2.2.p4+dfsg-2etch4_ia64.deb\n Size/MD5 checksum: 74712 72c1b601f4beb41c6c04a54534ba9c51\n\nmips architecture (MIPS (Big Endian))\n\n http://security.debian.org/pool/updates/main/n/ntp/ntp_4.2.2.p4+dfsg-2etch4_mips.deb\n Size/MD5 checksum: 382868 2980d63a9ca6344e6a76698d0e808f8c\n http://security.debian.org/pool/updates/main/n/ntp/ntpdate_4.2.2.p4+dfsg-2etch4_mips.deb\n Size/MD5 checksum: 63610 d523930b9b98d6353bf4e6fb7d7e57f5\n\nmipsel architecture (MIPS (Little Endian))\n\n http://security.debian.org/pool/updates/main/n/ntp/ntpdate_4.2.2.p4+dfsg-2etch4_mipsel.deb\n Size/MD5 checksum: 64134 e4042de5af081701911a7cece69c6cce\n http://security.debian.org/pool/updates/main/n/ntp/ntp_4.2.2.p4+dfsg-2etch4_mipsel.deb\n Size/MD5 checksum: 390142 b50dc2bd5970f224b6994c460f8f560a\n\npowerpc architecture (PowerPC)\n\n http://security.debian.org/pool/updates/main/n/ntp/ntp_4.2.2.p4+dfsg-2etch4_powerpc.deb\n Size/MD5 checksum: 358860 432b58ad621ac266455f7e5124d2eb1c\n http://security.debian.org/pool/updates/main/n/ntp/ntpdate_4.2.2.p4+dfsg-2etch4_powerpc.deb\n Size/MD5 checksum: 61760 2c9dd1b3a8d61bece4f420e533b7a6eb\n\ns390 architecture (IBM S/390)\n\n http://security.debian.org/pool/updates/main/n/ntp/ntp_4.2.2.p4+dfsg-2etch4_s390.deb\n Size/MD5 checksum: 350300 40a28748d5016101c179bd4a22c08390\n http://security.debian.org/pool/updates/main/n/ntp/ntpdate_4.2.2.p4+dfsg-2etch4_s390.deb\n Size/MD5 checksum: 61242 14c08344bfd0561ced0d54aa2cd23a2e\n\nsparc architecture (Sun SPARC/UltraSPARC)\n\n http://security.debian.org/pool/updates/main/n/ntp/ntpdate_4.2.2.p4+dfsg-2etch4_sparc.deb\n Size/MD5 checksum: 58584 0e573ef22b1514b12e01fa6ac2bb1ddb\n http://security.debian.org/pool/updates/main/n/ntp/ntp_4.2.2.p4+dfsg-2etch4_sparc.deb\n Size/MD5 checksum: 332284 4589ff44bc97ad73513d8ba5419c7845\n\n\nDebian GNU/Linux 5.0 alias lenny\n- --------------------------------\n\nDebian (stable)\n- ---------------\n\nStable updates are available for alpha, amd64, arm, armel, hppa, i386, ia64, mips, mipsel, powerpc, s390 and sparc. \n\nSource archives:\n\n http://security.debian.org/pool/updates/main/n/ntp/ntp_4.2.4p4+dfsg-8lenny3.dsc\n Size/MD5 checksum: 1459 81e70fe84f27e3bfabdbfb9f3122492b\n http://security.debian.org/pool/updates/main/n/ntp/ntp_4.2.4p4+dfsg.orig.tar.gz\n Size/MD5 checksum: 2835029 dc2b3ac9cc04b0f29df35467514c9884\n http://security.debian.org/pool/updates/main/n/ntp/ntp_4.2.4p4+dfsg-8lenny3.diff.gz\n Size/MD5 checksum: 300928 b568f39eda3e46f27239ad44021f968c\n\nArchitecture independent packages:\n\n http://security.debian.org/pool/updates/main/n/ntp/ntp-doc_4.2.4p4+dfsg-8lenny3_all.deb\n Size/MD5 checksum: 927658 8db03976b7b105057ead2da4bae09219\n\nalpha architecture (DEC Alpha)\n\n http://security.debian.org/pool/updates/main/n/ntp/ntpdate_4.2.4p4+dfsg-8lenny3_alpha.deb\n Size/MD5 checksum: 66706 9213dcba9a99fa363f0ce48c514a008b\n http://security.debian.org/pool/updates/main/n/ntp/ntp_4.2.4p4+dfsg-8lenny3_alpha.deb\n Size/MD5 checksum: 538492 de37b288ef933f34446ab78a8d8ed76b\n\namd64 architecture (AMD x86_64 (AMD64))\n\n http://security.debian.org/pool/updates/main/n/ntp/ntpdate_4.2.4p4+dfsg-8lenny3_amd64.deb\n Size/MD5 checksum: 63836 a0b5b030abe6a6c32591366febcec1d1\n http://security.debian.org/pool/updates/main/n/ntp/ntp_4.2.4p4+dfsg-8lenny3_amd64.deb\n Size/MD5 checksum: 479472 277efe45a76a24da6ca14ae581d0a3a2\n\narm architecture (ARM)\n\n http://security.debian.org/pool/updates/main/n/ntp/ntpdate_4.2.4p4+dfsg-8lenny3_arm.deb\n Size/MD5 checksum: 61220 d4905eea52795330e517acca903059f4\n http://security.debian.org/pool/updates/main/n/ntp/ntp_4.2.4p4+dfsg-8lenny3_arm.deb\n Size/MD5 checksum: 448164 cc28e545eb359eba225abfcb02cc4377\n\narmel architecture (ARM EABI)\n\n http://security.debian.org/pool/updates/main/n/ntp/ntpdate_4.2.4p4+dfsg-8lenny3_armel.deb\n Size/MD5 checksum: 62794 e5a43b8076a77643cc742348f0e63de1\n http://security.debian.org/pool/updates/main/n/ntp/ntp_4.2.4p4+dfsg-8lenny3_armel.deb\n Size/MD5 checksum: 458908 3721b8d7b7a67b31db6249521dd9f015\n\nhppa architecture (HP PA RISC)\n\n http://security.debian.org/pool/updates/main/n/ntp/ntpdate_4.2.4p4+dfsg-8lenny3_hppa.deb\n Size/MD5 checksum: 63872 53a7009f1888c06b162c258a9bb5d6fb\n http://security.debian.org/pool/updates/main/n/ntp/ntp_4.2.4p4+dfsg-8lenny3_hppa.deb\n Size/MD5 checksum: 485744 b8e950ba02a13ecacfe332db56c0c887\n\ni386 architecture (Intel ia32)\n\n http://security.debian.org/pool/updates/main/n/ntp/ntp_4.2.4p4+dfsg-8lenny3_i386.deb\n Size/MD5 checksum: 434672 6ccfb060f39cc56f39ef8806865b767d\n http://security.debian.org/pool/updates/main/n/ntp/ntpdate_4.2.4p4+dfsg-8lenny3_i386.deb\n Size/MD5 checksum: 60114 2f0914ae2191ddf3f74529bc896299da\n\nia64 architecture (Intel ia64)\n\n http://security.debian.org/pool/updates/main/n/ntp/ntp_4.2.4p4+dfsg-8lenny3_ia64.deb\n Size/MD5 checksum: 707812 eb960c732894d56589ba62d76c5ba568\n http://security.debian.org/pool/updates/main/n/ntp/ntpdate_4.2.4p4+dfsg-8lenny3_ia64.deb\n Size/MD5 checksum: 76366 6b5b986e454276661e8b483f095bd16e\n\nmips architecture (MIPS (Big Endian))\n\n http://security.debian.org/pool/updates/main/n/ntp/ntpdate_4.2.4p4+dfsg-8lenny3_mips.deb\n Size/MD5 checksum: 64116 ab287c70d2c2daf7b1a8808db8dcedc9\n http://security.debian.org/pool/updates/main/n/ntp/ntp_4.2.4p4+dfsg-8lenny3_mips.deb\n Size/MD5 checksum: 490394 0009cb5333123767dc3afcde682d9e10\n\nmipsel architecture (MIPS (Little Endian))\n\n http://security.debian.org/pool/updates/main/n/ntp/ntp_4.2.4p4+dfsg-8lenny3_mipsel.deb\n Size/MD5 checksum: 500786 3b842b738e616f301c31cd025c595235\n http://security.debian.org/pool/updates/main/n/ntp/ntpdate_4.2.4p4+dfsg-8lenny3_mipsel.deb\n Size/MD5 checksum: 64776 fd31cdaa7a78d7e3fa072b746dd98e01\n\npowerpc architecture (PowerPC)\n\n http://security.debian.org/pool/updates/main/n/ntp/ntp_4.2.4p4+dfsg-8lenny3_powerpc.deb\n Size/MD5 checksum: 490620 21d03b435c327c2884fe587a56fe10fb\n http://security.debian.org/pool/updates/main/n/ntp/ntpdate_4.2.4p4+dfsg-8lenny3_powerpc.deb\n Size/MD5 checksum: 65470 6966f71002ae63c104e608af1a7daa3a\n\ns390 architecture (IBM S/390)\n\n http://security.debian.org/pool/updates/main/n/ntp/ntpdate_4.2.4p4+dfsg-8lenny3_s390.deb\n Size/MD5 checksum: 63678 4b143ad2444681bdb1ee44d395996a29\n http://security.debian.org/pool/updates/main/n/ntp/ntp_4.2.4p4+dfsg-8lenny3_s390.deb\n Size/MD5 checksum: 474000 6fb44a33381b0d582599eb33896d8f0f\n\n\n These files will probably be moved into the stable distribution on\n its next update. \n\nProduct/Patch kit\n ITRC Download Location\n MD5 and SHA1 Checksum\n\nHP Tru64 UNIX v 5.1B-4 PK6 (BL27)\n T64KIT1001787-V51BB27-ES-20100817\n http://www.itrc.hp.com/service/patch/patchDetail.do?patchid=T64KIT1001787-V51BB27-ES-20100817\n MD5 results: 2b3a21a96b7855d9ca223f483bd5bfed\n SHA1 results: ac2221c9d025008b258ac8592a210e16e775fbcf\n\nHP Tru64 UNIX v 5.1B-5 PK7 (BL28)\n T64KIT1001786-V51BB28-ES-20100816\n http://www13.itrc.hp.com/service/patch/patchDetail.do?patchid=T64KIT1001786-V51BB28-ES-20100816\n MD5 results: b34d028797577408d565da27d93c30a9\n SHA1 results: b34d028797577408d565da27d93c30a9\n\nNote:\nThe patch kit installation instructions and the Patch Summary and Release Notes documents provide patch kit installation and removal instructions and a summary of each patch. Please read these documents prior to installing patches. \nHP TCP/IP Services for OpenVMS v5.4, v5.5, v5.6, and v5.7 (only affected by CVE-2009-3563) on Itanium and Alpha platforms. \nPatch kit installation instructions are provided in the file readme.txt . ESXi userworld update for ntp\n\n The Network Time Protocol (NTP) is used to synchronize the time of\n a computer client or server to another server or reference time\n source. \n\n A vulnerability was discovered which may allow remote attackers to\n spoof certificates by using MD2 design flaws to generate a hash\n collision in less than brute-force time. NOTE: the scope of this\n issue is currently limited because the amount of computation\n required is still large. \n\n This update also includes security fixes that were first addressed\n in version openssl-0.9.8e-12.el5.i386.rpm. \n\n Kerberos is a network authentication protocol. It is designed to\n provide strong authentication for client/server applications by\n using secret-key cryptography. This update fixes a flaw found in pam_krb5. In\n some non-default configurations (specifically, where pam_krb5 would\n be the first module to prompt for a password), a remote attacker\n could use this flaw to recognize valid usernames, which would aid a\n dictionary-based password guess attack. Service Console package bind updated to 9.3.6-4.P1.el5_4.2\n\n BIND (Berkeley Internet Name Daemon) is by far the most widely used\n Domain Name System (DNS) software on the Internet. \n\n A vulnerability was discovered which could allow remote attacker to\n add the Authenticated Data (AD) flag to a forged NXDOMAIN response\n for an existing domain. \n\n A vulnerability was found in the way that bind handles out-of-\n bailiwick data accompanying a secure response without re-fetching\n from the original source, which could allow remote attackers to\n have an unspecified impact via a crafted response. \n\n NOTE: ESX does not use the BIND name service daemon by default. Service Console package gcc updated to 3.2.3-60\n\n The GNU Compiler Collection includes front ends for C, C++,\n Objective-C, Fortran, Java, and Ada, as well as libraries for these\n languages\n\n GNU Libtool\u0027s ltdl.c attempts to open .la library files in the\n current working directory. This could allow a local user to gain\n privileges via a Trojan horse file. The GNU C Compiler collection\n (gcc) provided in ESX contains a statically linked version of the\n vulnerable code, and is being replaced. Service Console package sudo updated to 1.6.9p17-6.el5_4\n\n Sudo (su \"do\") allows a system administrator to delegate authority\n to give certain users (or groups of users) the ability to run some\n (or all) commands as root or another user while providing an audit\n trail of the commands and their arguments. \n\n When a pseudo-command is enabled, sudo permits a match between the\n name of the pseudo-command and the name of an executable file in an\n arbitrary directory, which allows local users to gain privileges\n via a crafted executable file. \n\n When the runas_default option is used, sudo does not properly set\n group memberships, which allows local users to gain privileges via\n a sudo command. \nCorrected: 2010-01-06 21:45:30 UTC (RELENG_8, 8.0-STABLE)\n 2010-01-06 21:45:30 UTC (RELENG_8_0, 8.0-RELEASE-p2)\n 2010-01-06 21:45:30 UTC (RELENG_7, 7.2-STABLE)\n 2010-01-06 21:45:30 UTC (RELENG_7_2, 7.2-RELEASE-p6)\n 2010-01-06 21:45:30 UTC (RELENG_7_1, 7.1-RELEASE-p10)\n 2010-01-06 21:45:30 UTC (RELENG_6, 6.4-STABLE)\n 2010-01-06 21:45:30 UTC (RELENG_6_4, 6.4-RELEASE-p9)\n 2010-01-06 21:45:30 UTC (RELENG_6_3, 6.3-RELEASE-p15)\nCVE Name: CVE-2009-3563\n\nFor general information regarding FreeBSD Security Advisories,\nincluding descriptions of the fields above, security branches, and the\nfollowing sections, please visit \u003cURL:http://security.FreeBSD.org/\u003e. \n\nII. \n\nIII. \n\nIV. Workaround\n\nProper filtering of mode 7 NTP packets by a firewall can limit the\nnumber of systems used to attack your resources. Solution\n\nPerform one of the following:\n\n1) Upgrade your vulnerable system to 6-STABLE, 7-STABLE or 8-STABLE,\nor to the RELENG_8_0, RELENG_7_2, RELENG_7_1, RELENG_6_4, or\nRELENG_6_3 security branch dated after the correction date. \n\n2) To patch your present system:\n\nThe following patches have been verified to apply to FreeBSD 6.3, 6.4,\n7.1, 7.2, and 8.0 systems. \n\na) Download the relevant patch from the location below, and verify the\ndetached PGP signature using your PGP utility. \n\n# fetch http://security.FreeBSD.org/patches/SA-10:02/ntpd.patch\n# fetch http://security.FreeBSD.org/patches/SA-10:02/ntpd.patch.asc\n\nb) Execute the following commands as root:\n\n# cd /usr/src\n# patch \u003c /path/to/patch\n# cd /usr/src/usr.sbin/ntp/ntpd\n# make obj \u0026\u0026 make depend \u0026\u0026 make \u0026\u0026 make install\n# /etc/rc.d/ntpd restart\n\nVI. Correction details\n\nThe following list contains the revision numbers of each file that was\ncorrected in FreeBSD. \n\nCVS:\n\nBranch Revision\n Path\n- -------------------------------------------------------------------------\nRELENG_6\n src/contrib/ntp/ntpd/ntp_request.c 1.1.1.4.8.2\nRELENG_6_4\n src/UPDATING 1.416.2.40.2.13\n src/sys/conf/newvers.sh 1.69.2.18.2.15\n src/contrib/ntp/ntpd/ntp_request.c 1.1.1.4.8.1.2.1\nRELENG_6_3\n src/UPDATING 1.416.2.37.2.20\n src/sys/conf/newvers.sh 1.69.2.15.2.19\n src/contrib/ntp/ntpd/ntp_request.c 1.1.1.4.20.1\nRELENG_7\n src/contrib/ntp/ntpd/ntp_request.c 1.1.1.4.18.2\nRELENG_7_2\n src/UPDATING 1.507.2.23.2.9\n src/sys/conf/newvers.sh 1.72.2.11.2.10\n src/contrib/ntp/ntpd/ntp_request.c 1.1.1.4.18.1.4.1\nRELENG_7_1\n src/UPDATING 1.507.2.13.2.13\n src/sys/conf/newvers.sh 1.72.2.9.2.14\n src/contrib/ntp/ntpd/ntp_request.c 1.1.1.4.18.1.2.1\nRELENG_8\n src/contrib/ntp/ntpd/ntp_request.c 1.2.2.1\nRELENG_8_0\n src/UPDATING 1.632.2.7.2.5\n src/sys/conf/newvers.sh 1.83.2.6.2.5\n src/contrib/ntp/ntpd/ntp_request.c 1.2.4.1\n- -------------------------------------------------------------------------\n\nSubversion:\n\nBranch/path Revision\n- -------------------------------------------------------------------------\nstable/6/ r201679\nreleng/6.4/ r201679\nreleng/6.3/ r201679\nstable/7/ r201679\nreleng/7.2/ r201679\nreleng/7.1/ r201679\nstable/8/ r201679\nreleng/8.0/ r201679\nhead/ r200576\n- -------------------------------------------------------------------------\n\nVII. \nThe upgrade is available by downloading from software.hp.com -\u003e HPUX 11i\nSoftware -\u003e Internet ready and networking -\u003e HP-UX Network Time Protocol\nversion 4 or directly from https://h20392.www2.hp.com/portal/swdepot/displayP\nroductInfo.do?productNumber=HPUX-NTP\nPlease review the Installation link at the bottom of the page. For other issues about\nthe content of this Security Bulletin, send e-mail to security-alert@hp.com. \n\nRelease Date: 2011-03-28\nLast Updated: 2011-03-24\n\n ------------------------------------------------------------------------------\n\nPotential Security Impact: Remote Denial of Service (DoS)\n\nSource: Hewlett-Packard Company, HP Software Security Response Team\n\nVULNERABILITY SUMMARY\nA potential security vulnerability has been identified with HP-UX running XNTP. The vulnerability could be exploited remotely create a Denial of Service (DoS). \n\nReferences: CVE-2009-3563\n\nSUPPORTED SOFTWARE VERSIONS*: ONLY impacted versions are listed. \nHP-UX B.11.11, B.11.23, B.11.31 running XNTP. \n\nBACKGROUND\n\nCVSS 2.0 Base Metrics\n===========================================================\n Reference Base Vector Base Score\nCVE-2009-3563 (AV:N/AC:L/Au:N/C:N/I:P/A:P) 6.4\n===========================================================\n Information on CVSS is documented\n in HP Customer Notice: HPSN-2008-002\n\nRESOLUTION\n\nHP has provided the following patches to resolve this vulnerability. \nThe patches are available by contacting HP Support. \n\nhttp://itrc.hp.com\n\nHP-UX Release / Patch ID\n\nB.11.11 (11i v1) / PHNE_41907\n\nB.11.23 (11i v2) / PHNE_41908\n\nB.11.31 (11i v3) / PHNE_41177\n\nMANUAL ACTIONS: No\n\nPRODUCT SPECIFIC INFORMATION\n\nHP-UX Software Assistant: HP-UX Software Assistant is an enhanced application that replaces HP-UX Security Patch Check. It analyzes all Security Bulletins issued by HP and lists recommended actions that may apply to a specific HP-UX system. It can also download patches and create a depot automatically. For more information see: https://www.hp.com/go/swa\n\nThe following text is for use by the HP-UX Software Assistant. \n\nAFFECTED VERSIONS\n\nHP-UX B.11.11\n==================\nInternetSrvcs.INETSVCS-BOOT\naction: install patch PHNE_41907 or subsequent\n\nHP-UX B.11.23\n==================\nInternetSrvcs.INETSVCS2-BOOT\naction: install patch PHNE_41908 or subsequent\n\nHP-UX B.11.31\n==================\nNTP.NTP-RUN\naction: install patch PHNE_41177 or subsequent\n\nEND AFFECTED VERSIONS\n\nHISTORY\nVersion:1 (rev.1) 28 March 2011 Initial release\n\nThird Party Security Patches: Third party security patches that are to be installed on systems running HP software products should be applied in accordance with the customer\u0027s patch management policy. \n\nSupport: For further information, contact normal HP Services support channel. \n\nReport: To report a potential security vulnerability with any HP supported product, send Email to: security-alert@hp.com\nIt is strongly recommended that security related information being communicated to HP be encrypted using PGP, especially exploit information. \nTo get the security-alert PGP key, please send an e-mail message as follows:\n To: security-alert@hp.com\n Subject: get key\nSubscribe: To initiate a subscription to receive future HP Security Bulletins via Email:\nhttp://h30046.www3.hp.com/driverAlertProfile.php?regioncode=NA\u0026langcode=USENG\u0026jumpid=in_SC-GEN__driverITRC\u0026topiccode=ITRC\nOn the web page: ITRC security bulletins and patch sign-up\nUnder Step1: your ITRC security bulletins and patches\n -check ALL categories for which alerts are required and continue. \nUnder Step2: your ITRC operating systems\n -verify your operating system selections are checked and save. \n\nTo update an existing subscription: http://h30046.www3.hp.com/subSignIn.php\nLog in on the web page: Subscriber\u0027s choice for Business: sign-in. \nOn the web page: Subscriber\u0027s Choice: your profile summary - use Edit Profile to update appropriate sections. \n\nTo review previously published Security Bulletins visit: http://www.itrc.hp.com/service/cki/secBullArchive.do\n\n* The Software Product Category that this Security Bulletin\nrelates to is represented by the 5th and 6th characters\nof the Bulletin number in the title:\n\nGN = HP General SW\nMA = HP Management Agents\nMI = Misc. 3rd Party SW\nMP = HP MPE/iX\nNS = HP NonStop Servers\nOV = HP OpenVMS\nPI = HP Printing \u0026 Imaging\nST = HP Storage SW\nTL = HP Trusted Linux\nTU = HP Tru64 UNIX\nUX = HP-UX\nVV = HP VirtualVault\n\nSystem management and security procedures must be reviewed frequently to maintain system integrity. HP is continually reviewing and enhancing the security features of software products to provide customers with current secure solutions. \n\n\"HP is broadly distributing this Security Bulletin in order to bring to the attention of users of the affected HP products the important security information contained in this Bulletin. HP recommends that all users determine the applicability of this information to their individual situations and take appropriate action. HP does not warrant that this information is necessarily accurate or complete for all user situations and, consequently, HP will not be responsible for any damages resulting from user\u0027s use or disregard of the information provided in this Bulletin. To the extent permitted by law, HP disclaims all warranties, either express or implied, including the warranties of merchantability and fitness for a particular purpose, title and non-infringement.\"\n\nCopyright 2009 Hewlett-Packard Development Company, L.P. \nHewlett-Packard Company shall not be liable for technical or editorial errors or omissions contained herein. The information provided is provided \"as is\" without warranty of any kind. To the extent permitted by law, neither HP or its affiliates, subcontractors or suppliers will be liable for incidental,special or consequential damages including downtime cost; lost profits;damages relating to the procurement of substitute products or services; or damages for loss of data, or software restoration. The information in this document is subject to change without notice. Hewlett-Packard Company and the names of Hewlett-Packard products referenced herein are trademarks of Hewlett-Packard Company in the United States and other countries. Other product and company names mentioned herein may be trademarks of their respective owners",
"sources": [
{
"db": "NVD",
"id": "CVE-2009-3563"
},
{
"db": "CERT/CC",
"id": "VU#568372"
},
{
"db": "CERT/CC",
"id": "VU#417980"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002446"
},
{
"db": "BID",
"id": "37255"
},
{
"db": "VULMON",
"id": "CVE-2009-3563"
},
{
"db": "PACKETSTORM",
"id": "83621"
},
{
"db": "PACKETSTORM",
"id": "86900"
},
{
"db": "PACKETSTORM",
"id": "83586"
},
{
"db": "PACKETSTORM",
"id": "94512"
},
{
"db": "PACKETSTORM",
"id": "105299"
},
{
"db": "PACKETSTORM",
"id": "90046"
},
{
"db": "PACKETSTORM",
"id": "84917"
},
{
"db": "PACKETSTORM",
"id": "121645"
},
{
"db": "PACKETSTORM",
"id": "99964"
}
],
"trust": 4.23
},
"external_ids": {
"_id": null,
"data": [
{
"db": "NVD",
"id": "CVE-2009-3563",
"trust": 6.2
},
{
"db": "CERT/CC",
"id": "VU#568372",
"trust": 3.7
},
{
"db": "BID",
"id": "37255",
"trust": 2.8
},
{
"db": "CERT/CC",
"id": "VU#417980",
"trust": 2.6
},
{
"db": "SECTRACK",
"id": "1023298",
"trust": 2.5
},
{
"db": "VUPEN",
"id": "ADV-2010-0510",
"trust": 1.9
},
{
"db": "SECUNIA",
"id": "38764",
"trust": 1.9
},
{
"db": "VUPEN",
"id": "ADV-2010-0528",
"trust": 1.1
},
{
"db": "VUPEN",
"id": "ADV-2010-0993",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "37922",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "37629",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "38832",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "38834",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "39593",
"trust": 1.1
},
{
"db": "SECUNIA",
"id": "38794",
"trust": 1.1
},
{
"db": "JUNIPER",
"id": "JSA10673",
"trust": 1.1
},
{
"db": "JUNIPER",
"id": "JSA10691",
"trust": 1.1
},
{
"db": "JVN",
"id": "JVNVU93188600",
"trust": 0.8
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002446",
"trust": 0.8
},
{
"db": "FEDORA",
"id": "FEDORA-2009-13090",
"trust": 0.6
},
{
"db": "FEDORA",
"id": "FEDORA-2009-13121",
"trust": 0.6
},
{
"db": "REDHAT",
"id": "RHSA-2010:0095",
"trust": 0.6
},
{
"db": "REDHAT",
"id": "RHSA-2009:1651",
"trust": 0.6
},
{
"db": "REDHAT",
"id": "RHSA-2009:1648",
"trust": 0.6
},
{
"db": "DEBIAN",
"id": "DSA-1948",
"trust": 0.6
},
{
"db": "CNNVD",
"id": "CNNVD-200912-113",
"trust": 0.6
},
{
"db": "VULMON",
"id": "CVE-2009-3563",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "83621",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "86900",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "83586",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "94512",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "105299",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "121022",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "90046",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "84917",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "121645",
"trust": 0.1
},
{
"db": "PACKETSTORM",
"id": "99964",
"trust": 0.1
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#568372"
},
{
"db": "CERT/CC",
"id": "VU#417980"
},
{
"db": "VULMON",
"id": "CVE-2009-3563"
},
{
"db": "BID",
"id": "37255"
},
{
"db": "PACKETSTORM",
"id": "83621"
},
{
"db": "PACKETSTORM",
"id": "86900"
},
{
"db": "PACKETSTORM",
"id": "83586"
},
{
"db": "PACKETSTORM",
"id": "94512"
},
{
"db": "PACKETSTORM",
"id": "105299"
},
{
"db": "PACKETSTORM",
"id": "121022"
},
{
"db": "PACKETSTORM",
"id": "90046"
},
{
"db": "PACKETSTORM",
"id": "84917"
},
{
"db": "PACKETSTORM",
"id": "121645"
},
{
"db": "PACKETSTORM",
"id": "99964"
},
{
"db": "CNNVD",
"id": "CNNVD-200912-113"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002446"
},
{
"db": "NVD",
"id": "CVE-2009-3563"
}
]
},
"id": "VAR-200912-0769",
"iot": {
"_id": null,
"data": true,
"sources": [
{
"db": "VARIoT devices database",
"id": null
}
],
"trust": 0.42302127599999995
},
"last_update_date": "2026-03-07T20:12:15.882000Z",
"patch": {
"_id": null,
"data": [
{
"title": "NV10-001 Fujitsu Fujitsu \u00a0 Security information",
"trust": 0.8,
"url": "http://www14.software.ibm.com/webapp/set2/subscriptions/pqvcmjd?mode=18\u0026ID=4958"
},
{
"title": "Debian CVElist Bug Report Logs: ntp: CVE-2009-3563 DoS through mode 7 packets",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_cvelist_bugreportlogs\u0026qid=6af87915827741e9268f059d7932cd80"
},
{
"title": "Ubuntu Security Notice: ntp vulnerability",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=ubuntu_security_notice\u0026qid=USN-867-1"
},
{
"title": "Debian Security Advisories: DSA-1948-1 ntp -- denial of service",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=dccc5b29483e1b8bed9fa984fc8c8c6e"
},
{
"title": "Cisco: Network Time Protocol Package Remote\u00a0Message Loop Denial of Service\u00a0Vulnerability",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=cisco_security_advisories_and_alerts_ciscoproducts\u0026qid=Cisco-SA-20091208-CVE-2009-3563"
},
{
"title": "Debian Security Advisories: DSA-1992-1 chrony -- several vulnerabilities",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=debian_security_advisories\u0026qid=0329811e8a24491e35ce229b8b52259d"
},
{
"title": "VMware Security Advisories: ESX Service Console and vMA third party updates",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=vmware_security_advisories\u0026qid=5f45ebecc93cf53cc0b45af03208cba6"
},
{
"title": "VMware Security Advisories: ESXi utilities and ESX Service Console third party updates",
"trust": 0.1,
"url": "https://vulmon.com/vendoradvisory?qidtp=vmware_security_advisories\u0026qid=9ca0d654a28a118d1f99d0ae3b1753e8"
}
],
"sources": [
{
"db": "VULMON",
"id": "CVE-2009-3563"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002446"
}
]
},
"problemtype_data": {
"_id": null,
"data": [
{
"problemtype": "NVD-CWE-Other",
"trust": 1.0
},
{
"problemtype": "design issues (CWE-DesignError) [NVD evaluation ]",
"trust": 0.8
}
],
"sources": [
{
"db": "JVNDB",
"id": "JVNDB-2009-002446"
},
{
"db": "NVD",
"id": "CVE-2009-3563"
}
]
},
"references": {
"_id": null,
"data": [
{
"trust": 3.0,
"url": "http://www.kb.cert.org/vuls/id/568372"
},
{
"trust": 2.5,
"url": "http://security-tracker.debian.org/tracker/cve-2009-3563"
},
{
"trust": 2.5,
"url": "http://securitytracker.com/id?1023298"
},
{
"trust": 2.5,
"url": "http://www.securityfocus.com/bid/37255"
},
{
"trust": 2.3,
"url": "https://support.ntp.org/bugs/show_bug.cgi?id=1331"
},
{
"trust": 1.9,
"url": "http://www.vupen.com/english/advisories/2010/0510"
},
{
"trust": 1.9,
"url": "http://secunia.com/advisories/38764"
},
{
"trust": 1.8,
"url": "http://support.ntp.org/bin/view/main/securitynotice#dos_attack_from_certain_ntp_mode"
},
{
"trust": 1.8,
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560074"
},
{
"trust": 1.7,
"url": "https://rhn.redhat.com/errata/rhsa-2009-1651.html"
},
{
"trust": 1.7,
"url": "http://www.kb.cert.org/vuls/id/mapg-7x7vd7"
},
{
"trust": 1.7,
"url": "http://www.debian.org/security/2009/dsa-1948"
},
{
"trust": 1.7,
"url": "https://rhn.redhat.com/errata/rhsa-2009-1648.html"
},
{
"trust": 1.7,
"url": "http://www.kb.cert.org/vuls/id/mapg-7x7v6j"
},
{
"trust": 1.7,
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=531213"
},
{
"trust": 1.7,
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-december/msg00809.html"
},
{
"trust": 1.7,
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-december/msg00763.html"
},
{
"trust": 1.7,
"url": "https://rhn.redhat.com/errata/rhsa-2010-0095.html"
},
{
"trust": 1.6,
"url": "http://www.ubuntu.com/usn/usn-867-1"
},
{
"trust": 1.6,
"url": "http://tools.cisco.com/security/center/viewalert.x?alertid=19540"
},
{
"trust": 1.4,
"url": "http://support.avaya.com/css/p8/documents/100071808"
},
{
"trust": 1.4,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg1iz71047"
},
{
"trust": 1.4,
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg1iz68659"
},
{
"trust": 1.1,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-66-275590-1"
},
{
"trust": 1.1,
"url": "https://lists.ntp.org/pipermail/announce/2009-december/000086.html"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/37922"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/37629"
},
{
"trust": 1.1,
"url": "http://aix.software.ibm.com/aix/efixes/security/xntpd_advisory.asc"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/38794"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2010/0528"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/38832"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/38834"
},
{
"trust": 1.1,
"url": "http://lists.vmware.com/pipermail/security-announce/2010/000082.html"
},
{
"trust": 1.1,
"url": "ftp://ftp.netbsd.org/pub/netbsd/security/advisories/netbsd-sa2010-005.txt.asc"
},
{
"trust": 1.1,
"url": "http://secunia.com/advisories/39593"
},
{
"trust": 1.1,
"url": "http://www.vupen.com/english/advisories/2010/0993"
},
{
"trust": 1.1,
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021781.1-1"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=136482797910018\u0026w=2"
},
{
"trust": 1.1,
"url": "http://marc.info/?l=bugtraq\u0026m=130168580504508\u0026w=2"
},
{
"trust": 1.1,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10691"
},
{
"trust": 1.1,
"url": "http://kb.juniper.net/infocenter/index?page=content\u0026id=jsa10673"
},
{
"trust": 1.1,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a7076"
},
{
"trust": 1.1,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a19376"
},
{
"trust": 1.1,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a12141"
},
{
"trust": 1.1,
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3aorg.mitre.oval%3adef%3a11225"
},
{
"trust": 1.0,
"url": "https://www.kb.cert.org/vuls/id/417980"
},
{
"trust": 0.9,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3563"
},
{
"trust": 0.8,
"url": "http://tools.ietf.org/html/rfc2827"
},
{
"trust": 0.8,
"url": "http://tools.ietf.org/html/rfc3704"
},
{
"trust": 0.8,
"url": "http://www.ntp.org/downloads.html"
},
{
"trust": 0.8,
"url": "http://bugs.gentoo.org/show_bug.cgi?id=290881"
},
{
"trust": 0.8,
"url": "http://jvn.jp/cert/jvnvu568372/"
},
{
"trust": 0.8,
"url": "https://jvn.jp/vu/jvnvu93188600/index.html"
},
{
"trust": 0.8,
"url": "http://web.nvd.nist.gov/view/vuln/detail?vulnid=cve-2009-3563"
},
{
"trust": 0.8,
"url": "https://kb.cert.org/vuls/id/417980"
},
{
"trust": 0.4,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3563"
},
{
"trust": 0.3,
"url": "http://blogs.oracle.com/sunsecurity/entry/multiple_vulnerabilities_in_network_time"
},
{
"trust": 0.3,
"url": "http://support.nortel.com/go/main.jsp?cscat=bltndetail\u0026id=985679"
},
{
"trust": 0.3,
"url": "http://www.ntp.org/"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/css/p8/documents/100073364"
},
{
"trust": 0.3,
"url": "http://support.avaya.com/css/p8/documents/100071806"
},
{
"trust": 0.3,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-0159"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1386"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-2908"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1377"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3620"
},
{
"trust": 0.2,
"url": "http://www.vmware.com/security"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1387"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3228"
},
{
"trust": 0.2,
"url": "http://kb.vmware.com/kb/1055"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1378"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-2695"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3621"
},
{
"trust": 0.2,
"url": "http://www.vmware.com/support/policies/security_response.html"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3547"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3286"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3613"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-2695"
},
{
"trust": 0.2,
"url": "http://www.vmware.com/support/policies/eos.html"
},
{
"trust": 0.2,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-2908"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-0590"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3726"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3612"
},
{
"trust": 0.2,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1379"
},
{
"trust": 0.2,
"url": "http://lists.vmware.com/cgi-bin/mailman/listinfo/security-announce"
},
{
"trust": 0.2,
"url": "http://www.vmware.com/support/policies/eos_vi.html"
},
{
"trust": 0.2,
"url": "http://h30046.www3.hp.com/subsignin.php"
},
{
"trust": 0.2,
"url": "http://www.itrc.hp.com/service/cki/secbullarchive.do"
},
{
"trust": 0.2,
"url": "http://h30046.www3.hp.com/driveralertprofile.php?regioncode=na\u0026langcode=useng\u0026jumpid=in_sc-gen__driveritrc\u0026topiccode=itrc"
},
{
"trust": 0.2,
"url": "http://h41183.www4.hp.com/signup_alerts.php?jumpid=hpsc_secbulletins"
},
{
"trust": 0.2,
"url": "https://www.hp.com/go/swa"
},
{
"trust": 0.1,
"url": "https://cwe.mitre.org/data/definitions/.html"
},
{
"trust": 0.1,
"url": "https://usn.ubuntu.com/867-1/"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov"
},
{
"trust": 0.1,
"url": "http://tools.cisco.com/security/center/content/ciscosecurityadvisory/cisco-sa-20091208-cve-2009-3563"
},
{
"trust": 0.1,
"url": "http://www.mandriva.com/security/"
},
{
"trust": 0.1,
"url": "http://www.mandriva.com/security/advisories"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-4022"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3720"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-4552"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-1377"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3560"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-2904"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-2849"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-2905"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-3916"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1189"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-4552"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-1386"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3720"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-4022"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-0590"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-1387"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-2849"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2008-4316"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3560"
},
{
"trust": 0.1,
"url": "http://tinyurl.com/yfekgrx"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-0115"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-1379"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2008-4316"
},
{
"trust": 0.1,
"url": "https://hostupdate.vmware.com/software/vum/offline/release-192-20100228-732"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-2905"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-2904"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-1378"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/1018403"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/n/ntp/ntpdate_4.2.4p4+dfsg-8lenny3_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/n/ntp/ntp_4.2.4p4+dfsg-8lenny3_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/n/ntp/ntp_4.2.2.p4+dfsg-2etch4_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/n/ntp/ntpdate_4.2.4p4+dfsg-8lenny3_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/n/ntp/ntp-doc_4.2.2.p4+dfsg-2etch4_all.deb"
},
{
"trust": 0.1,
"url": "http://www.debian.org/security/faq"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/n/ntp/ntpdate_4.2.4p4+dfsg-8lenny3_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/n/ntp/ntpdate_4.2.2.p4+dfsg-2etch4_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/n/ntp/ntpdate_4.2.2.p4+dfsg-2etch4_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/n/ntp/ntp_4.2.4p4+dfsg.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/n/ntp/ntp_4.2.2.p4+dfsg-2etch4_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/n/ntp/ntpdate_4.2.2.p4+dfsg-2etch4_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/n/ntp/ntpdate_4.2.4p4+dfsg-8lenny3_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/n/ntp/ntpdate_4.2.2.p4+dfsg-2etch4_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/n/ntp/ntpdate_4.2.4p4+dfsg-8lenny3_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/n/ntp/ntp_4.2.2.p4+dfsg-2etch4_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/n/ntp/ntpdate_4.2.2.p4+dfsg-2etch4_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/n/ntp/ntpdate_4.2.4p4+dfsg-8lenny3_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/n/ntp/ntpdate_4.2.2.p4+dfsg-2etch4_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/n/ntp/ntpdate_4.2.2.p4+dfsg-2etch4_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/n/ntp/ntp_4.2.2.p4+dfsg-2etch4.dsc"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/n/ntp/ntp_4.2.4p4+dfsg-8lenny3_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/n/ntp/ntp_4.2.4p4+dfsg-8lenny3_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/n/ntp/ntpdate_4.2.4p4+dfsg-8lenny3_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/n/ntp/ntp_4.2.4p4+dfsg-8lenny3.dsc"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/n/ntp/ntpdate_4.2.4p4+dfsg-8lenny3_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/n/ntp/ntp_4.2.2.p4+dfsg-2etch4_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/n/ntp/ntp_4.2.2.p4+dfsg-2etch4_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/n/ntp/ntp_4.2.4p4+dfsg-8lenny3_i386.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/n/ntp/ntp_4.2.4p4+dfsg-8lenny3_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/n/ntp/ntp_4.2.2.p4+dfsg-2etch4_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/n/ntp/ntp-simple_4.2.2.p4+dfsg-2etch4_all.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/n/ntp/ntp-refclock_4.2.2.p4+dfsg-2etch4_all.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/n/ntp/ntp_4.2.2.p4+dfsg-2etch4_hppa.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/n/ntp/ntp_4.2.2.p4+dfsg-2etch4_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/n/ntp/ntp_4.2.4p4+dfsg-8lenny3.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/n/ntp/ntp_4.2.4p4+dfsg-8lenny3_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/n/ntp/ntpdate_4.2.2.p4+dfsg-2etch4_s390.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/n/ntp/ntp_4.2.4p4+dfsg-8lenny3_armel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/n/ntp/ntp_4.2.2.p4+dfsg.orig.tar.gz"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/n/ntp/ntpdate_4.2.2.p4+dfsg-2etch4_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/n/ntp/ntpdate_4.2.4p4+dfsg-8lenny3_mips.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/n/ntp/ntpdate_4.2.4p4+dfsg-8lenny3_mipsel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/n/ntp/ntp_4.2.2.p4+dfsg-2etch4_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/n/ntp/ntp_4.2.4p4+dfsg-8lenny3_amd64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/n/ntp/ntp_4.2.2.p4+dfsg-2etch4.diff.gz"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/n/ntp/ntpdate_4.2.2.p4+dfsg-2etch4_alpha.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/n/ntp/ntp_4.2.4p4+dfsg-8lenny3_powerpc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/n/ntp/ntpdate_4.2.4p4+dfsg-8lenny3_armel.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/"
},
{
"trust": 0.1,
"url": "http://packages.debian.org/\u003cpkg\u003e"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/n/ntp/ntp_4.2.2.p4+dfsg-2etch4_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/n/ntp/ntp_4.2.4p4+dfsg-8lenny3_arm.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/n/ntp/ntp-doc_4.2.4p4+dfsg-8lenny3_all.deb"
},
{
"trust": 0.1,
"url": "http://www.debian.org/security/"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/n/ntp/ntp_4.2.2.p4+dfsg-2etch4_sparc.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/n/ntp/ntpdate_4.2.2.p4+dfsg-2etch4_ia64.deb"
},
{
"trust": 0.1,
"url": "http://security.debian.org/pool/updates/main/n/ntp/ntp_4.2.4p4+dfsg-8lenny3_ia64.deb"
},
{
"trust": 0.1,
"url": "http://www13.itrc.hp.com/service/patch/patchdetail.do?patchid=t64kit1001786-v51bb28-es-20100816"
},
{
"trust": 0.1,
"url": "http://www.itrc.hp.com/service/patch/patchdetail.do?patchid=t64kit1001787-v51bb27-es-20100817"
},
{
"trust": 0.1,
"url": "https://h20566.www2.hp.com/portal/site/hpsc/"
},
{
"trust": 0.1,
"url": "https://h20566.www2.hp.com/portal/site/hpsc/public/kb/docdisplay/?docid=emr_na-c02964430"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-1252"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-0158"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3547"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3286"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3080"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2007-4567"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0001"
},
{
"trust": 0.1,
"url": "http://bit.ly/aqtcqn"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2007-4567"
},
{
"trust": 0.1,
"url": "http://kb.vmware.com/kb/1013127"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-4536"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-2409"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-4536"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-4021"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0427"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0426"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3621"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2006-6304"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3939"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-4020"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3736"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3556"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-4538"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0097"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-4537"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0290"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3612"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-4138"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-4272"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2010-0382"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1384"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-4355"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-4141"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3613"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-4538"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3620"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3080"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2006-6304"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-2910"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3556"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-4212"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-4537"
},
{
"trust": 0.1,
"url": "http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-3889"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-2910"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3228"
},
{
"trust": 0.1,
"url": "https://nvd.nist.gov/vuln/detail/cve-2009-3726"
},
{
"trust": 0.1,
"url": "http://security.freebsd.org/patches/sa-10:02/ntpd.patch"
},
{
"trust": 0.1,
"url": "http://security.freebsd.org/\u003e."
},
{
"trust": 0.1,
"url": "http://security.freebsd.org/patches/sa-10:02/ntpd.patch.asc"
},
{
"trust": 0.1,
"url": "http://security.freebsd.org/advisories/freebsd-sa-10:02.ntpd.asc"
},
{
"trust": 0.1,
"url": "https://h20392.www2.hp.com/portal/swdepot/displayp"
},
{
"trust": 0.1,
"url": "https://h20564.www2.hp.com/portal/site/hpsc/public/kb/"
},
{
"trust": 0.1,
"url": "http://h20564.www2.hp.com/portal/site/hpsc/public/kb/secbullarchive/"
},
{
"trust": 0.1,
"url": "http://itrc.hp.com"
}
],
"sources": [
{
"db": "CERT/CC",
"id": "VU#568372"
},
{
"db": "VULMON",
"id": "CVE-2009-3563"
},
{
"db": "BID",
"id": "37255"
},
{
"db": "PACKETSTORM",
"id": "83621"
},
{
"db": "PACKETSTORM",
"id": "86900"
},
{
"db": "PACKETSTORM",
"id": "83586"
},
{
"db": "PACKETSTORM",
"id": "94512"
},
{
"db": "PACKETSTORM",
"id": "105299"
},
{
"db": "PACKETSTORM",
"id": "121022"
},
{
"db": "PACKETSTORM",
"id": "90046"
},
{
"db": "PACKETSTORM",
"id": "84917"
},
{
"db": "PACKETSTORM",
"id": "121645"
},
{
"db": "PACKETSTORM",
"id": "99964"
},
{
"db": "CNNVD",
"id": "CNNVD-200912-113"
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002446"
},
{
"db": "NVD",
"id": "CVE-2009-3563"
}
]
},
"sources": {
"_id": null,
"data": [
{
"db": "CERT/CC",
"id": "VU#568372",
"ident": null
},
{
"db": "CERT/CC",
"id": "VU#417980",
"ident": null
},
{
"db": "VULMON",
"id": "CVE-2009-3563",
"ident": null
},
{
"db": "BID",
"id": "37255",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "83621",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "86900",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "83586",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "94512",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "105299",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "121022",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "90046",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "84917",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "121645",
"ident": null
},
{
"db": "PACKETSTORM",
"id": "99964",
"ident": null
},
{
"db": "CNNVD",
"id": "CNNVD-200912-113",
"ident": null
},
{
"db": "JVNDB",
"id": "JVNDB-2009-002446",
"ident": null
},
{
"db": "NVD",
"id": "CVE-2009-3563",
"ident": null
}
]
},
"sources_release_date": {
"_id": null,
"data": [
{
"date": "2009-12-08T00:00:00",
"db": "CERT/CC",
"id": "VU#568372",
"ident": null
},
{
"date": "2024-03-19T00:00:00",
"db": "CERT/CC",
"id": "VU#417980",
"ident": null
},
{
"date": "2009-12-09T00:00:00",
"db": "VULMON",
"id": "CVE-2009-3563",
"ident": null
},
{
"date": "2009-12-08T00:00:00",
"db": "BID",
"id": "37255",
"ident": null
},
{
"date": "2009-12-10T15:41:54",
"db": "PACKETSTORM",
"id": "83621",
"ident": null
},
{
"date": "2010-03-05T03:32:24",
"db": "PACKETSTORM",
"id": "86900",
"ident": null
},
{
"date": "2009-12-09T00:03:34",
"db": "PACKETSTORM",
"id": "83586",
"ident": null
},
{
"date": "2010-10-05T21:10:50",
"db": "PACKETSTORM",
"id": "94512",
"ident": null
},
{
"date": "2011-09-23T12:12:00",
"db": "PACKETSTORM",
"id": "105299",
"ident": null
},
{
"date": "2013-03-30T12:12:00",
"db": "PACKETSTORM",
"id": "121022",
"ident": null
},
{
"date": "2010-05-28T20:14:56",
"db": "PACKETSTORM",
"id": "90046",
"ident": null
},
{
"date": "2010-01-07T19:01:14",
"db": "PACKETSTORM",
"id": "84917",
"ident": null
},
{
"date": "2013-05-15T16:22:00",
"db": "PACKETSTORM",
"id": "121645",
"ident": null
},
{
"date": "2011-04-01T21:06:48",
"db": "PACKETSTORM",
"id": "99964",
"ident": null
},
{
"date": "2009-12-09T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200912-113",
"ident": null
},
{
"date": "2010-01-25T00:00:00",
"db": "JVNDB",
"id": "JVNDB-2009-002446",
"ident": null
},
{
"date": "2009-12-09T18:30:00.390000",
"db": "NVD",
"id": "CVE-2009-3563",
"ident": null
}
]
},
"sources_update_date": {
"_id": null,
"data": [
{
"date": "2011-07-22T00:00:00",
"db": "CERT/CC",
"id": "VU#568372",
"ident": null
},
{
"date": "2024-03-20T00:00:00",
"db": "CERT/CC",
"id": "VU#417980",
"ident": null
},
{
"date": "2017-09-19T00:00:00",
"db": "VULMON",
"id": "CVE-2009-3563",
"ident": null
},
{
"date": "2015-05-12T19:46:00",
"db": "BID",
"id": "37255",
"ident": null
},
{
"date": "2009-12-10T00:00:00",
"db": "CNNVD",
"id": "CNNVD-200912-113",
"ident": null
},
{
"date": "2024-03-22T04:19:00",
"db": "JVNDB",
"id": "JVNDB-2009-002446",
"ident": null
},
{
"date": "2025-04-09T00:30:58.490000",
"db": "NVD",
"id": "CVE-2009-3563",
"ident": null
}
]
},
"threat_type": {
"_id": null,
"data": "remote",
"sources": [
{
"db": "PACKETSTORM",
"id": "83621"
},
{
"db": "CNNVD",
"id": "CNNVD-200912-113"
}
],
"trust": 0.7
},
"title": {
"_id": null,
"data": "NTP mode 7 denial-of-service vulnerability",
"sources": [
{
"db": "CERT/CC",
"id": "VU#568372"
}
],
"trust": 0.8
},
"type": {
"_id": null,
"data": "design error",
"sources": [
{
"db": "CNNVD",
"id": "CNNVD-200912-113"
}
],
"trust": 0.6
}
}
FKIE_CVE-2009-3563
Vulnerability from fkie_nvd - Published: 2009-12-09 18:30 - Updated: 2025-04-09 00:30
Severity ?
Summary
ntp_request.c in ntpd in NTP before 4.2.4p8, and 4.2.5, allows remote attackers to cause a denial of service (CPU and bandwidth consumption) by using MODE_PRIVATE to send a spoofed (1) request or (2) response packet that triggers a continuous exchange of MODE_PRIVATE error responses between two NTP daemons.
References
| URL | Tags | ||
|---|---|---|---|
| cve@mitre.org | ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2010-005.txt.asc | ||
| cve@mitre.org | http://aix.software.ibm.com/aix/efixes/security/xntpd_advisory.asc | ||
| cve@mitre.org | http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560074 | ||
| cve@mitre.org | http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10673 | ||
| cve@mitre.org | http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10691 | ||
| cve@mitre.org | http://lists.vmware.com/pipermail/security-announce/2010/000082.html | ||
| cve@mitre.org | http://marc.info/?l=bugtraq&m=130168580504508&w=2 | ||
| cve@mitre.org | http://marc.info/?l=bugtraq&m=136482797910018&w=2 | ||
| cve@mitre.org | http://secunia.com/advisories/37629 | ||
| cve@mitre.org | http://secunia.com/advisories/37922 | ||
| cve@mitre.org | http://secunia.com/advisories/38764 | ||
| cve@mitre.org | http://secunia.com/advisories/38794 | ||
| cve@mitre.org | http://secunia.com/advisories/38832 | ||
| cve@mitre.org | http://secunia.com/advisories/38834 | ||
| cve@mitre.org | http://secunia.com/advisories/39593 | ||
| cve@mitre.org | http://security-tracker.debian.org/tracker/CVE-2009-3563 | ||
| cve@mitre.org | http://securitytracker.com/id?1023298 | ||
| cve@mitre.org | http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021781.1-1 | ||
| cve@mitre.org | http://support.avaya.com/css/P8/documents/100071808 | ||
| cve@mitre.org | http://support.ntp.org/bin/view/Main/SecurityNotice#DoS_attack_from_certain_NTP_mode | Patch | |
| cve@mitre.org | http://www-01.ibm.com/support/docview.wss?uid=isg1IZ68659 | ||
| cve@mitre.org | http://www-01.ibm.com/support/docview.wss?uid=isg1IZ71047 | ||
| cve@mitre.org | http://www.debian.org/security/2009/dsa-1948 | Patch | |
| cve@mitre.org | http://www.kb.cert.org/vuls/id/568372 | Patch, US Government Resource | |
| cve@mitre.org | http://www.kb.cert.org/vuls/id/MAPG-7X7V6J | ||
| cve@mitre.org | http://www.kb.cert.org/vuls/id/MAPG-7X7VD7 | ||
| cve@mitre.org | http://www.securityfocus.com/bid/37255 | Patch | |
| cve@mitre.org | http://www.vupen.com/english/advisories/2010/0510 | ||
| cve@mitre.org | http://www.vupen.com/english/advisories/2010/0528 | ||
| cve@mitre.org | http://www.vupen.com/english/advisories/2010/0993 | ||
| cve@mitre.org | https://bugzilla.redhat.com/show_bug.cgi?id=531213 | ||
| cve@mitre.org | https://lists.ntp.org/pipermail/announce/2009-December/000086.html | ||
| cve@mitre.org | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11225 | ||
| cve@mitre.org | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12141 | ||
| cve@mitre.org | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19376 | ||
| cve@mitre.org | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7076 | ||
| cve@mitre.org | https://rhn.redhat.com/errata/RHSA-2009-1648.html | ||
| cve@mitre.org | https://rhn.redhat.com/errata/RHSA-2009-1651.html | ||
| cve@mitre.org | https://rhn.redhat.com/errata/RHSA-2010-0095.html | ||
| cve@mitre.org | https://support.ntp.org/bugs/show_bug.cgi?id=1331 | ||
| cve@mitre.org | https://www.kb.cert.org/vuls/id/417980 | ||
| cve@mitre.org | https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00763.html | ||
| cve@mitre.org | https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00809.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2010-005.txt.asc | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://aix.software.ibm.com/aix/efixes/security/xntpd_advisory.asc | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560074 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10673 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10691 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://lists.vmware.com/pipermail/security-announce/2010/000082.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=bugtraq&m=130168580504508&w=2 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://marc.info/?l=bugtraq&m=136482797910018&w=2 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/37629 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/37922 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/38764 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/38794 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/38832 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/38834 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://secunia.com/advisories/39593 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://security-tracker.debian.org/tracker/CVE-2009-3563 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://securitytracker.com/id?1023298 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021781.1-1 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://support.avaya.com/css/P8/documents/100071808 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://support.ntp.org/bin/view/Main/SecurityNotice#DoS_attack_from_certain_NTP_mode | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www-01.ibm.com/support/docview.wss?uid=isg1IZ68659 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www-01.ibm.com/support/docview.wss?uid=isg1IZ71047 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.debian.org/security/2009/dsa-1948 | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.kb.cert.org/vuls/id/568372 | Patch, US Government Resource | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.kb.cert.org/vuls/id/MAPG-7X7V6J | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.kb.cert.org/vuls/id/MAPG-7X7VD7 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.securityfocus.com/bid/37255 | Patch | |
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2010/0510 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2010/0528 | ||
| af854a3a-2127-422b-91ae-364da2661108 | http://www.vupen.com/english/advisories/2010/0993 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://bugzilla.redhat.com/show_bug.cgi?id=531213 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://lists.ntp.org/pipermail/announce/2009-December/000086.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11225 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12141 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19376 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7076 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://rhn.redhat.com/errata/RHSA-2009-1648.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://rhn.redhat.com/errata/RHSA-2009-1651.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://rhn.redhat.com/errata/RHSA-2010-0095.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://support.ntp.org/bugs/show_bug.cgi?id=1331 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://www.kb.cert.org/vuls/id/417980 | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00763.html | ||
| af854a3a-2127-422b-91ae-364da2661108 | https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00809.html |
Impacted products
| Vendor | Product | Version | |
|---|---|---|---|
| ntp | ntp | * | |
| ntp | ntp | 4.0.72 | |
| ntp | ntp | 4.0.73 | |
| ntp | ntp | 4.0.90 | |
| ntp | ntp | 4.0.91 | |
| ntp | ntp | 4.0.92 | |
| ntp | ntp | 4.0.93 | |
| ntp | ntp | 4.0.94 | |
| ntp | ntp | 4.0.95 | |
| ntp | ntp | 4.0.96 | |
| ntp | ntp | 4.0.97 | |
| ntp | ntp | 4.0.98 | |
| ntp | ntp | 4.0.99 | |
| ntp | ntp | 4.1.0 | |
| ntp | ntp | 4.1.2 | |
| ntp | ntp | 4.2.0 | |
| ntp | ntp | 4.2.2 | |
| ntp | ntp | 4.2.2p1 | |
| ntp | ntp | 4.2.2p2 | |
| ntp | ntp | 4.2.2p3 | |
| ntp | ntp | 4.2.5 |
{
"configurations": [
{
"nodes": [
{
"cpeMatch": [
{
"criteria": "cpe:2.3:a:ntp:ntp:*:*:*:*:*:*:*:*",
"matchCriteriaId": "73B1FD64-D156-45BC-9713-77E163DF731C",
"versionEndIncluding": "4.2.2p4",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ntp:ntp:4.0.72:*:*:*:*:*:*:*",
"matchCriteriaId": "25AB2D70-2807-4970-ACD3-9B4751A1F9D6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ntp:ntp:4.0.73:*:*:*:*:*:*:*",
"matchCriteriaId": "06C78C19-5A09-4883-8144-AE861A244FEA",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ntp:ntp:4.0.90:*:*:*:*:*:*:*",
"matchCriteriaId": "437C8BA8-F437-4166-838D-EDC64E7A67DC",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ntp:ntp:4.0.91:*:*:*:*:*:*:*",
"matchCriteriaId": "104AEC97-3C2A-48D2-BA63-08502F88F8D2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ntp:ntp:4.0.92:*:*:*:*:*:*:*",
"matchCriteriaId": "87D67E30-E303-4F79-9929-4A5B587FCDB7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ntp:ntp:4.0.93:*:*:*:*:*:*:*",
"matchCriteriaId": "B9BD95B5-322C-4CDC-A2DB-A06D4DA3B104",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ntp:ntp:4.0.94:*:*:*:*:*:*:*",
"matchCriteriaId": "0BD63969-D18D-41AF-9814-DA1A207BDE80",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ntp:ntp:4.0.95:*:*:*:*:*:*:*",
"matchCriteriaId": "7EAD8958-173A-4FCC-9420-A148BA5F73E2",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ntp:ntp:4.0.96:*:*:*:*:*:*:*",
"matchCriteriaId": "B271F6AD-D829-4671-8FA7-7D921364B426",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ntp:ntp:4.0.97:*:*:*:*:*:*:*",
"matchCriteriaId": "C25E03A8-46B5-4AC7-8506-4C255D7CC400",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ntp:ntp:4.0.98:*:*:*:*:*:*:*",
"matchCriteriaId": "2C76CD53-CC9F-491A-952F-9A82D6E20058",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ntp:ntp:4.0.99:*:*:*:*:*:*:*",
"matchCriteriaId": "E749D64E-5C47-4A34-9F3C-1D34F8348058",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ntp:ntp:4.1.0:*:*:*:*:*:*:*",
"matchCriteriaId": "EE0C9CBB-D52F-4F7C-B343-E685A3996BC6",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ntp:ntp:4.1.2:*:*:*:*:*:*:*",
"matchCriteriaId": "CB90A3FB-B107-46CF-A846-48EE0EDF637A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ntp:ntp:4.2.0:*:*:*:*:*:*:*",
"matchCriteriaId": "088BFFA4-1AAB-4699-9793-F731A81B296A",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ntp:ntp:4.2.2:*:*:*:*:*:*:*",
"matchCriteriaId": "B3475779-383A-4128-9145-474EC08030FE",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ntp:ntp:4.2.2p1:*:*:*:*:*:*:*",
"matchCriteriaId": "782BAA3D-A639-4B25-83F0-741074C88D7F",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ntp:ntp:4.2.2p2:*:*:*:*:*:*:*",
"matchCriteriaId": "EF367FA4-2C7F-4040-89DE-8A97A069A802",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ntp:ntp:4.2.2p3:*:*:*:*:*:*:*",
"matchCriteriaId": "01D11498-3FC4-4890-9B10-BBA74A01C9E7",
"vulnerable": true
},
{
"criteria": "cpe:2.3:a:ntp:ntp:4.2.5:*:*:*:*:*:*:*",
"matchCriteriaId": "35C2B888-66D6-45D3-97E3-C711B1C6971A",
"vulnerable": true
}
],
"negate": false,
"operator": "OR"
}
]
}
],
"cveTags": [],
"descriptions": [
{
"lang": "en",
"value": "ntp_request.c in ntpd in NTP before 4.2.4p8, and 4.2.5, allows remote attackers to cause a denial of service (CPU and bandwidth consumption) by using MODE_PRIVATE to send a spoofed (1) request or (2) response packet that triggers a continuous exchange of MODE_PRIVATE error responses between two NTP daemons."
},
{
"lang": "es",
"value": "ntp_request.c en ntpd en NTP anterior v4.2.4p8, y v4.2.5, permite a atacantes remotos causar una denegaci\u00f3n de servicio (consumo de CPU y ancho de banda) por uso de MODE_PRIVATE para enviar una suplantaci\u00f3n de (1) petici\u00f3n o (2) paquete respueta lo que lanza continuo intercambio de errores de respuesta MODE_PRIVATE entre dos demonios NTP."
}
],
"id": "CVE-2009-3563",
"lastModified": "2025-04-09T00:30:58.490",
"metrics": {
"cvssMetricV2": [
{
"acInsufInfo": false,
"baseSeverity": "MEDIUM",
"cvssData": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.4,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"source": "nvd@nist.gov",
"type": "Primary",
"userInteractionRequired": false
}
]
},
"published": "2009-12-09T18:30:00.390",
"references": [
{
"source": "cve@mitre.org",
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2010-005.txt.asc"
},
{
"source": "cve@mitre.org",
"url": "http://aix.software.ibm.com/aix/efixes/security/xntpd_advisory.asc"
},
{
"source": "cve@mitre.org",
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560074"
},
{
"source": "cve@mitre.org",
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10673"
},
{
"source": "cve@mitre.org",
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10691"
},
{
"source": "cve@mitre.org",
"url": "http://lists.vmware.com/pipermail/security-announce/2010/000082.html"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=130168580504508\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://marc.info/?l=bugtraq\u0026m=136482797910018\u0026w=2"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/37629"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/37922"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/38764"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/38794"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/38832"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/38834"
},
{
"source": "cve@mitre.org",
"url": "http://secunia.com/advisories/39593"
},
{
"source": "cve@mitre.org",
"url": "http://security-tracker.debian.org/tracker/CVE-2009-3563"
},
{
"source": "cve@mitre.org",
"url": "http://securitytracker.com/id?1023298"
},
{
"source": "cve@mitre.org",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021781.1-1"
},
{
"source": "cve@mitre.org",
"url": "http://support.avaya.com/css/P8/documents/100071808"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://support.ntp.org/bin/view/Main/SecurityNotice#DoS_attack_from_certain_NTP_mode"
},
{
"source": "cve@mitre.org",
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg1IZ68659"
},
{
"source": "cve@mitre.org",
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg1IZ71047"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.debian.org/security/2009/dsa-1948"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/568372"
},
{
"source": "cve@mitre.org",
"url": "http://www.kb.cert.org/vuls/id/MAPG-7X7V6J"
},
{
"source": "cve@mitre.org",
"url": "http://www.kb.cert.org/vuls/id/MAPG-7X7VD7"
},
{
"source": "cve@mitre.org",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/37255"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2010/0510"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2010/0528"
},
{
"source": "cve@mitre.org",
"url": "http://www.vupen.com/english/advisories/2010/0993"
},
{
"source": "cve@mitre.org",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=531213"
},
{
"source": "cve@mitre.org",
"url": "https://lists.ntp.org/pipermail/announce/2009-December/000086.html"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11225"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12141"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19376"
},
{
"source": "cve@mitre.org",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7076"
},
{
"source": "cve@mitre.org",
"url": "https://rhn.redhat.com/errata/RHSA-2009-1648.html"
},
{
"source": "cve@mitre.org",
"url": "https://rhn.redhat.com/errata/RHSA-2009-1651.html"
},
{
"source": "cve@mitre.org",
"url": "https://rhn.redhat.com/errata/RHSA-2010-0095.html"
},
{
"source": "cve@mitre.org",
"url": "https://support.ntp.org/bugs/show_bug.cgi?id=1331"
},
{
"source": "cve@mitre.org",
"url": "https://www.kb.cert.org/vuls/id/417980"
},
{
"source": "cve@mitre.org",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00763.html"
},
{
"source": "cve@mitre.org",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00809.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2010-005.txt.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://aix.software.ibm.com/aix/efixes/security/xntpd_advisory.asc"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560074"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10673"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10691"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://lists.vmware.com/pipermail/security-announce/2010/000082.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=130168580504508\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://marc.info/?l=bugtraq\u0026m=136482797910018\u0026w=2"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/37629"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/37922"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/38764"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/38794"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/38832"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/38834"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://secunia.com/advisories/39593"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://security-tracker.debian.org/tracker/CVE-2009-3563"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://securitytracker.com/id?1023298"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021781.1-1"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://support.avaya.com/css/P8/documents/100071808"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://support.ntp.org/bin/view/Main/SecurityNotice#DoS_attack_from_certain_NTP_mode"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg1IZ68659"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg1IZ71047"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.debian.org/security/2009/dsa-1948"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/568372"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.kb.cert.org/vuls/id/MAPG-7X7V6J"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.kb.cert.org/vuls/id/MAPG-7X7VD7"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/37255"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2010/0510"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2010/0528"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "http://www.vupen.com/english/advisories/2010/0993"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=531213"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://lists.ntp.org/pipermail/announce/2009-December/000086.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11225"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12141"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19376"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7076"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://rhn.redhat.com/errata/RHSA-2009-1648.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://rhn.redhat.com/errata/RHSA-2009-1651.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://rhn.redhat.com/errata/RHSA-2010-0095.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://support.ntp.org/bugs/show_bug.cgi?id=1331"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.kb.cert.org/vuls/id/417980"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00763.html"
},
{
"source": "af854a3a-2127-422b-91ae-364da2661108",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00809.html"
}
],
"sourceIdentifier": "cve@mitre.org",
"vulnStatus": "Deferred",
"weaknesses": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
],
"source": "nvd@nist.gov",
"type": "Primary"
}
]
}
WID-SEC-W-2023-1747
Vulnerability from csaf_certbund - Published: 2023-07-13 22:00 - Updated: 2023-07-13 22:00Summary
Moxa Switch: Schwachstelle ermöglicht Denial of Service
Severity
Mittel
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: Ein Switch ist ein aktives Netzwerkgerät, das Datenpakete auf dem Data Link Layer (Layer 2) des OSI-Modells weiterleitet.
Angriff: Ein entfernter, anonymer Angreifer kann eine Schwachstelle in Moxa Switch ausnutzen, um einen Denial of Service Angriff durchzuführen.
Betroffene Betriebssysteme: - Sonstiges
Es existiert eine Schwachstelle in mehreren Moxa Switches. Der Fehler besteht aufgrund einer unkontrollierten Rekursion, die zu einem übermäßigen CPU- und Protokollverbrauch führt. Ein entfernter, nicht authentifizierter Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu verursachen.
References
{
"document": {
"aggregate_severity": {
"text": "mittel"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Ein Switch ist ein aktives Netzwerkger\u00e4t, das Datenpakete auf dem Data Link Layer (Layer 2) des OSI-Modells weiterleitet.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer Angreifer kann eine Schwachstelle in Moxa Switch ausnutzen, um einen Denial of Service Angriff durchzuf\u00fchren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Sonstiges",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2023-1747 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2023/wid-sec-w-2023-1747.json"
},
{
"category": "self",
"summary": "WID-SEC-2023-1747 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2023-1747"
},
{
"category": "external",
"summary": "Moxa Security Advisories - MPSA-230307 vom 2023-07-13",
"url": "https://www.moxa.com/en/support/product-support/security-advisory/mpsa-230307-multiple-switch-series-affected-by-ntp-denial-of-service-vulnerability"
}
],
"source_lang": "en-US",
"title": "Moxa Switch: Schwachstelle erm\u00f6glicht Denial of Service",
"tracking": {
"current_release_date": "2023-07-13T22:00:00.000+00:00",
"generator": {
"date": "2024-08-15T17:55:34.434+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.5"
}
},
"id": "WID-SEC-W-2023-1747",
"initial_release_date": "2023-07-13T22:00:00.000+00:00",
"revision_history": [
{
"date": "2023-07-13T22:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Moxa Switch PT-G7828 Series \u003c= 6.2",
"product": {
"name": "Moxa Switch PT-G7828 Series \u003c= 6.2",
"product_id": "T028613",
"product_identification_helper": {
"cpe": "cpe:/h:moxa:switch:6.2::pt-g7828_series"
}
}
},
{
"category": "product_name",
"name": "Moxa Switch PT-7828 Series \u003c= 3.9",
"product": {
"name": "Moxa Switch PT-7828 Series \u003c= 3.9",
"product_id": "T028618",
"product_identification_helper": {
"cpe": "cpe:/h:moxa:switch:3.9::pt-7828_series"
}
}
},
{
"category": "product_name",
"name": "Moxa Switch MDS-G4012 \u003c= 1.2",
"product": {
"name": "Moxa Switch MDS-G4012 \u003c= 1.2",
"product_id": "T028620",
"product_identification_helper": {
"cpe": "cpe:/h:moxa:switch:1.2::mds-g4012_series"
}
}
},
{
"category": "product_name",
"name": "Moxa Switch PT-7728 Series \u003c= 3.8",
"product": {
"name": "Moxa Switch PT-7728 Series \u003c= 3.8",
"product_id": "T028622",
"product_identification_helper": {
"cpe": "cpe:/h:moxa:switch:3.8::pt-7728_series"
}
}
},
{
"category": "product_name",
"name": "Moxa Switch PT-508 Series \u003c= 3.8",
"product": {
"name": "Moxa Switch PT-508 Series \u003c= 3.8",
"product_id": "T028626",
"product_identification_helper": {
"cpe": "cpe:/h:moxa:switch:pt-508_series__3.8"
}
}
}
],
"category": "product_name",
"name": "Switch"
}
],
"category": "vendor",
"name": "Moxa"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2009-3563",
"notes": [
{
"category": "description",
"text": "Es existiert eine Schwachstelle in mehreren Moxa Switches. Der Fehler besteht aufgrund einer unkontrollierten Rekursion, die zu einem \u00fcberm\u00e4\u00dfigen CPU- und Protokollverbrauch f\u00fchrt. Ein entfernter, nicht authentifizierter Angreifer kann diese Schwachstelle ausnutzen, um einen Denial-of-Service-Zustand zu verursachen."
}
],
"product_status": {
"known_affected": [
"T028618",
"T028626",
"T028613",
"T028622",
"T028620"
]
},
"release_date": "2023-07-13T22:00:00.000+00:00",
"title": "CVE-2009-3563"
}
]
}
WID-SEC-W-2024-0672
Vulnerability from csaf_certbund - Published: 2024-03-19 23:00 - Updated: 2024-03-19 23:00Summary
UDP-basierte Protokollimplementierungen: Mehrere Schwachstellen ermöglichen Denial of Service
Severity
Mittel
Notes
Das BSI ist als Anbieter für die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch dafür verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgfältig im Einzelfall zu prüfen.
Produktbeschreibung: Das User Datagram Protocol (UDP) ist ein einfaches, verbindungsloses Protokoll, das in vielen internetbasierten Anwendungen verwendet wird.
Angriff: Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in UDP-basierten Protokollimplementierungen ausnutzen, um einen Denial of Service Angriff durchzuführen.
Betroffene Betriebssysteme: - Sonstiges
Es bestehen mehrere Schwachstellen in bestimmten Implementierungen von UDP-basierten Anwendungsprotokollen. Bestimmte Anwendungen können dazu gebracht werden, eine Netzwerkschleife mit scheinbar endlosen Paketen zu erzeugen. Softwareimplementierungen UDP-basierter Anwendungsprotokolle wie z.B. DNS, NTP, TFTP, Echo (RFC862), Chargen (RFC864) und QOTD (RFC865) sind von diesem Problem betroffen. Ein entfernter, anonymer Angreifer kann diese Schwachstelle durch das Senden maliziöser Pakete ausnutzen, um einen Denial-of-Service-Zustand zu verursachen.
Es bestehen mehrere Schwachstellen in bestimmten Implementierungen von UDP-basierten Anwendungsprotokollen. Bestimmte Anwendungen können dazu gebracht werden, eine Netzwerkschleife mit scheinbar endlosen Paketen zu erzeugen. Softwareimplementierungen UDP-basierter Anwendungsprotokolle wie z.B. DNS, NTP, TFTP, Echo (RFC862), Chargen (RFC864) und QOTD (RFC865) sind von diesem Problem betroffen. Ein entfernter, anonymer Angreifer kann diese Schwachstelle durch das Senden maliziöser Pakete ausnutzen, um einen Denial-of-Service-Zustand zu verursachen.
Es bestehen mehrere Schwachstellen in bestimmten Implementierungen von UDP-basierten Anwendungsprotokollen. Bestimmte Anwendungen können dazu gebracht werden, eine Netzwerkschleife mit scheinbar endlosen Paketen zu erzeugen. Softwareimplementierungen UDP-basierter Anwendungsprotokolle wie z.B. DNS, NTP, TFTP, Echo (RFC862), Chargen (RFC864) und QOTD (RFC865) sind von diesem Problem betroffen. Ein entfernter, anonymer Angreifer kann diese Schwachstelle durch das Senden maliziöser Pakete ausnutzen, um einen Denial-of-Service-Zustand zu verursachen.
References
| URL | Category | |
|---|---|---|
{
"document": {
"aggregate_severity": {
"text": "mittel"
},
"category": "csaf_base",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "de-DE",
"notes": [
{
"category": "legal_disclaimer",
"text": "Das BSI ist als Anbieter f\u00fcr die eigenen, zur Nutzung bereitgestellten Inhalte nach den allgemeinen Gesetzen verantwortlich. Nutzerinnen und Nutzer sind jedoch daf\u00fcr verantwortlich, die Verwendung und/oder die Umsetzung der mit den Inhalten bereitgestellten Informationen sorgf\u00e4ltig im Einzelfall zu pr\u00fcfen."
},
{
"category": "description",
"text": "Das User Datagram Protocol (UDP) ist ein einfaches, verbindungsloses Protokoll, das in vielen internetbasierten Anwendungen verwendet wird.",
"title": "Produktbeschreibung"
},
{
"category": "summary",
"text": "Ein entfernter, anonymer Angreifer kann mehrere Schwachstellen in UDP-basierten Protokollimplementierungen ausnutzen, um einen Denial of Service Angriff durchzuf\u00fchren.",
"title": "Angriff"
},
{
"category": "general",
"text": "- Sonstiges",
"title": "Betroffene Betriebssysteme"
}
],
"publisher": {
"category": "other",
"contact_details": "csaf-provider@cert-bund.de",
"name": "Bundesamt f\u00fcr Sicherheit in der Informationstechnik",
"namespace": "https://www.bsi.bund.de"
},
"references": [
{
"category": "self",
"summary": "WID-SEC-W-2024-0672 - CSAF Version",
"url": "https://wid.cert-bund.de/.well-known/csaf/white/2024/wid-sec-w-2024-0672.json"
},
{
"category": "self",
"summary": "WID-SEC-2024-0672 - Portal Version",
"url": "https://wid.cert-bund.de/portal/wid/securityadvisory?name=WID-SEC-2024-0672"
},
{
"category": "external",
"summary": "CERT Coordination Center vom 2024-03-19",
"url": "https://kb.cert.org/vuls/id/417980"
}
],
"source_lang": "en-US",
"title": "UDP-basierte Protokollimplementierungen: Mehrere Schwachstellen erm\u00f6glichen Denial of Service",
"tracking": {
"current_release_date": "2024-03-19T23:00:00.000+00:00",
"generator": {
"date": "2024-08-15T18:06:40.006+00:00",
"engine": {
"name": "BSI-WID",
"version": "1.3.5"
}
},
"id": "WID-SEC-W-2024-0672",
"initial_release_date": "2024-03-19T23:00:00.000+00:00",
"revision_history": [
{
"date": "2024-03-19T23:00:00.000+00:00",
"number": "1",
"summary": "Initiale Fassung"
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Open Source ntp",
"product": {
"name": "Open Source ntp",
"product_id": "T033573",
"product_identification_helper": {
"cpe": "cpe:/a:ntp:ntp:-"
}
}
}
],
"category": "vendor",
"name": "Open Source"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2024-2169",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in bestimmten Implementierungen von UDP-basierten Anwendungsprotokollen. Bestimmte Anwendungen k\u00f6nnen dazu gebracht werden, eine Netzwerkschleife mit scheinbar endlosen Paketen zu erzeugen. Softwareimplementierungen UDP-basierter Anwendungsprotokolle wie z.B. DNS, NTP, TFTP, Echo (RFC862), Chargen (RFC864) und QOTD (RFC865) sind von diesem Problem betroffen. Ein entfernter, anonymer Angreifer kann diese Schwachstelle durch das Senden malizi\u00f6ser Pakete ausnutzen, um einen Denial-of-Service-Zustand zu verursachen."
}
],
"product_status": {
"known_affected": [
"T033573"
]
},
"release_date": "2024-03-19T23:00:00.000+00:00",
"title": "CVE-2024-2169"
},
{
"cve": "CVE-2024-1309",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in bestimmten Implementierungen von UDP-basierten Anwendungsprotokollen. Bestimmte Anwendungen k\u00f6nnen dazu gebracht werden, eine Netzwerkschleife mit scheinbar endlosen Paketen zu erzeugen. Softwareimplementierungen UDP-basierter Anwendungsprotokolle wie z.B. DNS, NTP, TFTP, Echo (RFC862), Chargen (RFC864) und QOTD (RFC865) sind von diesem Problem betroffen. Ein entfernter, anonymer Angreifer kann diese Schwachstelle durch das Senden malizi\u00f6ser Pakete ausnutzen, um einen Denial-of-Service-Zustand zu verursachen."
}
],
"product_status": {
"known_affected": [
"T033573"
]
},
"release_date": "2024-03-19T23:00:00.000+00:00",
"title": "CVE-2024-1309"
},
{
"cve": "CVE-2009-3563",
"notes": [
{
"category": "description",
"text": "Es bestehen mehrere Schwachstellen in bestimmten Implementierungen von UDP-basierten Anwendungsprotokollen. Bestimmte Anwendungen k\u00f6nnen dazu gebracht werden, eine Netzwerkschleife mit scheinbar endlosen Paketen zu erzeugen. Softwareimplementierungen UDP-basierter Anwendungsprotokolle wie z.B. DNS, NTP, TFTP, Echo (RFC862), Chargen (RFC864) und QOTD (RFC865) sind von diesem Problem betroffen. Ein entfernter, anonymer Angreifer kann diese Schwachstelle durch das Senden malizi\u00f6ser Pakete ausnutzen, um einen Denial-of-Service-Zustand zu verursachen."
}
],
"product_status": {
"known_affected": [
"T033573"
]
},
"release_date": "2024-03-19T23:00:00.000+00:00",
"title": "CVE-2009-3563"
}
]
}
GHSA-GM22-X89C-4H54
Vulnerability from github – Published: 2022-05-03 03:20 – Updated: 2022-05-03 03:20
VLAI?
Details
ntp_request.c in ntpd in NTP before 4.2.4p8, and 4.2.5, allows remote attackers to cause a denial of service (CPU and bandwidth consumption) by using MODE_PRIVATE to send a spoofed (1) request or (2) response packet that triggers a continuous exchange of MODE_PRIVATE error responses between two NTP daemons.
{
"affected": [],
"aliases": [
"CVE-2009-3563"
],
"database_specific": {
"cwe_ids": [],
"github_reviewed": false,
"github_reviewed_at": null,
"nvd_published_at": "2009-12-09T18:30:00Z",
"severity": "MODERATE"
},
"details": "ntp_request.c in ntpd in NTP before 4.2.4p8, and 4.2.5, allows remote attackers to cause a denial of service (CPU and bandwidth consumption) by using MODE_PRIVATE to send a spoofed (1) request or (2) response packet that triggers a continuous exchange of MODE_PRIVATE error responses between two NTP daemons.",
"id": "GHSA-gm22-x89c-4h54",
"modified": "2022-05-03T03:20:29Z",
"published": "2022-05-03T03:20:29Z",
"references": [
{
"type": "ADVISORY",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2009-3563"
},
{
"type": "WEB",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=531213"
},
{
"type": "WEB",
"url": "https://lists.ntp.org/pipermail/announce/2009-December/000086.html"
},
{
"type": "WEB",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11225"
},
{
"type": "WEB",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12141"
},
{
"type": "WEB",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19376"
},
{
"type": "WEB",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7076"
},
{
"type": "WEB",
"url": "https://rhn.redhat.com/errata/RHSA-2009-1648.html"
},
{
"type": "WEB",
"url": "https://rhn.redhat.com/errata/RHSA-2009-1651.html"
},
{
"type": "WEB",
"url": "https://rhn.redhat.com/errata/RHSA-2010-0095.html"
},
{
"type": "WEB",
"url": "https://support.ntp.org/bugs/show_bug.cgi?id=1331"
},
{
"type": "WEB",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00763.html"
},
{
"type": "WEB",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00809.html"
},
{
"type": "WEB",
"url": "http://aix.software.ibm.com/aix/efixes/security/xntpd_advisory.asc"
},
{
"type": "WEB",
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560074"
},
{
"type": "WEB",
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10673"
},
{
"type": "WEB",
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10691"
},
{
"type": "WEB",
"url": "http://lists.vmware.com/pipermail/security-announce/2010/000082.html"
},
{
"type": "WEB",
"url": "http://marc.info/?l=bugtraq\u0026m=130168580504508\u0026w=2"
},
{
"type": "WEB",
"url": "http://marc.info/?l=bugtraq\u0026m=136482797910018\u0026w=2"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/37629"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/37922"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/38764"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/38794"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/38832"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/38834"
},
{
"type": "WEB",
"url": "http://secunia.com/advisories/39593"
},
{
"type": "WEB",
"url": "http://security-tracker.debian.org/tracker/CVE-2009-3563"
},
{
"type": "WEB",
"url": "http://securitytracker.com/id?1023298"
},
{
"type": "WEB",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021781.1-1"
},
{
"type": "WEB",
"url": "http://support.avaya.com/css/P8/documents/100071808"
},
{
"type": "WEB",
"url": "http://support.ntp.org/bin/view/Main/SecurityNotice#DoS_attack_from_certain_NTP_mode"
},
{
"type": "WEB",
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg1IZ68659"
},
{
"type": "WEB",
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg1IZ71047"
},
{
"type": "WEB",
"url": "http://www.debian.org/security/2009/dsa-1948"
},
{
"type": "WEB",
"url": "http://www.kb.cert.org/vuls/id/568372"
},
{
"type": "WEB",
"url": "http://www.kb.cert.org/vuls/id/MAPG-7X7V6J"
},
{
"type": "WEB",
"url": "http://www.kb.cert.org/vuls/id/MAPG-7X7VD7"
},
{
"type": "WEB",
"url": "http://www.securityfocus.com/bid/37255"
},
{
"type": "WEB",
"url": "http://www.vupen.com/english/advisories/2010/0510"
},
{
"type": "WEB",
"url": "http://www.vupen.com/english/advisories/2010/0528"
},
{
"type": "WEB",
"url": "http://www.vupen.com/english/advisories/2010/0993"
}
],
"schema_version": "1.4.0",
"severity": []
}
RHSA-2009:1648
Vulnerability from csaf_redhat - Published: 2009-12-08 19:29 - Updated: 2025-11-21 17:35Summary
Red Hat Security Advisory: ntp security update
Severity
Moderate
Notes
Topic: An updated ntp package that fixes a security issue is now available for Red
Hat Enterprise Linux 4 and 5.
This update has been rated as having moderate security impact by the Red
Hat Security Response Team.
Details: The Network Time Protocol (NTP) is used to synchronize a computer's time
with a referenced time source.
Robin Park and Dmitri Vinokurov discovered a flaw in the way ntpd handled
certain malformed NTP packets. ntpd logged information about all such
packets and replied with an NTP packet that was treated as malformed when
received by another ntpd. A remote attacker could use this flaw to create
an NTP packet reply loop between two ntpd servers via a malformed packet
with a spoofed source IP address and port, causing ntpd on those servers to
use excessive amounts of CPU time and fill disk space with log messages.
(CVE-2009-3563)
All ntp users are advised to upgrade to this updated package, which
contains a backported patch to resolve this issue. After installing the
update, the ntpd daemon will restart automatically.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
ntp_request.c in ntpd in NTP before 4.2.4p8, and 4.2.5, allows remote attackers to cause a denial of service (CPU and bandwidth consumption) by using MODE_PRIVATE to send a spoofed (1) request or (2) response packet that triggers a continuous exchange of MODE_PRIVATE error responses between two NTP daemons.
5.0 ()
Vendor Fix
Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.
This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/docs/DOC-11259
https://access.redhat.com/errata/RHSA-2009:1648
References
| URL | Category | |||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
||||||||||||||||||||||||||
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An updated ntp package that fixes a security issue is now available for Red\nHat Enterprise Linux 4 and 5.\n\nThis update has been rated as having moderate security impact by the Red\nHat Security Response Team.",
"title": "Topic"
},
{
"category": "general",
"text": "The Network Time Protocol (NTP) is used to synchronize a computer\u0027s time\nwith a referenced time source.\n\nRobin Park and Dmitri Vinokurov discovered a flaw in the way ntpd handled\ncertain malformed NTP packets. ntpd logged information about all such\npackets and replied with an NTP packet that was treated as malformed when\nreceived by another ntpd. A remote attacker could use this flaw to create\nan NTP packet reply loop between two ntpd servers via a malformed packet\nwith a spoofed source IP address and port, causing ntpd on those servers to\nuse excessive amounts of CPU time and fill disk space with log messages.\n(CVE-2009-3563)\n\nAll ntp users are advised to upgrade to this updated package, which\ncontains a backported patch to resolve this issue. After installing the\nupdate, the ntpd daemon will restart automatically.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2009:1648",
"url": "https://access.redhat.com/errata/RHSA-2009:1648"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "531213",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=531213"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2009/rhsa-2009_1648.json"
}
],
"title": "Red Hat Security Advisory: ntp security update",
"tracking": {
"current_release_date": "2025-11-21T17:35:39+00:00",
"generator": {
"date": "2025-11-21T17:35:39+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.12"
}
},
"id": "RHSA-2009:1648",
"initial_release_date": "2009-12-08T19:29:00+00:00",
"revision_history": [
{
"date": "2009-12-08T19:29:00+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2009-12-08T14:33:41+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-11-21T17:35:39+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AS version 4",
"product": {
"name": "Red Hat Enterprise Linux AS version 4",
"product_id": "4AS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:4::as"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Desktop version 4",
"product": {
"name": "Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:4::desktop"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux ES version 4",
"product": {
"name": "Red Hat Enterprise Linux ES version 4",
"product_id": "4ES",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:4::es"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux WS version 4",
"product": {
"name": "Red Hat Enterprise Linux WS version 4",
"product_id": "4WS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:4::ws"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux Desktop (v. 5 client)",
"product": {
"name": "Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:5::client"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux (v. 5 server)",
"product": {
"name": "Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:5::server"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "ntp-0:4.2.0.a.20040617-8.el4_8.1.ia64",
"product": {
"name": "ntp-0:4.2.0.a.20040617-8.el4_8.1.ia64",
"product_id": "ntp-0:4.2.0.a.20040617-8.el4_8.1.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ntp@4.2.0.a.20040617-8.el4_8.1?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "ntp-debuginfo-0:4.2.0.a.20040617-8.el4_8.1.ia64",
"product": {
"name": "ntp-debuginfo-0:4.2.0.a.20040617-8.el4_8.1.ia64",
"product_id": "ntp-debuginfo-0:4.2.0.a.20040617-8.el4_8.1.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ntp-debuginfo@4.2.0.a.20040617-8.el4_8.1?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "ntp-0:4.2.2p1-9.el5_4.1.ia64",
"product": {
"name": "ntp-0:4.2.2p1-9.el5_4.1.ia64",
"product_id": "ntp-0:4.2.2p1-9.el5_4.1.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ntp@4.2.2p1-9.el5_4.1?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "ntp-debuginfo-0:4.2.2p1-9.el5_4.1.ia64",
"product": {
"name": "ntp-debuginfo-0:4.2.2p1-9.el5_4.1.ia64",
"product_id": "ntp-debuginfo-0:4.2.2p1-9.el5_4.1.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ntp-debuginfo@4.2.2p1-9.el5_4.1?arch=ia64"
}
}
}
],
"category": "architecture",
"name": "ia64"
},
{
"branches": [
{
"category": "product_version",
"name": "ntp-0:4.2.0.a.20040617-8.el4_8.1.src",
"product": {
"name": "ntp-0:4.2.0.a.20040617-8.el4_8.1.src",
"product_id": "ntp-0:4.2.0.a.20040617-8.el4_8.1.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ntp@4.2.0.a.20040617-8.el4_8.1?arch=src"
}
}
},
{
"category": "product_version",
"name": "ntp-0:4.2.2p1-9.el5_4.1.src",
"product": {
"name": "ntp-0:4.2.2p1-9.el5_4.1.src",
"product_id": "ntp-0:4.2.2p1-9.el5_4.1.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ntp@4.2.2p1-9.el5_4.1?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "ntp-0:4.2.0.a.20040617-8.el4_8.1.x86_64",
"product": {
"name": "ntp-0:4.2.0.a.20040617-8.el4_8.1.x86_64",
"product_id": "ntp-0:4.2.0.a.20040617-8.el4_8.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ntp@4.2.0.a.20040617-8.el4_8.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "ntp-debuginfo-0:4.2.0.a.20040617-8.el4_8.1.x86_64",
"product": {
"name": "ntp-debuginfo-0:4.2.0.a.20040617-8.el4_8.1.x86_64",
"product_id": "ntp-debuginfo-0:4.2.0.a.20040617-8.el4_8.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ntp-debuginfo@4.2.0.a.20040617-8.el4_8.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "ntp-0:4.2.2p1-9.el5_4.1.x86_64",
"product": {
"name": "ntp-0:4.2.2p1-9.el5_4.1.x86_64",
"product_id": "ntp-0:4.2.2p1-9.el5_4.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ntp@4.2.2p1-9.el5_4.1?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "ntp-debuginfo-0:4.2.2p1-9.el5_4.1.x86_64",
"product": {
"name": "ntp-debuginfo-0:4.2.2p1-9.el5_4.1.x86_64",
"product_id": "ntp-debuginfo-0:4.2.2p1-9.el5_4.1.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ntp-debuginfo@4.2.2p1-9.el5_4.1?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "ntp-0:4.2.0.a.20040617-8.el4_8.1.i386",
"product": {
"name": "ntp-0:4.2.0.a.20040617-8.el4_8.1.i386",
"product_id": "ntp-0:4.2.0.a.20040617-8.el4_8.1.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ntp@4.2.0.a.20040617-8.el4_8.1?arch=i386"
}
}
},
{
"category": "product_version",
"name": "ntp-debuginfo-0:4.2.0.a.20040617-8.el4_8.1.i386",
"product": {
"name": "ntp-debuginfo-0:4.2.0.a.20040617-8.el4_8.1.i386",
"product_id": "ntp-debuginfo-0:4.2.0.a.20040617-8.el4_8.1.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ntp-debuginfo@4.2.0.a.20040617-8.el4_8.1?arch=i386"
}
}
},
{
"category": "product_version",
"name": "ntp-0:4.2.2p1-9.el5_4.1.i386",
"product": {
"name": "ntp-0:4.2.2p1-9.el5_4.1.i386",
"product_id": "ntp-0:4.2.2p1-9.el5_4.1.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ntp@4.2.2p1-9.el5_4.1?arch=i386"
}
}
},
{
"category": "product_version",
"name": "ntp-debuginfo-0:4.2.2p1-9.el5_4.1.i386",
"product": {
"name": "ntp-debuginfo-0:4.2.2p1-9.el5_4.1.i386",
"product_id": "ntp-debuginfo-0:4.2.2p1-9.el5_4.1.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ntp-debuginfo@4.2.2p1-9.el5_4.1?arch=i386"
}
}
}
],
"category": "architecture",
"name": "i386"
},
{
"branches": [
{
"category": "product_version",
"name": "ntp-0:4.2.0.a.20040617-8.el4_8.1.ppc",
"product": {
"name": "ntp-0:4.2.0.a.20040617-8.el4_8.1.ppc",
"product_id": "ntp-0:4.2.0.a.20040617-8.el4_8.1.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ntp@4.2.0.a.20040617-8.el4_8.1?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "ntp-debuginfo-0:4.2.0.a.20040617-8.el4_8.1.ppc",
"product": {
"name": "ntp-debuginfo-0:4.2.0.a.20040617-8.el4_8.1.ppc",
"product_id": "ntp-debuginfo-0:4.2.0.a.20040617-8.el4_8.1.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ntp-debuginfo@4.2.0.a.20040617-8.el4_8.1?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "ntp-0:4.2.2p1-9.el5_4.1.ppc",
"product": {
"name": "ntp-0:4.2.2p1-9.el5_4.1.ppc",
"product_id": "ntp-0:4.2.2p1-9.el5_4.1.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ntp@4.2.2p1-9.el5_4.1?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "ntp-debuginfo-0:4.2.2p1-9.el5_4.1.ppc",
"product": {
"name": "ntp-debuginfo-0:4.2.2p1-9.el5_4.1.ppc",
"product_id": "ntp-debuginfo-0:4.2.2p1-9.el5_4.1.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ntp-debuginfo@4.2.2p1-9.el5_4.1?arch=ppc"
}
}
}
],
"category": "architecture",
"name": "ppc"
},
{
"branches": [
{
"category": "product_version",
"name": "ntp-0:4.2.0.a.20040617-8.el4_8.1.s390x",
"product": {
"name": "ntp-0:4.2.0.a.20040617-8.el4_8.1.s390x",
"product_id": "ntp-0:4.2.0.a.20040617-8.el4_8.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ntp@4.2.0.a.20040617-8.el4_8.1?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "ntp-debuginfo-0:4.2.0.a.20040617-8.el4_8.1.s390x",
"product": {
"name": "ntp-debuginfo-0:4.2.0.a.20040617-8.el4_8.1.s390x",
"product_id": "ntp-debuginfo-0:4.2.0.a.20040617-8.el4_8.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ntp-debuginfo@4.2.0.a.20040617-8.el4_8.1?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "ntp-0:4.2.2p1-9.el5_4.1.s390x",
"product": {
"name": "ntp-0:4.2.2p1-9.el5_4.1.s390x",
"product_id": "ntp-0:4.2.2p1-9.el5_4.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ntp@4.2.2p1-9.el5_4.1?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "ntp-debuginfo-0:4.2.2p1-9.el5_4.1.s390x",
"product": {
"name": "ntp-debuginfo-0:4.2.2p1-9.el5_4.1.s390x",
"product_id": "ntp-debuginfo-0:4.2.2p1-9.el5_4.1.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ntp-debuginfo@4.2.2p1-9.el5_4.1?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "ntp-0:4.2.0.a.20040617-8.el4_8.1.s390",
"product": {
"name": "ntp-0:4.2.0.a.20040617-8.el4_8.1.s390",
"product_id": "ntp-0:4.2.0.a.20040617-8.el4_8.1.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ntp@4.2.0.a.20040617-8.el4_8.1?arch=s390"
}
}
},
{
"category": "product_version",
"name": "ntp-debuginfo-0:4.2.0.a.20040617-8.el4_8.1.s390",
"product": {
"name": "ntp-debuginfo-0:4.2.0.a.20040617-8.el4_8.1.s390",
"product_id": "ntp-debuginfo-0:4.2.0.a.20040617-8.el4_8.1.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ntp-debuginfo@4.2.0.a.20040617-8.el4_8.1?arch=s390"
}
}
}
],
"category": "architecture",
"name": "s390"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-0:4.2.0.a.20040617-8.el4_8.1.i386 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:ntp-0:4.2.0.a.20040617-8.el4_8.1.i386"
},
"product_reference": "ntp-0:4.2.0.a.20040617-8.el4_8.1.i386",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-0:4.2.0.a.20040617-8.el4_8.1.ia64 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:ntp-0:4.2.0.a.20040617-8.el4_8.1.ia64"
},
"product_reference": "ntp-0:4.2.0.a.20040617-8.el4_8.1.ia64",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-0:4.2.0.a.20040617-8.el4_8.1.ppc as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:ntp-0:4.2.0.a.20040617-8.el4_8.1.ppc"
},
"product_reference": "ntp-0:4.2.0.a.20040617-8.el4_8.1.ppc",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-0:4.2.0.a.20040617-8.el4_8.1.s390 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:ntp-0:4.2.0.a.20040617-8.el4_8.1.s390"
},
"product_reference": "ntp-0:4.2.0.a.20040617-8.el4_8.1.s390",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-0:4.2.0.a.20040617-8.el4_8.1.s390x as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:ntp-0:4.2.0.a.20040617-8.el4_8.1.s390x"
},
"product_reference": "ntp-0:4.2.0.a.20040617-8.el4_8.1.s390x",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-0:4.2.0.a.20040617-8.el4_8.1.src as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:ntp-0:4.2.0.a.20040617-8.el4_8.1.src"
},
"product_reference": "ntp-0:4.2.0.a.20040617-8.el4_8.1.src",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-0:4.2.0.a.20040617-8.el4_8.1.x86_64 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:ntp-0:4.2.0.a.20040617-8.el4_8.1.x86_64"
},
"product_reference": "ntp-0:4.2.0.a.20040617-8.el4_8.1.x86_64",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-debuginfo-0:4.2.0.a.20040617-8.el4_8.1.i386 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:ntp-debuginfo-0:4.2.0.a.20040617-8.el4_8.1.i386"
},
"product_reference": "ntp-debuginfo-0:4.2.0.a.20040617-8.el4_8.1.i386",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-debuginfo-0:4.2.0.a.20040617-8.el4_8.1.ia64 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:ntp-debuginfo-0:4.2.0.a.20040617-8.el4_8.1.ia64"
},
"product_reference": "ntp-debuginfo-0:4.2.0.a.20040617-8.el4_8.1.ia64",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-debuginfo-0:4.2.0.a.20040617-8.el4_8.1.ppc as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:ntp-debuginfo-0:4.2.0.a.20040617-8.el4_8.1.ppc"
},
"product_reference": "ntp-debuginfo-0:4.2.0.a.20040617-8.el4_8.1.ppc",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-debuginfo-0:4.2.0.a.20040617-8.el4_8.1.s390 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:ntp-debuginfo-0:4.2.0.a.20040617-8.el4_8.1.s390"
},
"product_reference": "ntp-debuginfo-0:4.2.0.a.20040617-8.el4_8.1.s390",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-debuginfo-0:4.2.0.a.20040617-8.el4_8.1.s390x as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:ntp-debuginfo-0:4.2.0.a.20040617-8.el4_8.1.s390x"
},
"product_reference": "ntp-debuginfo-0:4.2.0.a.20040617-8.el4_8.1.s390x",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-debuginfo-0:4.2.0.a.20040617-8.el4_8.1.x86_64 as a component of Red Hat Enterprise Linux AS version 4",
"product_id": "4AS:ntp-debuginfo-0:4.2.0.a.20040617-8.el4_8.1.x86_64"
},
"product_reference": "ntp-debuginfo-0:4.2.0.a.20040617-8.el4_8.1.x86_64",
"relates_to_product_reference": "4AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-0:4.2.0.a.20040617-8.el4_8.1.i386 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:ntp-0:4.2.0.a.20040617-8.el4_8.1.i386"
},
"product_reference": "ntp-0:4.2.0.a.20040617-8.el4_8.1.i386",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-0:4.2.0.a.20040617-8.el4_8.1.ia64 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:ntp-0:4.2.0.a.20040617-8.el4_8.1.ia64"
},
"product_reference": "ntp-0:4.2.0.a.20040617-8.el4_8.1.ia64",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-0:4.2.0.a.20040617-8.el4_8.1.ppc as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:ntp-0:4.2.0.a.20040617-8.el4_8.1.ppc"
},
"product_reference": "ntp-0:4.2.0.a.20040617-8.el4_8.1.ppc",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-0:4.2.0.a.20040617-8.el4_8.1.s390 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:ntp-0:4.2.0.a.20040617-8.el4_8.1.s390"
},
"product_reference": "ntp-0:4.2.0.a.20040617-8.el4_8.1.s390",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-0:4.2.0.a.20040617-8.el4_8.1.s390x as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:ntp-0:4.2.0.a.20040617-8.el4_8.1.s390x"
},
"product_reference": "ntp-0:4.2.0.a.20040617-8.el4_8.1.s390x",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-0:4.2.0.a.20040617-8.el4_8.1.src as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:ntp-0:4.2.0.a.20040617-8.el4_8.1.src"
},
"product_reference": "ntp-0:4.2.0.a.20040617-8.el4_8.1.src",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-0:4.2.0.a.20040617-8.el4_8.1.x86_64 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:ntp-0:4.2.0.a.20040617-8.el4_8.1.x86_64"
},
"product_reference": "ntp-0:4.2.0.a.20040617-8.el4_8.1.x86_64",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-debuginfo-0:4.2.0.a.20040617-8.el4_8.1.i386 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:ntp-debuginfo-0:4.2.0.a.20040617-8.el4_8.1.i386"
},
"product_reference": "ntp-debuginfo-0:4.2.0.a.20040617-8.el4_8.1.i386",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-debuginfo-0:4.2.0.a.20040617-8.el4_8.1.ia64 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:ntp-debuginfo-0:4.2.0.a.20040617-8.el4_8.1.ia64"
},
"product_reference": "ntp-debuginfo-0:4.2.0.a.20040617-8.el4_8.1.ia64",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-debuginfo-0:4.2.0.a.20040617-8.el4_8.1.ppc as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:ntp-debuginfo-0:4.2.0.a.20040617-8.el4_8.1.ppc"
},
"product_reference": "ntp-debuginfo-0:4.2.0.a.20040617-8.el4_8.1.ppc",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-debuginfo-0:4.2.0.a.20040617-8.el4_8.1.s390 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:ntp-debuginfo-0:4.2.0.a.20040617-8.el4_8.1.s390"
},
"product_reference": "ntp-debuginfo-0:4.2.0.a.20040617-8.el4_8.1.s390",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-debuginfo-0:4.2.0.a.20040617-8.el4_8.1.s390x as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:ntp-debuginfo-0:4.2.0.a.20040617-8.el4_8.1.s390x"
},
"product_reference": "ntp-debuginfo-0:4.2.0.a.20040617-8.el4_8.1.s390x",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-debuginfo-0:4.2.0.a.20040617-8.el4_8.1.x86_64 as a component of Red Hat Enterprise Linux Desktop version 4",
"product_id": "4Desktop:ntp-debuginfo-0:4.2.0.a.20040617-8.el4_8.1.x86_64"
},
"product_reference": "ntp-debuginfo-0:4.2.0.a.20040617-8.el4_8.1.x86_64",
"relates_to_product_reference": "4Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-0:4.2.0.a.20040617-8.el4_8.1.i386 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:ntp-0:4.2.0.a.20040617-8.el4_8.1.i386"
},
"product_reference": "ntp-0:4.2.0.a.20040617-8.el4_8.1.i386",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-0:4.2.0.a.20040617-8.el4_8.1.ia64 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:ntp-0:4.2.0.a.20040617-8.el4_8.1.ia64"
},
"product_reference": "ntp-0:4.2.0.a.20040617-8.el4_8.1.ia64",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-0:4.2.0.a.20040617-8.el4_8.1.ppc as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:ntp-0:4.2.0.a.20040617-8.el4_8.1.ppc"
},
"product_reference": "ntp-0:4.2.0.a.20040617-8.el4_8.1.ppc",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-0:4.2.0.a.20040617-8.el4_8.1.s390 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:ntp-0:4.2.0.a.20040617-8.el4_8.1.s390"
},
"product_reference": "ntp-0:4.2.0.a.20040617-8.el4_8.1.s390",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-0:4.2.0.a.20040617-8.el4_8.1.s390x as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:ntp-0:4.2.0.a.20040617-8.el4_8.1.s390x"
},
"product_reference": "ntp-0:4.2.0.a.20040617-8.el4_8.1.s390x",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-0:4.2.0.a.20040617-8.el4_8.1.src as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:ntp-0:4.2.0.a.20040617-8.el4_8.1.src"
},
"product_reference": "ntp-0:4.2.0.a.20040617-8.el4_8.1.src",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-0:4.2.0.a.20040617-8.el4_8.1.x86_64 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:ntp-0:4.2.0.a.20040617-8.el4_8.1.x86_64"
},
"product_reference": "ntp-0:4.2.0.a.20040617-8.el4_8.1.x86_64",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-debuginfo-0:4.2.0.a.20040617-8.el4_8.1.i386 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:ntp-debuginfo-0:4.2.0.a.20040617-8.el4_8.1.i386"
},
"product_reference": "ntp-debuginfo-0:4.2.0.a.20040617-8.el4_8.1.i386",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-debuginfo-0:4.2.0.a.20040617-8.el4_8.1.ia64 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:ntp-debuginfo-0:4.2.0.a.20040617-8.el4_8.1.ia64"
},
"product_reference": "ntp-debuginfo-0:4.2.0.a.20040617-8.el4_8.1.ia64",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-debuginfo-0:4.2.0.a.20040617-8.el4_8.1.ppc as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:ntp-debuginfo-0:4.2.0.a.20040617-8.el4_8.1.ppc"
},
"product_reference": "ntp-debuginfo-0:4.2.0.a.20040617-8.el4_8.1.ppc",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-debuginfo-0:4.2.0.a.20040617-8.el4_8.1.s390 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:ntp-debuginfo-0:4.2.0.a.20040617-8.el4_8.1.s390"
},
"product_reference": "ntp-debuginfo-0:4.2.0.a.20040617-8.el4_8.1.s390",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-debuginfo-0:4.2.0.a.20040617-8.el4_8.1.s390x as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:ntp-debuginfo-0:4.2.0.a.20040617-8.el4_8.1.s390x"
},
"product_reference": "ntp-debuginfo-0:4.2.0.a.20040617-8.el4_8.1.s390x",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-debuginfo-0:4.2.0.a.20040617-8.el4_8.1.x86_64 as a component of Red Hat Enterprise Linux ES version 4",
"product_id": "4ES:ntp-debuginfo-0:4.2.0.a.20040617-8.el4_8.1.x86_64"
},
"product_reference": "ntp-debuginfo-0:4.2.0.a.20040617-8.el4_8.1.x86_64",
"relates_to_product_reference": "4ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-0:4.2.0.a.20040617-8.el4_8.1.i386 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:ntp-0:4.2.0.a.20040617-8.el4_8.1.i386"
},
"product_reference": "ntp-0:4.2.0.a.20040617-8.el4_8.1.i386",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-0:4.2.0.a.20040617-8.el4_8.1.ia64 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:ntp-0:4.2.0.a.20040617-8.el4_8.1.ia64"
},
"product_reference": "ntp-0:4.2.0.a.20040617-8.el4_8.1.ia64",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-0:4.2.0.a.20040617-8.el4_8.1.ppc as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:ntp-0:4.2.0.a.20040617-8.el4_8.1.ppc"
},
"product_reference": "ntp-0:4.2.0.a.20040617-8.el4_8.1.ppc",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-0:4.2.0.a.20040617-8.el4_8.1.s390 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:ntp-0:4.2.0.a.20040617-8.el4_8.1.s390"
},
"product_reference": "ntp-0:4.2.0.a.20040617-8.el4_8.1.s390",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-0:4.2.0.a.20040617-8.el4_8.1.s390x as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:ntp-0:4.2.0.a.20040617-8.el4_8.1.s390x"
},
"product_reference": "ntp-0:4.2.0.a.20040617-8.el4_8.1.s390x",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-0:4.2.0.a.20040617-8.el4_8.1.src as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:ntp-0:4.2.0.a.20040617-8.el4_8.1.src"
},
"product_reference": "ntp-0:4.2.0.a.20040617-8.el4_8.1.src",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-0:4.2.0.a.20040617-8.el4_8.1.x86_64 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:ntp-0:4.2.0.a.20040617-8.el4_8.1.x86_64"
},
"product_reference": "ntp-0:4.2.0.a.20040617-8.el4_8.1.x86_64",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-debuginfo-0:4.2.0.a.20040617-8.el4_8.1.i386 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:ntp-debuginfo-0:4.2.0.a.20040617-8.el4_8.1.i386"
},
"product_reference": "ntp-debuginfo-0:4.2.0.a.20040617-8.el4_8.1.i386",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-debuginfo-0:4.2.0.a.20040617-8.el4_8.1.ia64 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:ntp-debuginfo-0:4.2.0.a.20040617-8.el4_8.1.ia64"
},
"product_reference": "ntp-debuginfo-0:4.2.0.a.20040617-8.el4_8.1.ia64",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-debuginfo-0:4.2.0.a.20040617-8.el4_8.1.ppc as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:ntp-debuginfo-0:4.2.0.a.20040617-8.el4_8.1.ppc"
},
"product_reference": "ntp-debuginfo-0:4.2.0.a.20040617-8.el4_8.1.ppc",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-debuginfo-0:4.2.0.a.20040617-8.el4_8.1.s390 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:ntp-debuginfo-0:4.2.0.a.20040617-8.el4_8.1.s390"
},
"product_reference": "ntp-debuginfo-0:4.2.0.a.20040617-8.el4_8.1.s390",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-debuginfo-0:4.2.0.a.20040617-8.el4_8.1.s390x as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:ntp-debuginfo-0:4.2.0.a.20040617-8.el4_8.1.s390x"
},
"product_reference": "ntp-debuginfo-0:4.2.0.a.20040617-8.el4_8.1.s390x",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-debuginfo-0:4.2.0.a.20040617-8.el4_8.1.x86_64 as a component of Red Hat Enterprise Linux WS version 4",
"product_id": "4WS:ntp-debuginfo-0:4.2.0.a.20040617-8.el4_8.1.x86_64"
},
"product_reference": "ntp-debuginfo-0:4.2.0.a.20040617-8.el4_8.1.x86_64",
"relates_to_product_reference": "4WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-0:4.2.2p1-9.el5_4.1.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:ntp-0:4.2.2p1-9.el5_4.1.i386"
},
"product_reference": "ntp-0:4.2.2p1-9.el5_4.1.i386",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-0:4.2.2p1-9.el5_4.1.ia64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:ntp-0:4.2.2p1-9.el5_4.1.ia64"
},
"product_reference": "ntp-0:4.2.2p1-9.el5_4.1.ia64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-0:4.2.2p1-9.el5_4.1.ppc as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:ntp-0:4.2.2p1-9.el5_4.1.ppc"
},
"product_reference": "ntp-0:4.2.2p1-9.el5_4.1.ppc",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-0:4.2.2p1-9.el5_4.1.s390x as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:ntp-0:4.2.2p1-9.el5_4.1.s390x"
},
"product_reference": "ntp-0:4.2.2p1-9.el5_4.1.s390x",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-0:4.2.2p1-9.el5_4.1.src as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:ntp-0:4.2.2p1-9.el5_4.1.src"
},
"product_reference": "ntp-0:4.2.2p1-9.el5_4.1.src",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-0:4.2.2p1-9.el5_4.1.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:ntp-0:4.2.2p1-9.el5_4.1.x86_64"
},
"product_reference": "ntp-0:4.2.2p1-9.el5_4.1.x86_64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-debuginfo-0:4.2.2p1-9.el5_4.1.i386 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:ntp-debuginfo-0:4.2.2p1-9.el5_4.1.i386"
},
"product_reference": "ntp-debuginfo-0:4.2.2p1-9.el5_4.1.i386",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-debuginfo-0:4.2.2p1-9.el5_4.1.ia64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:ntp-debuginfo-0:4.2.2p1-9.el5_4.1.ia64"
},
"product_reference": "ntp-debuginfo-0:4.2.2p1-9.el5_4.1.ia64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-debuginfo-0:4.2.2p1-9.el5_4.1.ppc as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:ntp-debuginfo-0:4.2.2p1-9.el5_4.1.ppc"
},
"product_reference": "ntp-debuginfo-0:4.2.2p1-9.el5_4.1.ppc",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-debuginfo-0:4.2.2p1-9.el5_4.1.s390x as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:ntp-debuginfo-0:4.2.2p1-9.el5_4.1.s390x"
},
"product_reference": "ntp-debuginfo-0:4.2.2p1-9.el5_4.1.s390x",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-debuginfo-0:4.2.2p1-9.el5_4.1.x86_64 as a component of Red Hat Enterprise Linux Desktop (v. 5 client)",
"product_id": "5Client:ntp-debuginfo-0:4.2.2p1-9.el5_4.1.x86_64"
},
"product_reference": "ntp-debuginfo-0:4.2.2p1-9.el5_4.1.x86_64",
"relates_to_product_reference": "5Client"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-0:4.2.2p1-9.el5_4.1.i386 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:ntp-0:4.2.2p1-9.el5_4.1.i386"
},
"product_reference": "ntp-0:4.2.2p1-9.el5_4.1.i386",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-0:4.2.2p1-9.el5_4.1.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:ntp-0:4.2.2p1-9.el5_4.1.ia64"
},
"product_reference": "ntp-0:4.2.2p1-9.el5_4.1.ia64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-0:4.2.2p1-9.el5_4.1.ppc as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:ntp-0:4.2.2p1-9.el5_4.1.ppc"
},
"product_reference": "ntp-0:4.2.2p1-9.el5_4.1.ppc",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-0:4.2.2p1-9.el5_4.1.s390x as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:ntp-0:4.2.2p1-9.el5_4.1.s390x"
},
"product_reference": "ntp-0:4.2.2p1-9.el5_4.1.s390x",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-0:4.2.2p1-9.el5_4.1.src as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:ntp-0:4.2.2p1-9.el5_4.1.src"
},
"product_reference": "ntp-0:4.2.2p1-9.el5_4.1.src",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-0:4.2.2p1-9.el5_4.1.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:ntp-0:4.2.2p1-9.el5_4.1.x86_64"
},
"product_reference": "ntp-0:4.2.2p1-9.el5_4.1.x86_64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-debuginfo-0:4.2.2p1-9.el5_4.1.i386 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:ntp-debuginfo-0:4.2.2p1-9.el5_4.1.i386"
},
"product_reference": "ntp-debuginfo-0:4.2.2p1-9.el5_4.1.i386",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-debuginfo-0:4.2.2p1-9.el5_4.1.ia64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:ntp-debuginfo-0:4.2.2p1-9.el5_4.1.ia64"
},
"product_reference": "ntp-debuginfo-0:4.2.2p1-9.el5_4.1.ia64",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-debuginfo-0:4.2.2p1-9.el5_4.1.ppc as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:ntp-debuginfo-0:4.2.2p1-9.el5_4.1.ppc"
},
"product_reference": "ntp-debuginfo-0:4.2.2p1-9.el5_4.1.ppc",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-debuginfo-0:4.2.2p1-9.el5_4.1.s390x as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:ntp-debuginfo-0:4.2.2p1-9.el5_4.1.s390x"
},
"product_reference": "ntp-debuginfo-0:4.2.2p1-9.el5_4.1.s390x",
"relates_to_product_reference": "5Server"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-debuginfo-0:4.2.2p1-9.el5_4.1.x86_64 as a component of Red Hat Enterprise Linux (v. 5 server)",
"product_id": "5Server:ntp-debuginfo-0:4.2.2p1-9.el5_4.1.x86_64"
},
"product_reference": "ntp-debuginfo-0:4.2.2p1-9.el5_4.1.x86_64",
"relates_to_product_reference": "5Server"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2009-3563",
"discovery_date": "2009-10-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "531213"
}
],
"notes": [
{
"category": "description",
"text": "ntp_request.c in ntpd in NTP before 4.2.4p8, and 4.2.5, allows remote attackers to cause a denial of service (CPU and bandwidth consumption) by using MODE_PRIVATE to send a spoofed (1) request or (2) response packet that triggers a continuous exchange of MODE_PRIVATE error responses between two NTP daemons.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "ntpd: DoS with mode 7 packets (VU#568372)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"4AS:ntp-0:4.2.0.a.20040617-8.el4_8.1.i386",
"4AS:ntp-0:4.2.0.a.20040617-8.el4_8.1.ia64",
"4AS:ntp-0:4.2.0.a.20040617-8.el4_8.1.ppc",
"4AS:ntp-0:4.2.0.a.20040617-8.el4_8.1.s390",
"4AS:ntp-0:4.2.0.a.20040617-8.el4_8.1.s390x",
"4AS:ntp-0:4.2.0.a.20040617-8.el4_8.1.src",
"4AS:ntp-0:4.2.0.a.20040617-8.el4_8.1.x86_64",
"4AS:ntp-debuginfo-0:4.2.0.a.20040617-8.el4_8.1.i386",
"4AS:ntp-debuginfo-0:4.2.0.a.20040617-8.el4_8.1.ia64",
"4AS:ntp-debuginfo-0:4.2.0.a.20040617-8.el4_8.1.ppc",
"4AS:ntp-debuginfo-0:4.2.0.a.20040617-8.el4_8.1.s390",
"4AS:ntp-debuginfo-0:4.2.0.a.20040617-8.el4_8.1.s390x",
"4AS:ntp-debuginfo-0:4.2.0.a.20040617-8.el4_8.1.x86_64",
"4Desktop:ntp-0:4.2.0.a.20040617-8.el4_8.1.i386",
"4Desktop:ntp-0:4.2.0.a.20040617-8.el4_8.1.ia64",
"4Desktop:ntp-0:4.2.0.a.20040617-8.el4_8.1.ppc",
"4Desktop:ntp-0:4.2.0.a.20040617-8.el4_8.1.s390",
"4Desktop:ntp-0:4.2.0.a.20040617-8.el4_8.1.s390x",
"4Desktop:ntp-0:4.2.0.a.20040617-8.el4_8.1.src",
"4Desktop:ntp-0:4.2.0.a.20040617-8.el4_8.1.x86_64",
"4Desktop:ntp-debuginfo-0:4.2.0.a.20040617-8.el4_8.1.i386",
"4Desktop:ntp-debuginfo-0:4.2.0.a.20040617-8.el4_8.1.ia64",
"4Desktop:ntp-debuginfo-0:4.2.0.a.20040617-8.el4_8.1.ppc",
"4Desktop:ntp-debuginfo-0:4.2.0.a.20040617-8.el4_8.1.s390",
"4Desktop:ntp-debuginfo-0:4.2.0.a.20040617-8.el4_8.1.s390x",
"4Desktop:ntp-debuginfo-0:4.2.0.a.20040617-8.el4_8.1.x86_64",
"4ES:ntp-0:4.2.0.a.20040617-8.el4_8.1.i386",
"4ES:ntp-0:4.2.0.a.20040617-8.el4_8.1.ia64",
"4ES:ntp-0:4.2.0.a.20040617-8.el4_8.1.ppc",
"4ES:ntp-0:4.2.0.a.20040617-8.el4_8.1.s390",
"4ES:ntp-0:4.2.0.a.20040617-8.el4_8.1.s390x",
"4ES:ntp-0:4.2.0.a.20040617-8.el4_8.1.src",
"4ES:ntp-0:4.2.0.a.20040617-8.el4_8.1.x86_64",
"4ES:ntp-debuginfo-0:4.2.0.a.20040617-8.el4_8.1.i386",
"4ES:ntp-debuginfo-0:4.2.0.a.20040617-8.el4_8.1.ia64",
"4ES:ntp-debuginfo-0:4.2.0.a.20040617-8.el4_8.1.ppc",
"4ES:ntp-debuginfo-0:4.2.0.a.20040617-8.el4_8.1.s390",
"4ES:ntp-debuginfo-0:4.2.0.a.20040617-8.el4_8.1.s390x",
"4ES:ntp-debuginfo-0:4.2.0.a.20040617-8.el4_8.1.x86_64",
"4WS:ntp-0:4.2.0.a.20040617-8.el4_8.1.i386",
"4WS:ntp-0:4.2.0.a.20040617-8.el4_8.1.ia64",
"4WS:ntp-0:4.2.0.a.20040617-8.el4_8.1.ppc",
"4WS:ntp-0:4.2.0.a.20040617-8.el4_8.1.s390",
"4WS:ntp-0:4.2.0.a.20040617-8.el4_8.1.s390x",
"4WS:ntp-0:4.2.0.a.20040617-8.el4_8.1.src",
"4WS:ntp-0:4.2.0.a.20040617-8.el4_8.1.x86_64",
"4WS:ntp-debuginfo-0:4.2.0.a.20040617-8.el4_8.1.i386",
"4WS:ntp-debuginfo-0:4.2.0.a.20040617-8.el4_8.1.ia64",
"4WS:ntp-debuginfo-0:4.2.0.a.20040617-8.el4_8.1.ppc",
"4WS:ntp-debuginfo-0:4.2.0.a.20040617-8.el4_8.1.s390",
"4WS:ntp-debuginfo-0:4.2.0.a.20040617-8.el4_8.1.s390x",
"4WS:ntp-debuginfo-0:4.2.0.a.20040617-8.el4_8.1.x86_64",
"5Client:ntp-0:4.2.2p1-9.el5_4.1.i386",
"5Client:ntp-0:4.2.2p1-9.el5_4.1.ia64",
"5Client:ntp-0:4.2.2p1-9.el5_4.1.ppc",
"5Client:ntp-0:4.2.2p1-9.el5_4.1.s390x",
"5Client:ntp-0:4.2.2p1-9.el5_4.1.src",
"5Client:ntp-0:4.2.2p1-9.el5_4.1.x86_64",
"5Client:ntp-debuginfo-0:4.2.2p1-9.el5_4.1.i386",
"5Client:ntp-debuginfo-0:4.2.2p1-9.el5_4.1.ia64",
"5Client:ntp-debuginfo-0:4.2.2p1-9.el5_4.1.ppc",
"5Client:ntp-debuginfo-0:4.2.2p1-9.el5_4.1.s390x",
"5Client:ntp-debuginfo-0:4.2.2p1-9.el5_4.1.x86_64",
"5Server:ntp-0:4.2.2p1-9.el5_4.1.i386",
"5Server:ntp-0:4.2.2p1-9.el5_4.1.ia64",
"5Server:ntp-0:4.2.2p1-9.el5_4.1.ppc",
"5Server:ntp-0:4.2.2p1-9.el5_4.1.s390x",
"5Server:ntp-0:4.2.2p1-9.el5_4.1.src",
"5Server:ntp-0:4.2.2p1-9.el5_4.1.x86_64",
"5Server:ntp-debuginfo-0:4.2.2p1-9.el5_4.1.i386",
"5Server:ntp-debuginfo-0:4.2.2p1-9.el5_4.1.ia64",
"5Server:ntp-debuginfo-0:4.2.2p1-9.el5_4.1.ppc",
"5Server:ntp-debuginfo-0:4.2.2p1-9.el5_4.1.s390x",
"5Server:ntp-debuginfo-0:4.2.2p1-9.el5_4.1.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2009-3563"
},
{
"category": "external",
"summary": "RHBZ#531213",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=531213"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2009-3563",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-3563"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-3563",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2009-3563"
}
],
"release_date": "2009-12-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2009-12-08T19:29:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"4AS:ntp-0:4.2.0.a.20040617-8.el4_8.1.i386",
"4AS:ntp-0:4.2.0.a.20040617-8.el4_8.1.ia64",
"4AS:ntp-0:4.2.0.a.20040617-8.el4_8.1.ppc",
"4AS:ntp-0:4.2.0.a.20040617-8.el4_8.1.s390",
"4AS:ntp-0:4.2.0.a.20040617-8.el4_8.1.s390x",
"4AS:ntp-0:4.2.0.a.20040617-8.el4_8.1.src",
"4AS:ntp-0:4.2.0.a.20040617-8.el4_8.1.x86_64",
"4AS:ntp-debuginfo-0:4.2.0.a.20040617-8.el4_8.1.i386",
"4AS:ntp-debuginfo-0:4.2.0.a.20040617-8.el4_8.1.ia64",
"4AS:ntp-debuginfo-0:4.2.0.a.20040617-8.el4_8.1.ppc",
"4AS:ntp-debuginfo-0:4.2.0.a.20040617-8.el4_8.1.s390",
"4AS:ntp-debuginfo-0:4.2.0.a.20040617-8.el4_8.1.s390x",
"4AS:ntp-debuginfo-0:4.2.0.a.20040617-8.el4_8.1.x86_64",
"4Desktop:ntp-0:4.2.0.a.20040617-8.el4_8.1.i386",
"4Desktop:ntp-0:4.2.0.a.20040617-8.el4_8.1.ia64",
"4Desktop:ntp-0:4.2.0.a.20040617-8.el4_8.1.ppc",
"4Desktop:ntp-0:4.2.0.a.20040617-8.el4_8.1.s390",
"4Desktop:ntp-0:4.2.0.a.20040617-8.el4_8.1.s390x",
"4Desktop:ntp-0:4.2.0.a.20040617-8.el4_8.1.src",
"4Desktop:ntp-0:4.2.0.a.20040617-8.el4_8.1.x86_64",
"4Desktop:ntp-debuginfo-0:4.2.0.a.20040617-8.el4_8.1.i386",
"4Desktop:ntp-debuginfo-0:4.2.0.a.20040617-8.el4_8.1.ia64",
"4Desktop:ntp-debuginfo-0:4.2.0.a.20040617-8.el4_8.1.ppc",
"4Desktop:ntp-debuginfo-0:4.2.0.a.20040617-8.el4_8.1.s390",
"4Desktop:ntp-debuginfo-0:4.2.0.a.20040617-8.el4_8.1.s390x",
"4Desktop:ntp-debuginfo-0:4.2.0.a.20040617-8.el4_8.1.x86_64",
"4ES:ntp-0:4.2.0.a.20040617-8.el4_8.1.i386",
"4ES:ntp-0:4.2.0.a.20040617-8.el4_8.1.ia64",
"4ES:ntp-0:4.2.0.a.20040617-8.el4_8.1.ppc",
"4ES:ntp-0:4.2.0.a.20040617-8.el4_8.1.s390",
"4ES:ntp-0:4.2.0.a.20040617-8.el4_8.1.s390x",
"4ES:ntp-0:4.2.0.a.20040617-8.el4_8.1.src",
"4ES:ntp-0:4.2.0.a.20040617-8.el4_8.1.x86_64",
"4ES:ntp-debuginfo-0:4.2.0.a.20040617-8.el4_8.1.i386",
"4ES:ntp-debuginfo-0:4.2.0.a.20040617-8.el4_8.1.ia64",
"4ES:ntp-debuginfo-0:4.2.0.a.20040617-8.el4_8.1.ppc",
"4ES:ntp-debuginfo-0:4.2.0.a.20040617-8.el4_8.1.s390",
"4ES:ntp-debuginfo-0:4.2.0.a.20040617-8.el4_8.1.s390x",
"4ES:ntp-debuginfo-0:4.2.0.a.20040617-8.el4_8.1.x86_64",
"4WS:ntp-0:4.2.0.a.20040617-8.el4_8.1.i386",
"4WS:ntp-0:4.2.0.a.20040617-8.el4_8.1.ia64",
"4WS:ntp-0:4.2.0.a.20040617-8.el4_8.1.ppc",
"4WS:ntp-0:4.2.0.a.20040617-8.el4_8.1.s390",
"4WS:ntp-0:4.2.0.a.20040617-8.el4_8.1.s390x",
"4WS:ntp-0:4.2.0.a.20040617-8.el4_8.1.src",
"4WS:ntp-0:4.2.0.a.20040617-8.el4_8.1.x86_64",
"4WS:ntp-debuginfo-0:4.2.0.a.20040617-8.el4_8.1.i386",
"4WS:ntp-debuginfo-0:4.2.0.a.20040617-8.el4_8.1.ia64",
"4WS:ntp-debuginfo-0:4.2.0.a.20040617-8.el4_8.1.ppc",
"4WS:ntp-debuginfo-0:4.2.0.a.20040617-8.el4_8.1.s390",
"4WS:ntp-debuginfo-0:4.2.0.a.20040617-8.el4_8.1.s390x",
"4WS:ntp-debuginfo-0:4.2.0.a.20040617-8.el4_8.1.x86_64",
"5Client:ntp-0:4.2.2p1-9.el5_4.1.i386",
"5Client:ntp-0:4.2.2p1-9.el5_4.1.ia64",
"5Client:ntp-0:4.2.2p1-9.el5_4.1.ppc",
"5Client:ntp-0:4.2.2p1-9.el5_4.1.s390x",
"5Client:ntp-0:4.2.2p1-9.el5_4.1.src",
"5Client:ntp-0:4.2.2p1-9.el5_4.1.x86_64",
"5Client:ntp-debuginfo-0:4.2.2p1-9.el5_4.1.i386",
"5Client:ntp-debuginfo-0:4.2.2p1-9.el5_4.1.ia64",
"5Client:ntp-debuginfo-0:4.2.2p1-9.el5_4.1.ppc",
"5Client:ntp-debuginfo-0:4.2.2p1-9.el5_4.1.s390x",
"5Client:ntp-debuginfo-0:4.2.2p1-9.el5_4.1.x86_64",
"5Server:ntp-0:4.2.2p1-9.el5_4.1.i386",
"5Server:ntp-0:4.2.2p1-9.el5_4.1.ia64",
"5Server:ntp-0:4.2.2p1-9.el5_4.1.ppc",
"5Server:ntp-0:4.2.2p1-9.el5_4.1.s390x",
"5Server:ntp-0:4.2.2p1-9.el5_4.1.src",
"5Server:ntp-0:4.2.2p1-9.el5_4.1.x86_64",
"5Server:ntp-debuginfo-0:4.2.2p1-9.el5_4.1.i386",
"5Server:ntp-debuginfo-0:4.2.2p1-9.el5_4.1.ia64",
"5Server:ntp-debuginfo-0:4.2.2p1-9.el5_4.1.ppc",
"5Server:ntp-debuginfo-0:4.2.2p1-9.el5_4.1.s390x",
"5Server:ntp-debuginfo-0:4.2.2p1-9.el5_4.1.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2009:1648"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"products": [
"4AS:ntp-0:4.2.0.a.20040617-8.el4_8.1.i386",
"4AS:ntp-0:4.2.0.a.20040617-8.el4_8.1.ia64",
"4AS:ntp-0:4.2.0.a.20040617-8.el4_8.1.ppc",
"4AS:ntp-0:4.2.0.a.20040617-8.el4_8.1.s390",
"4AS:ntp-0:4.2.0.a.20040617-8.el4_8.1.s390x",
"4AS:ntp-0:4.2.0.a.20040617-8.el4_8.1.src",
"4AS:ntp-0:4.2.0.a.20040617-8.el4_8.1.x86_64",
"4AS:ntp-debuginfo-0:4.2.0.a.20040617-8.el4_8.1.i386",
"4AS:ntp-debuginfo-0:4.2.0.a.20040617-8.el4_8.1.ia64",
"4AS:ntp-debuginfo-0:4.2.0.a.20040617-8.el4_8.1.ppc",
"4AS:ntp-debuginfo-0:4.2.0.a.20040617-8.el4_8.1.s390",
"4AS:ntp-debuginfo-0:4.2.0.a.20040617-8.el4_8.1.s390x",
"4AS:ntp-debuginfo-0:4.2.0.a.20040617-8.el4_8.1.x86_64",
"4Desktop:ntp-0:4.2.0.a.20040617-8.el4_8.1.i386",
"4Desktop:ntp-0:4.2.0.a.20040617-8.el4_8.1.ia64",
"4Desktop:ntp-0:4.2.0.a.20040617-8.el4_8.1.ppc",
"4Desktop:ntp-0:4.2.0.a.20040617-8.el4_8.1.s390",
"4Desktop:ntp-0:4.2.0.a.20040617-8.el4_8.1.s390x",
"4Desktop:ntp-0:4.2.0.a.20040617-8.el4_8.1.src",
"4Desktop:ntp-0:4.2.0.a.20040617-8.el4_8.1.x86_64",
"4Desktop:ntp-debuginfo-0:4.2.0.a.20040617-8.el4_8.1.i386",
"4Desktop:ntp-debuginfo-0:4.2.0.a.20040617-8.el4_8.1.ia64",
"4Desktop:ntp-debuginfo-0:4.2.0.a.20040617-8.el4_8.1.ppc",
"4Desktop:ntp-debuginfo-0:4.2.0.a.20040617-8.el4_8.1.s390",
"4Desktop:ntp-debuginfo-0:4.2.0.a.20040617-8.el4_8.1.s390x",
"4Desktop:ntp-debuginfo-0:4.2.0.a.20040617-8.el4_8.1.x86_64",
"4ES:ntp-0:4.2.0.a.20040617-8.el4_8.1.i386",
"4ES:ntp-0:4.2.0.a.20040617-8.el4_8.1.ia64",
"4ES:ntp-0:4.2.0.a.20040617-8.el4_8.1.ppc",
"4ES:ntp-0:4.2.0.a.20040617-8.el4_8.1.s390",
"4ES:ntp-0:4.2.0.a.20040617-8.el4_8.1.s390x",
"4ES:ntp-0:4.2.0.a.20040617-8.el4_8.1.src",
"4ES:ntp-0:4.2.0.a.20040617-8.el4_8.1.x86_64",
"4ES:ntp-debuginfo-0:4.2.0.a.20040617-8.el4_8.1.i386",
"4ES:ntp-debuginfo-0:4.2.0.a.20040617-8.el4_8.1.ia64",
"4ES:ntp-debuginfo-0:4.2.0.a.20040617-8.el4_8.1.ppc",
"4ES:ntp-debuginfo-0:4.2.0.a.20040617-8.el4_8.1.s390",
"4ES:ntp-debuginfo-0:4.2.0.a.20040617-8.el4_8.1.s390x",
"4ES:ntp-debuginfo-0:4.2.0.a.20040617-8.el4_8.1.x86_64",
"4WS:ntp-0:4.2.0.a.20040617-8.el4_8.1.i386",
"4WS:ntp-0:4.2.0.a.20040617-8.el4_8.1.ia64",
"4WS:ntp-0:4.2.0.a.20040617-8.el4_8.1.ppc",
"4WS:ntp-0:4.2.0.a.20040617-8.el4_8.1.s390",
"4WS:ntp-0:4.2.0.a.20040617-8.el4_8.1.s390x",
"4WS:ntp-0:4.2.0.a.20040617-8.el4_8.1.src",
"4WS:ntp-0:4.2.0.a.20040617-8.el4_8.1.x86_64",
"4WS:ntp-debuginfo-0:4.2.0.a.20040617-8.el4_8.1.i386",
"4WS:ntp-debuginfo-0:4.2.0.a.20040617-8.el4_8.1.ia64",
"4WS:ntp-debuginfo-0:4.2.0.a.20040617-8.el4_8.1.ppc",
"4WS:ntp-debuginfo-0:4.2.0.a.20040617-8.el4_8.1.s390",
"4WS:ntp-debuginfo-0:4.2.0.a.20040617-8.el4_8.1.s390x",
"4WS:ntp-debuginfo-0:4.2.0.a.20040617-8.el4_8.1.x86_64",
"5Client:ntp-0:4.2.2p1-9.el5_4.1.i386",
"5Client:ntp-0:4.2.2p1-9.el5_4.1.ia64",
"5Client:ntp-0:4.2.2p1-9.el5_4.1.ppc",
"5Client:ntp-0:4.2.2p1-9.el5_4.1.s390x",
"5Client:ntp-0:4.2.2p1-9.el5_4.1.src",
"5Client:ntp-0:4.2.2p1-9.el5_4.1.x86_64",
"5Client:ntp-debuginfo-0:4.2.2p1-9.el5_4.1.i386",
"5Client:ntp-debuginfo-0:4.2.2p1-9.el5_4.1.ia64",
"5Client:ntp-debuginfo-0:4.2.2p1-9.el5_4.1.ppc",
"5Client:ntp-debuginfo-0:4.2.2p1-9.el5_4.1.s390x",
"5Client:ntp-debuginfo-0:4.2.2p1-9.el5_4.1.x86_64",
"5Server:ntp-0:4.2.2p1-9.el5_4.1.i386",
"5Server:ntp-0:4.2.2p1-9.el5_4.1.ia64",
"5Server:ntp-0:4.2.2p1-9.el5_4.1.ppc",
"5Server:ntp-0:4.2.2p1-9.el5_4.1.s390x",
"5Server:ntp-0:4.2.2p1-9.el5_4.1.src",
"5Server:ntp-0:4.2.2p1-9.el5_4.1.x86_64",
"5Server:ntp-debuginfo-0:4.2.2p1-9.el5_4.1.i386",
"5Server:ntp-debuginfo-0:4.2.2p1-9.el5_4.1.ia64",
"5Server:ntp-debuginfo-0:4.2.2p1-9.el5_4.1.ppc",
"5Server:ntp-debuginfo-0:4.2.2p1-9.el5_4.1.s390x",
"5Server:ntp-debuginfo-0:4.2.2p1-9.el5_4.1.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "ntpd: DoS with mode 7 packets (VU#568372)"
}
]
}
RHSA-2009:1651
Vulnerability from csaf_redhat - Published: 2009-12-08 19:42 - Updated: 2025-11-21 17:35Summary
Red Hat Security Advisory: ntp security update
Severity
Moderate
Notes
Topic: An updated ntp package that fixes two security issues is now available for
Red Hat Enterprise Linux 3.
This update has been rated as having moderate security impact by the Red
Hat Security Response Team.
Details: The Network Time Protocol (NTP) is used to synchronize a computer's time
with a referenced time source.
Robin Park and Dmitri Vinokurov discovered a flaw in the way ntpd handled
certain malformed NTP packets. ntpd logged information about all such
packets and replied with an NTP packet that was treated as malformed when
received by another ntpd. A remote attacker could use this flaw to create
an NTP packet reply loop between two ntpd servers via a malformed packet
with a spoofed source IP address and port, causing ntpd on those servers to
use excessive amounts of CPU time and fill disk space with log messages.
(CVE-2009-3563)
A buffer overflow flaw was found in the ntpq diagnostic command. A
malicious, remote server could send a specially-crafted reply to an ntpq
request that could crash ntpq or, potentially, execute arbitrary code with
the privileges of the user running the ntpq command. (CVE-2009-0159)
All ntp users are advised to upgrade to this updated package, which
contains backported patches to resolve these issues. After installing the
update, the ntpd daemon will restart automatically.
Terms of Use: This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.
Stack-based buffer overflow in the cookedprint function in ntpq/ntpq.c in ntpq in NTP before 4.2.4p7-RC2 allows remote NTP servers to execute arbitrary code via a crafted response.
5.1 ()
Vendor Fix
Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.
This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/docs/DOC-11259
https://access.redhat.com/errata/RHSA-2009:1651
ntp_request.c in ntpd in NTP before 4.2.4p8, and 4.2.5, allows remote attackers to cause a denial of service (CPU and bandwidth consumption) by using MODE_PRIVATE to send a spoofed (1) request or (2) response packet that triggers a continuous exchange of MODE_PRIVATE error responses between two NTP daemons.
5.0 ()
Vendor Fix
Before applying this update, make sure that all previously-released
errata relevant to your system have been applied.
This update is available via Red Hat Network. Details on how to use
the Red Hat Network to apply this update are available at
http://kbase.redhat.com/faq/docs/DOC-11259
https://access.redhat.com/errata/RHSA-2009:1651
References
| URL | Category | ||||||||||||||||||||||||||||||||||||||||
|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|---|
|
|||||||||||||||||||||||||||||||||||||||||
{
"document": {
"aggregate_severity": {
"namespace": "https://access.redhat.com/security/updates/classification/",
"text": "Moderate"
},
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"text": "Copyright \u00a9 Red Hat, Inc. All rights reserved.",
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en",
"notes": [
{
"category": "summary",
"text": "An updated ntp package that fixes two security issues is now available for\nRed Hat Enterprise Linux 3.\n\nThis update has been rated as having moderate security impact by the Red\nHat Security Response Team.",
"title": "Topic"
},
{
"category": "general",
"text": "The Network Time Protocol (NTP) is used to synchronize a computer\u0027s time\nwith a referenced time source.\n\nRobin Park and Dmitri Vinokurov discovered a flaw in the way ntpd handled\ncertain malformed NTP packets. ntpd logged information about all such\npackets and replied with an NTP packet that was treated as malformed when\nreceived by another ntpd. A remote attacker could use this flaw to create\nan NTP packet reply loop between two ntpd servers via a malformed packet\nwith a spoofed source IP address and port, causing ntpd on those servers to\nuse excessive amounts of CPU time and fill disk space with log messages.\n(CVE-2009-3563)\n\nA buffer overflow flaw was found in the ntpq diagnostic command. A\nmalicious, remote server could send a specially-crafted reply to an ntpq\nrequest that could crash ntpq or, potentially, execute arbitrary code with\nthe privileges of the user running the ntpq command. (CVE-2009-0159)\n\nAll ntp users are advised to upgrade to this updated package, which\ncontains backported patches to resolve these issues. After installing the\nupdate, the ntpd daemon will restart automatically.",
"title": "Details"
},
{
"category": "legal_disclaimer",
"text": "This content is licensed under the Creative Commons Attribution 4.0 International License (https://creativecommons.org/licenses/by/4.0/). If you distribute this content, or a modified version of it, you must provide attribution to Red Hat Inc. and provide a link to the original.",
"title": "Terms of Use"
}
],
"publisher": {
"category": "vendor",
"contact_details": "https://access.redhat.com/security/team/contact/",
"issuing_authority": "Red Hat Product Security is responsible for vulnerability handling across all Red Hat products and services.",
"name": "Red Hat Product Security",
"namespace": "https://www.redhat.com"
},
"references": [
{
"category": "self",
"summary": "https://access.redhat.com/errata/RHSA-2009:1651",
"url": "https://access.redhat.com/errata/RHSA-2009:1651"
},
{
"category": "external",
"summary": "https://access.redhat.com/security/updates/classification/#moderate",
"url": "https://access.redhat.com/security/updates/classification/#moderate"
},
{
"category": "external",
"summary": "490617",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=490617"
},
{
"category": "external",
"summary": "531213",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=531213"
},
{
"category": "self",
"summary": "Canonical URL",
"url": "https://security.access.redhat.com/data/csaf/v2/advisories/2009/rhsa-2009_1651.json"
}
],
"title": "Red Hat Security Advisory: ntp security update",
"tracking": {
"current_release_date": "2025-11-21T17:35:36+00:00",
"generator": {
"date": "2025-11-21T17:35:36+00:00",
"engine": {
"name": "Red Hat SDEngine",
"version": "4.6.12"
}
},
"id": "RHSA-2009:1651",
"initial_release_date": "2009-12-08T19:42:00+00:00",
"revision_history": [
{
"date": "2009-12-08T19:42:00+00:00",
"number": "1",
"summary": "Initial version"
},
{
"date": "2009-12-08T14:50:43+00:00",
"number": "2",
"summary": "Last updated version"
},
{
"date": "2025-11-21T17:35:36+00:00",
"number": "3",
"summary": "Last generated version"
}
],
"status": "final",
"version": "3"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_name",
"name": "Red Hat Enterprise Linux AS version 3",
"product": {
"name": "Red Hat Enterprise Linux AS version 3",
"product_id": "3AS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:3::as"
}
}
},
{
"category": "product_name",
"name": "Red Hat Desktop version 3",
"product": {
"name": "Red Hat Desktop version 3",
"product_id": "3Desktop",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:3::desktop"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux ES version 3",
"product": {
"name": "Red Hat Enterprise Linux ES version 3",
"product_id": "3ES",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:3::es"
}
}
},
{
"category": "product_name",
"name": "Red Hat Enterprise Linux WS version 3",
"product": {
"name": "Red Hat Enterprise Linux WS version 3",
"product_id": "3WS",
"product_identification_helper": {
"cpe": "cpe:/o:redhat:enterprise_linux:3::ws"
}
}
}
],
"category": "product_family",
"name": "Red Hat Enterprise Linux"
},
{
"branches": [
{
"category": "product_version",
"name": "ntp-debuginfo-0:4.1.2-6.el3.ia64",
"product": {
"name": "ntp-debuginfo-0:4.1.2-6.el3.ia64",
"product_id": "ntp-debuginfo-0:4.1.2-6.el3.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ntp-debuginfo@4.1.2-6.el3?arch=ia64"
}
}
},
{
"category": "product_version",
"name": "ntp-0:4.1.2-6.el3.ia64",
"product": {
"name": "ntp-0:4.1.2-6.el3.ia64",
"product_id": "ntp-0:4.1.2-6.el3.ia64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ntp@4.1.2-6.el3?arch=ia64"
}
}
}
],
"category": "architecture",
"name": "ia64"
},
{
"branches": [
{
"category": "product_version",
"name": "ntp-debuginfo-0:4.1.2-6.el3.x86_64",
"product": {
"name": "ntp-debuginfo-0:4.1.2-6.el3.x86_64",
"product_id": "ntp-debuginfo-0:4.1.2-6.el3.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ntp-debuginfo@4.1.2-6.el3?arch=x86_64"
}
}
},
{
"category": "product_version",
"name": "ntp-0:4.1.2-6.el3.x86_64",
"product": {
"name": "ntp-0:4.1.2-6.el3.x86_64",
"product_id": "ntp-0:4.1.2-6.el3.x86_64",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ntp@4.1.2-6.el3?arch=x86_64"
}
}
}
],
"category": "architecture",
"name": "x86_64"
},
{
"branches": [
{
"category": "product_version",
"name": "ntp-debuginfo-0:4.1.2-6.el3.i386",
"product": {
"name": "ntp-debuginfo-0:4.1.2-6.el3.i386",
"product_id": "ntp-debuginfo-0:4.1.2-6.el3.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ntp-debuginfo@4.1.2-6.el3?arch=i386"
}
}
},
{
"category": "product_version",
"name": "ntp-0:4.1.2-6.el3.i386",
"product": {
"name": "ntp-0:4.1.2-6.el3.i386",
"product_id": "ntp-0:4.1.2-6.el3.i386",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ntp@4.1.2-6.el3?arch=i386"
}
}
}
],
"category": "architecture",
"name": "i386"
},
{
"branches": [
{
"category": "product_version",
"name": "ntp-0:4.1.2-6.el3.src",
"product": {
"name": "ntp-0:4.1.2-6.el3.src",
"product_id": "ntp-0:4.1.2-6.el3.src",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ntp@4.1.2-6.el3?arch=src"
}
}
}
],
"category": "architecture",
"name": "src"
},
{
"branches": [
{
"category": "product_version",
"name": "ntp-debuginfo-0:4.1.2-6.el3.ppc",
"product": {
"name": "ntp-debuginfo-0:4.1.2-6.el3.ppc",
"product_id": "ntp-debuginfo-0:4.1.2-6.el3.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ntp-debuginfo@4.1.2-6.el3?arch=ppc"
}
}
},
{
"category": "product_version",
"name": "ntp-0:4.1.2-6.el3.ppc",
"product": {
"name": "ntp-0:4.1.2-6.el3.ppc",
"product_id": "ntp-0:4.1.2-6.el3.ppc",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ntp@4.1.2-6.el3?arch=ppc"
}
}
}
],
"category": "architecture",
"name": "ppc"
},
{
"branches": [
{
"category": "product_version",
"name": "ntp-debuginfo-0:4.1.2-6.el3.s390x",
"product": {
"name": "ntp-debuginfo-0:4.1.2-6.el3.s390x",
"product_id": "ntp-debuginfo-0:4.1.2-6.el3.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ntp-debuginfo@4.1.2-6.el3?arch=s390x"
}
}
},
{
"category": "product_version",
"name": "ntp-0:4.1.2-6.el3.s390x",
"product": {
"name": "ntp-0:4.1.2-6.el3.s390x",
"product_id": "ntp-0:4.1.2-6.el3.s390x",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ntp@4.1.2-6.el3?arch=s390x"
}
}
}
],
"category": "architecture",
"name": "s390x"
},
{
"branches": [
{
"category": "product_version",
"name": "ntp-debuginfo-0:4.1.2-6.el3.s390",
"product": {
"name": "ntp-debuginfo-0:4.1.2-6.el3.s390",
"product_id": "ntp-debuginfo-0:4.1.2-6.el3.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ntp-debuginfo@4.1.2-6.el3?arch=s390"
}
}
},
{
"category": "product_version",
"name": "ntp-0:4.1.2-6.el3.s390",
"product": {
"name": "ntp-0:4.1.2-6.el3.s390",
"product_id": "ntp-0:4.1.2-6.el3.s390",
"product_identification_helper": {
"purl": "pkg:rpm/redhat/ntp@4.1.2-6.el3?arch=s390"
}
}
}
],
"category": "architecture",
"name": "s390"
}
],
"category": "vendor",
"name": "Red Hat"
}
],
"relationships": [
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-0:4.1.2-6.el3.i386 as a component of Red Hat Enterprise Linux AS version 3",
"product_id": "3AS:ntp-0:4.1.2-6.el3.i386"
},
"product_reference": "ntp-0:4.1.2-6.el3.i386",
"relates_to_product_reference": "3AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-0:4.1.2-6.el3.ia64 as a component of Red Hat Enterprise Linux AS version 3",
"product_id": "3AS:ntp-0:4.1.2-6.el3.ia64"
},
"product_reference": "ntp-0:4.1.2-6.el3.ia64",
"relates_to_product_reference": "3AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-0:4.1.2-6.el3.ppc as a component of Red Hat Enterprise Linux AS version 3",
"product_id": "3AS:ntp-0:4.1.2-6.el3.ppc"
},
"product_reference": "ntp-0:4.1.2-6.el3.ppc",
"relates_to_product_reference": "3AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-0:4.1.2-6.el3.s390 as a component of Red Hat Enterprise Linux AS version 3",
"product_id": "3AS:ntp-0:4.1.2-6.el3.s390"
},
"product_reference": "ntp-0:4.1.2-6.el3.s390",
"relates_to_product_reference": "3AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-0:4.1.2-6.el3.s390x as a component of Red Hat Enterprise Linux AS version 3",
"product_id": "3AS:ntp-0:4.1.2-6.el3.s390x"
},
"product_reference": "ntp-0:4.1.2-6.el3.s390x",
"relates_to_product_reference": "3AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-0:4.1.2-6.el3.src as a component of Red Hat Enterprise Linux AS version 3",
"product_id": "3AS:ntp-0:4.1.2-6.el3.src"
},
"product_reference": "ntp-0:4.1.2-6.el3.src",
"relates_to_product_reference": "3AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-0:4.1.2-6.el3.x86_64 as a component of Red Hat Enterprise Linux AS version 3",
"product_id": "3AS:ntp-0:4.1.2-6.el3.x86_64"
},
"product_reference": "ntp-0:4.1.2-6.el3.x86_64",
"relates_to_product_reference": "3AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-debuginfo-0:4.1.2-6.el3.i386 as a component of Red Hat Enterprise Linux AS version 3",
"product_id": "3AS:ntp-debuginfo-0:4.1.2-6.el3.i386"
},
"product_reference": "ntp-debuginfo-0:4.1.2-6.el3.i386",
"relates_to_product_reference": "3AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-debuginfo-0:4.1.2-6.el3.ia64 as a component of Red Hat Enterprise Linux AS version 3",
"product_id": "3AS:ntp-debuginfo-0:4.1.2-6.el3.ia64"
},
"product_reference": "ntp-debuginfo-0:4.1.2-6.el3.ia64",
"relates_to_product_reference": "3AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-debuginfo-0:4.1.2-6.el3.ppc as a component of Red Hat Enterprise Linux AS version 3",
"product_id": "3AS:ntp-debuginfo-0:4.1.2-6.el3.ppc"
},
"product_reference": "ntp-debuginfo-0:4.1.2-6.el3.ppc",
"relates_to_product_reference": "3AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-debuginfo-0:4.1.2-6.el3.s390 as a component of Red Hat Enterprise Linux AS version 3",
"product_id": "3AS:ntp-debuginfo-0:4.1.2-6.el3.s390"
},
"product_reference": "ntp-debuginfo-0:4.1.2-6.el3.s390",
"relates_to_product_reference": "3AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-debuginfo-0:4.1.2-6.el3.s390x as a component of Red Hat Enterprise Linux AS version 3",
"product_id": "3AS:ntp-debuginfo-0:4.1.2-6.el3.s390x"
},
"product_reference": "ntp-debuginfo-0:4.1.2-6.el3.s390x",
"relates_to_product_reference": "3AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-debuginfo-0:4.1.2-6.el3.x86_64 as a component of Red Hat Enterprise Linux AS version 3",
"product_id": "3AS:ntp-debuginfo-0:4.1.2-6.el3.x86_64"
},
"product_reference": "ntp-debuginfo-0:4.1.2-6.el3.x86_64",
"relates_to_product_reference": "3AS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-0:4.1.2-6.el3.i386 as a component of Red Hat Desktop version 3",
"product_id": "3Desktop:ntp-0:4.1.2-6.el3.i386"
},
"product_reference": "ntp-0:4.1.2-6.el3.i386",
"relates_to_product_reference": "3Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-0:4.1.2-6.el3.ia64 as a component of Red Hat Desktop version 3",
"product_id": "3Desktop:ntp-0:4.1.2-6.el3.ia64"
},
"product_reference": "ntp-0:4.1.2-6.el3.ia64",
"relates_to_product_reference": "3Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-0:4.1.2-6.el3.ppc as a component of Red Hat Desktop version 3",
"product_id": "3Desktop:ntp-0:4.1.2-6.el3.ppc"
},
"product_reference": "ntp-0:4.1.2-6.el3.ppc",
"relates_to_product_reference": "3Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-0:4.1.2-6.el3.s390 as a component of Red Hat Desktop version 3",
"product_id": "3Desktop:ntp-0:4.1.2-6.el3.s390"
},
"product_reference": "ntp-0:4.1.2-6.el3.s390",
"relates_to_product_reference": "3Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-0:4.1.2-6.el3.s390x as a component of Red Hat Desktop version 3",
"product_id": "3Desktop:ntp-0:4.1.2-6.el3.s390x"
},
"product_reference": "ntp-0:4.1.2-6.el3.s390x",
"relates_to_product_reference": "3Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-0:4.1.2-6.el3.src as a component of Red Hat Desktop version 3",
"product_id": "3Desktop:ntp-0:4.1.2-6.el3.src"
},
"product_reference": "ntp-0:4.1.2-6.el3.src",
"relates_to_product_reference": "3Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-0:4.1.2-6.el3.x86_64 as a component of Red Hat Desktop version 3",
"product_id": "3Desktop:ntp-0:4.1.2-6.el3.x86_64"
},
"product_reference": "ntp-0:4.1.2-6.el3.x86_64",
"relates_to_product_reference": "3Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-debuginfo-0:4.1.2-6.el3.i386 as a component of Red Hat Desktop version 3",
"product_id": "3Desktop:ntp-debuginfo-0:4.1.2-6.el3.i386"
},
"product_reference": "ntp-debuginfo-0:4.1.2-6.el3.i386",
"relates_to_product_reference": "3Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-debuginfo-0:4.1.2-6.el3.ia64 as a component of Red Hat Desktop version 3",
"product_id": "3Desktop:ntp-debuginfo-0:4.1.2-6.el3.ia64"
},
"product_reference": "ntp-debuginfo-0:4.1.2-6.el3.ia64",
"relates_to_product_reference": "3Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-debuginfo-0:4.1.2-6.el3.ppc as a component of Red Hat Desktop version 3",
"product_id": "3Desktop:ntp-debuginfo-0:4.1.2-6.el3.ppc"
},
"product_reference": "ntp-debuginfo-0:4.1.2-6.el3.ppc",
"relates_to_product_reference": "3Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-debuginfo-0:4.1.2-6.el3.s390 as a component of Red Hat Desktop version 3",
"product_id": "3Desktop:ntp-debuginfo-0:4.1.2-6.el3.s390"
},
"product_reference": "ntp-debuginfo-0:4.1.2-6.el3.s390",
"relates_to_product_reference": "3Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-debuginfo-0:4.1.2-6.el3.s390x as a component of Red Hat Desktop version 3",
"product_id": "3Desktop:ntp-debuginfo-0:4.1.2-6.el3.s390x"
},
"product_reference": "ntp-debuginfo-0:4.1.2-6.el3.s390x",
"relates_to_product_reference": "3Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-debuginfo-0:4.1.2-6.el3.x86_64 as a component of Red Hat Desktop version 3",
"product_id": "3Desktop:ntp-debuginfo-0:4.1.2-6.el3.x86_64"
},
"product_reference": "ntp-debuginfo-0:4.1.2-6.el3.x86_64",
"relates_to_product_reference": "3Desktop"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-0:4.1.2-6.el3.i386 as a component of Red Hat Enterprise Linux ES version 3",
"product_id": "3ES:ntp-0:4.1.2-6.el3.i386"
},
"product_reference": "ntp-0:4.1.2-6.el3.i386",
"relates_to_product_reference": "3ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-0:4.1.2-6.el3.ia64 as a component of Red Hat Enterprise Linux ES version 3",
"product_id": "3ES:ntp-0:4.1.2-6.el3.ia64"
},
"product_reference": "ntp-0:4.1.2-6.el3.ia64",
"relates_to_product_reference": "3ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-0:4.1.2-6.el3.ppc as a component of Red Hat Enterprise Linux ES version 3",
"product_id": "3ES:ntp-0:4.1.2-6.el3.ppc"
},
"product_reference": "ntp-0:4.1.2-6.el3.ppc",
"relates_to_product_reference": "3ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-0:4.1.2-6.el3.s390 as a component of Red Hat Enterprise Linux ES version 3",
"product_id": "3ES:ntp-0:4.1.2-6.el3.s390"
},
"product_reference": "ntp-0:4.1.2-6.el3.s390",
"relates_to_product_reference": "3ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-0:4.1.2-6.el3.s390x as a component of Red Hat Enterprise Linux ES version 3",
"product_id": "3ES:ntp-0:4.1.2-6.el3.s390x"
},
"product_reference": "ntp-0:4.1.2-6.el3.s390x",
"relates_to_product_reference": "3ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-0:4.1.2-6.el3.src as a component of Red Hat Enterprise Linux ES version 3",
"product_id": "3ES:ntp-0:4.1.2-6.el3.src"
},
"product_reference": "ntp-0:4.1.2-6.el3.src",
"relates_to_product_reference": "3ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-0:4.1.2-6.el3.x86_64 as a component of Red Hat Enterprise Linux ES version 3",
"product_id": "3ES:ntp-0:4.1.2-6.el3.x86_64"
},
"product_reference": "ntp-0:4.1.2-6.el3.x86_64",
"relates_to_product_reference": "3ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-debuginfo-0:4.1.2-6.el3.i386 as a component of Red Hat Enterprise Linux ES version 3",
"product_id": "3ES:ntp-debuginfo-0:4.1.2-6.el3.i386"
},
"product_reference": "ntp-debuginfo-0:4.1.2-6.el3.i386",
"relates_to_product_reference": "3ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-debuginfo-0:4.1.2-6.el3.ia64 as a component of Red Hat Enterprise Linux ES version 3",
"product_id": "3ES:ntp-debuginfo-0:4.1.2-6.el3.ia64"
},
"product_reference": "ntp-debuginfo-0:4.1.2-6.el3.ia64",
"relates_to_product_reference": "3ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-debuginfo-0:4.1.2-6.el3.ppc as a component of Red Hat Enterprise Linux ES version 3",
"product_id": "3ES:ntp-debuginfo-0:4.1.2-6.el3.ppc"
},
"product_reference": "ntp-debuginfo-0:4.1.2-6.el3.ppc",
"relates_to_product_reference": "3ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-debuginfo-0:4.1.2-6.el3.s390 as a component of Red Hat Enterprise Linux ES version 3",
"product_id": "3ES:ntp-debuginfo-0:4.1.2-6.el3.s390"
},
"product_reference": "ntp-debuginfo-0:4.1.2-6.el3.s390",
"relates_to_product_reference": "3ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-debuginfo-0:4.1.2-6.el3.s390x as a component of Red Hat Enterprise Linux ES version 3",
"product_id": "3ES:ntp-debuginfo-0:4.1.2-6.el3.s390x"
},
"product_reference": "ntp-debuginfo-0:4.1.2-6.el3.s390x",
"relates_to_product_reference": "3ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-debuginfo-0:4.1.2-6.el3.x86_64 as a component of Red Hat Enterprise Linux ES version 3",
"product_id": "3ES:ntp-debuginfo-0:4.1.2-6.el3.x86_64"
},
"product_reference": "ntp-debuginfo-0:4.1.2-6.el3.x86_64",
"relates_to_product_reference": "3ES"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-0:4.1.2-6.el3.i386 as a component of Red Hat Enterprise Linux WS version 3",
"product_id": "3WS:ntp-0:4.1.2-6.el3.i386"
},
"product_reference": "ntp-0:4.1.2-6.el3.i386",
"relates_to_product_reference": "3WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-0:4.1.2-6.el3.ia64 as a component of Red Hat Enterprise Linux WS version 3",
"product_id": "3WS:ntp-0:4.1.2-6.el3.ia64"
},
"product_reference": "ntp-0:4.1.2-6.el3.ia64",
"relates_to_product_reference": "3WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-0:4.1.2-6.el3.ppc as a component of Red Hat Enterprise Linux WS version 3",
"product_id": "3WS:ntp-0:4.1.2-6.el3.ppc"
},
"product_reference": "ntp-0:4.1.2-6.el3.ppc",
"relates_to_product_reference": "3WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-0:4.1.2-6.el3.s390 as a component of Red Hat Enterprise Linux WS version 3",
"product_id": "3WS:ntp-0:4.1.2-6.el3.s390"
},
"product_reference": "ntp-0:4.1.2-6.el3.s390",
"relates_to_product_reference": "3WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-0:4.1.2-6.el3.s390x as a component of Red Hat Enterprise Linux WS version 3",
"product_id": "3WS:ntp-0:4.1.2-6.el3.s390x"
},
"product_reference": "ntp-0:4.1.2-6.el3.s390x",
"relates_to_product_reference": "3WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-0:4.1.2-6.el3.src as a component of Red Hat Enterprise Linux WS version 3",
"product_id": "3WS:ntp-0:4.1.2-6.el3.src"
},
"product_reference": "ntp-0:4.1.2-6.el3.src",
"relates_to_product_reference": "3WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-0:4.1.2-6.el3.x86_64 as a component of Red Hat Enterprise Linux WS version 3",
"product_id": "3WS:ntp-0:4.1.2-6.el3.x86_64"
},
"product_reference": "ntp-0:4.1.2-6.el3.x86_64",
"relates_to_product_reference": "3WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-debuginfo-0:4.1.2-6.el3.i386 as a component of Red Hat Enterprise Linux WS version 3",
"product_id": "3WS:ntp-debuginfo-0:4.1.2-6.el3.i386"
},
"product_reference": "ntp-debuginfo-0:4.1.2-6.el3.i386",
"relates_to_product_reference": "3WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-debuginfo-0:4.1.2-6.el3.ia64 as a component of Red Hat Enterprise Linux WS version 3",
"product_id": "3WS:ntp-debuginfo-0:4.1.2-6.el3.ia64"
},
"product_reference": "ntp-debuginfo-0:4.1.2-6.el3.ia64",
"relates_to_product_reference": "3WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-debuginfo-0:4.1.2-6.el3.ppc as a component of Red Hat Enterprise Linux WS version 3",
"product_id": "3WS:ntp-debuginfo-0:4.1.2-6.el3.ppc"
},
"product_reference": "ntp-debuginfo-0:4.1.2-6.el3.ppc",
"relates_to_product_reference": "3WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-debuginfo-0:4.1.2-6.el3.s390 as a component of Red Hat Enterprise Linux WS version 3",
"product_id": "3WS:ntp-debuginfo-0:4.1.2-6.el3.s390"
},
"product_reference": "ntp-debuginfo-0:4.1.2-6.el3.s390",
"relates_to_product_reference": "3WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-debuginfo-0:4.1.2-6.el3.s390x as a component of Red Hat Enterprise Linux WS version 3",
"product_id": "3WS:ntp-debuginfo-0:4.1.2-6.el3.s390x"
},
"product_reference": "ntp-debuginfo-0:4.1.2-6.el3.s390x",
"relates_to_product_reference": "3WS"
},
{
"category": "default_component_of",
"full_product_name": {
"name": "ntp-debuginfo-0:4.1.2-6.el3.x86_64 as a component of Red Hat Enterprise Linux WS version 3",
"product_id": "3WS:ntp-debuginfo-0:4.1.2-6.el3.x86_64"
},
"product_reference": "ntp-debuginfo-0:4.1.2-6.el3.x86_64",
"relates_to_product_reference": "3WS"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2009-0159",
"cwe": {
"id": "CWE-121",
"name": "Stack-based Buffer Overflow"
},
"discovery_date": "2009-03-12T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "490617"
}
],
"notes": [
{
"category": "description",
"text": "Stack-based buffer overflow in the cookedprint function in ntpq/ntpq.c in ntpq in NTP before 4.2.4p7-RC2 allows remote NTP servers to execute arbitrary code via a crafted response.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "ntp: buffer overflow in ntpq",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"3AS:ntp-0:4.1.2-6.el3.i386",
"3AS:ntp-0:4.1.2-6.el3.ia64",
"3AS:ntp-0:4.1.2-6.el3.ppc",
"3AS:ntp-0:4.1.2-6.el3.s390",
"3AS:ntp-0:4.1.2-6.el3.s390x",
"3AS:ntp-0:4.1.2-6.el3.src",
"3AS:ntp-0:4.1.2-6.el3.x86_64",
"3AS:ntp-debuginfo-0:4.1.2-6.el3.i386",
"3AS:ntp-debuginfo-0:4.1.2-6.el3.ia64",
"3AS:ntp-debuginfo-0:4.1.2-6.el3.ppc",
"3AS:ntp-debuginfo-0:4.1.2-6.el3.s390",
"3AS:ntp-debuginfo-0:4.1.2-6.el3.s390x",
"3AS:ntp-debuginfo-0:4.1.2-6.el3.x86_64",
"3Desktop:ntp-0:4.1.2-6.el3.i386",
"3Desktop:ntp-0:4.1.2-6.el3.ia64",
"3Desktop:ntp-0:4.1.2-6.el3.ppc",
"3Desktop:ntp-0:4.1.2-6.el3.s390",
"3Desktop:ntp-0:4.1.2-6.el3.s390x",
"3Desktop:ntp-0:4.1.2-6.el3.src",
"3Desktop:ntp-0:4.1.2-6.el3.x86_64",
"3Desktop:ntp-debuginfo-0:4.1.2-6.el3.i386",
"3Desktop:ntp-debuginfo-0:4.1.2-6.el3.ia64",
"3Desktop:ntp-debuginfo-0:4.1.2-6.el3.ppc",
"3Desktop:ntp-debuginfo-0:4.1.2-6.el3.s390",
"3Desktop:ntp-debuginfo-0:4.1.2-6.el3.s390x",
"3Desktop:ntp-debuginfo-0:4.1.2-6.el3.x86_64",
"3ES:ntp-0:4.1.2-6.el3.i386",
"3ES:ntp-0:4.1.2-6.el3.ia64",
"3ES:ntp-0:4.1.2-6.el3.ppc",
"3ES:ntp-0:4.1.2-6.el3.s390",
"3ES:ntp-0:4.1.2-6.el3.s390x",
"3ES:ntp-0:4.1.2-6.el3.src",
"3ES:ntp-0:4.1.2-6.el3.x86_64",
"3ES:ntp-debuginfo-0:4.1.2-6.el3.i386",
"3ES:ntp-debuginfo-0:4.1.2-6.el3.ia64",
"3ES:ntp-debuginfo-0:4.1.2-6.el3.ppc",
"3ES:ntp-debuginfo-0:4.1.2-6.el3.s390",
"3ES:ntp-debuginfo-0:4.1.2-6.el3.s390x",
"3ES:ntp-debuginfo-0:4.1.2-6.el3.x86_64",
"3WS:ntp-0:4.1.2-6.el3.i386",
"3WS:ntp-0:4.1.2-6.el3.ia64",
"3WS:ntp-0:4.1.2-6.el3.ppc",
"3WS:ntp-0:4.1.2-6.el3.s390",
"3WS:ntp-0:4.1.2-6.el3.s390x",
"3WS:ntp-0:4.1.2-6.el3.src",
"3WS:ntp-0:4.1.2-6.el3.x86_64",
"3WS:ntp-debuginfo-0:4.1.2-6.el3.i386",
"3WS:ntp-debuginfo-0:4.1.2-6.el3.ia64",
"3WS:ntp-debuginfo-0:4.1.2-6.el3.ppc",
"3WS:ntp-debuginfo-0:4.1.2-6.el3.s390",
"3WS:ntp-debuginfo-0:4.1.2-6.el3.s390x",
"3WS:ntp-debuginfo-0:4.1.2-6.el3.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2009-0159"
},
{
"category": "external",
"summary": "RHBZ#490617",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=490617"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2009-0159",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-0159"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-0159",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2009-0159"
}
],
"release_date": "2009-04-09T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2009-12-08T19:42:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"3AS:ntp-0:4.1.2-6.el3.i386",
"3AS:ntp-0:4.1.2-6.el3.ia64",
"3AS:ntp-0:4.1.2-6.el3.ppc",
"3AS:ntp-0:4.1.2-6.el3.s390",
"3AS:ntp-0:4.1.2-6.el3.s390x",
"3AS:ntp-0:4.1.2-6.el3.src",
"3AS:ntp-0:4.1.2-6.el3.x86_64",
"3AS:ntp-debuginfo-0:4.1.2-6.el3.i386",
"3AS:ntp-debuginfo-0:4.1.2-6.el3.ia64",
"3AS:ntp-debuginfo-0:4.1.2-6.el3.ppc",
"3AS:ntp-debuginfo-0:4.1.2-6.el3.s390",
"3AS:ntp-debuginfo-0:4.1.2-6.el3.s390x",
"3AS:ntp-debuginfo-0:4.1.2-6.el3.x86_64",
"3Desktop:ntp-0:4.1.2-6.el3.i386",
"3Desktop:ntp-0:4.1.2-6.el3.ia64",
"3Desktop:ntp-0:4.1.2-6.el3.ppc",
"3Desktop:ntp-0:4.1.2-6.el3.s390",
"3Desktop:ntp-0:4.1.2-6.el3.s390x",
"3Desktop:ntp-0:4.1.2-6.el3.src",
"3Desktop:ntp-0:4.1.2-6.el3.x86_64",
"3Desktop:ntp-debuginfo-0:4.1.2-6.el3.i386",
"3Desktop:ntp-debuginfo-0:4.1.2-6.el3.ia64",
"3Desktop:ntp-debuginfo-0:4.1.2-6.el3.ppc",
"3Desktop:ntp-debuginfo-0:4.1.2-6.el3.s390",
"3Desktop:ntp-debuginfo-0:4.1.2-6.el3.s390x",
"3Desktop:ntp-debuginfo-0:4.1.2-6.el3.x86_64",
"3ES:ntp-0:4.1.2-6.el3.i386",
"3ES:ntp-0:4.1.2-6.el3.ia64",
"3ES:ntp-0:4.1.2-6.el3.ppc",
"3ES:ntp-0:4.1.2-6.el3.s390",
"3ES:ntp-0:4.1.2-6.el3.s390x",
"3ES:ntp-0:4.1.2-6.el3.src",
"3ES:ntp-0:4.1.2-6.el3.x86_64",
"3ES:ntp-debuginfo-0:4.1.2-6.el3.i386",
"3ES:ntp-debuginfo-0:4.1.2-6.el3.ia64",
"3ES:ntp-debuginfo-0:4.1.2-6.el3.ppc",
"3ES:ntp-debuginfo-0:4.1.2-6.el3.s390",
"3ES:ntp-debuginfo-0:4.1.2-6.el3.s390x",
"3ES:ntp-debuginfo-0:4.1.2-6.el3.x86_64",
"3WS:ntp-0:4.1.2-6.el3.i386",
"3WS:ntp-0:4.1.2-6.el3.ia64",
"3WS:ntp-0:4.1.2-6.el3.ppc",
"3WS:ntp-0:4.1.2-6.el3.s390",
"3WS:ntp-0:4.1.2-6.el3.s390x",
"3WS:ntp-0:4.1.2-6.el3.src",
"3WS:ntp-0:4.1.2-6.el3.x86_64",
"3WS:ntp-debuginfo-0:4.1.2-6.el3.i386",
"3WS:ntp-debuginfo-0:4.1.2-6.el3.ia64",
"3WS:ntp-debuginfo-0:4.1.2-6.el3.ppc",
"3WS:ntp-debuginfo-0:4.1.2-6.el3.s390",
"3WS:ntp-debuginfo-0:4.1.2-6.el3.s390x",
"3WS:ntp-debuginfo-0:4.1.2-6.el3.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2009:1651"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "HIGH",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.1,
"confidentialityImpact": "PARTIAL",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:H/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"3AS:ntp-0:4.1.2-6.el3.i386",
"3AS:ntp-0:4.1.2-6.el3.ia64",
"3AS:ntp-0:4.1.2-6.el3.ppc",
"3AS:ntp-0:4.1.2-6.el3.s390",
"3AS:ntp-0:4.1.2-6.el3.s390x",
"3AS:ntp-0:4.1.2-6.el3.src",
"3AS:ntp-0:4.1.2-6.el3.x86_64",
"3AS:ntp-debuginfo-0:4.1.2-6.el3.i386",
"3AS:ntp-debuginfo-0:4.1.2-6.el3.ia64",
"3AS:ntp-debuginfo-0:4.1.2-6.el3.ppc",
"3AS:ntp-debuginfo-0:4.1.2-6.el3.s390",
"3AS:ntp-debuginfo-0:4.1.2-6.el3.s390x",
"3AS:ntp-debuginfo-0:4.1.2-6.el3.x86_64",
"3Desktop:ntp-0:4.1.2-6.el3.i386",
"3Desktop:ntp-0:4.1.2-6.el3.ia64",
"3Desktop:ntp-0:4.1.2-6.el3.ppc",
"3Desktop:ntp-0:4.1.2-6.el3.s390",
"3Desktop:ntp-0:4.1.2-6.el3.s390x",
"3Desktop:ntp-0:4.1.2-6.el3.src",
"3Desktop:ntp-0:4.1.2-6.el3.x86_64",
"3Desktop:ntp-debuginfo-0:4.1.2-6.el3.i386",
"3Desktop:ntp-debuginfo-0:4.1.2-6.el3.ia64",
"3Desktop:ntp-debuginfo-0:4.1.2-6.el3.ppc",
"3Desktop:ntp-debuginfo-0:4.1.2-6.el3.s390",
"3Desktop:ntp-debuginfo-0:4.1.2-6.el3.s390x",
"3Desktop:ntp-debuginfo-0:4.1.2-6.el3.x86_64",
"3ES:ntp-0:4.1.2-6.el3.i386",
"3ES:ntp-0:4.1.2-6.el3.ia64",
"3ES:ntp-0:4.1.2-6.el3.ppc",
"3ES:ntp-0:4.1.2-6.el3.s390",
"3ES:ntp-0:4.1.2-6.el3.s390x",
"3ES:ntp-0:4.1.2-6.el3.src",
"3ES:ntp-0:4.1.2-6.el3.x86_64",
"3ES:ntp-debuginfo-0:4.1.2-6.el3.i386",
"3ES:ntp-debuginfo-0:4.1.2-6.el3.ia64",
"3ES:ntp-debuginfo-0:4.1.2-6.el3.ppc",
"3ES:ntp-debuginfo-0:4.1.2-6.el3.s390",
"3ES:ntp-debuginfo-0:4.1.2-6.el3.s390x",
"3ES:ntp-debuginfo-0:4.1.2-6.el3.x86_64",
"3WS:ntp-0:4.1.2-6.el3.i386",
"3WS:ntp-0:4.1.2-6.el3.ia64",
"3WS:ntp-0:4.1.2-6.el3.ppc",
"3WS:ntp-0:4.1.2-6.el3.s390",
"3WS:ntp-0:4.1.2-6.el3.s390x",
"3WS:ntp-0:4.1.2-6.el3.src",
"3WS:ntp-0:4.1.2-6.el3.x86_64",
"3WS:ntp-debuginfo-0:4.1.2-6.el3.i386",
"3WS:ntp-debuginfo-0:4.1.2-6.el3.ia64",
"3WS:ntp-debuginfo-0:4.1.2-6.el3.ppc",
"3WS:ntp-debuginfo-0:4.1.2-6.el3.s390",
"3WS:ntp-debuginfo-0:4.1.2-6.el3.s390x",
"3WS:ntp-debuginfo-0:4.1.2-6.el3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Low"
}
],
"title": "ntp: buffer overflow in ntpq"
},
{
"cve": "CVE-2009-3563",
"discovery_date": "2009-10-27T00:00:00+00:00",
"ids": [
{
"system_name": "Red Hat Bugzilla ID",
"text": "531213"
}
],
"notes": [
{
"category": "description",
"text": "ntp_request.c in ntpd in NTP before 4.2.4p8, and 4.2.5, allows remote attackers to cause a denial of service (CPU and bandwidth consumption) by using MODE_PRIVATE to send a spoofed (1) request or (2) response packet that triggers a continuous exchange of MODE_PRIVATE error responses between two NTP daemons.",
"title": "Vulnerability description"
},
{
"category": "summary",
"text": "ntpd: DoS with mode 7 packets (VU#568372)",
"title": "Vulnerability summary"
},
{
"category": "general",
"text": "The CVSS score(s) listed for this vulnerability do not reflect the associated product\u0027s status, and are included for informational purposes to better understand the severity of this vulnerability.",
"title": "CVSS score applicability"
}
],
"product_status": {
"fixed": [
"3AS:ntp-0:4.1.2-6.el3.i386",
"3AS:ntp-0:4.1.2-6.el3.ia64",
"3AS:ntp-0:4.1.2-6.el3.ppc",
"3AS:ntp-0:4.1.2-6.el3.s390",
"3AS:ntp-0:4.1.2-6.el3.s390x",
"3AS:ntp-0:4.1.2-6.el3.src",
"3AS:ntp-0:4.1.2-6.el3.x86_64",
"3AS:ntp-debuginfo-0:4.1.2-6.el3.i386",
"3AS:ntp-debuginfo-0:4.1.2-6.el3.ia64",
"3AS:ntp-debuginfo-0:4.1.2-6.el3.ppc",
"3AS:ntp-debuginfo-0:4.1.2-6.el3.s390",
"3AS:ntp-debuginfo-0:4.1.2-6.el3.s390x",
"3AS:ntp-debuginfo-0:4.1.2-6.el3.x86_64",
"3Desktop:ntp-0:4.1.2-6.el3.i386",
"3Desktop:ntp-0:4.1.2-6.el3.ia64",
"3Desktop:ntp-0:4.1.2-6.el3.ppc",
"3Desktop:ntp-0:4.1.2-6.el3.s390",
"3Desktop:ntp-0:4.1.2-6.el3.s390x",
"3Desktop:ntp-0:4.1.2-6.el3.src",
"3Desktop:ntp-0:4.1.2-6.el3.x86_64",
"3Desktop:ntp-debuginfo-0:4.1.2-6.el3.i386",
"3Desktop:ntp-debuginfo-0:4.1.2-6.el3.ia64",
"3Desktop:ntp-debuginfo-0:4.1.2-6.el3.ppc",
"3Desktop:ntp-debuginfo-0:4.1.2-6.el3.s390",
"3Desktop:ntp-debuginfo-0:4.1.2-6.el3.s390x",
"3Desktop:ntp-debuginfo-0:4.1.2-6.el3.x86_64",
"3ES:ntp-0:4.1.2-6.el3.i386",
"3ES:ntp-0:4.1.2-6.el3.ia64",
"3ES:ntp-0:4.1.2-6.el3.ppc",
"3ES:ntp-0:4.1.2-6.el3.s390",
"3ES:ntp-0:4.1.2-6.el3.s390x",
"3ES:ntp-0:4.1.2-6.el3.src",
"3ES:ntp-0:4.1.2-6.el3.x86_64",
"3ES:ntp-debuginfo-0:4.1.2-6.el3.i386",
"3ES:ntp-debuginfo-0:4.1.2-6.el3.ia64",
"3ES:ntp-debuginfo-0:4.1.2-6.el3.ppc",
"3ES:ntp-debuginfo-0:4.1.2-6.el3.s390",
"3ES:ntp-debuginfo-0:4.1.2-6.el3.s390x",
"3ES:ntp-debuginfo-0:4.1.2-6.el3.x86_64",
"3WS:ntp-0:4.1.2-6.el3.i386",
"3WS:ntp-0:4.1.2-6.el3.ia64",
"3WS:ntp-0:4.1.2-6.el3.ppc",
"3WS:ntp-0:4.1.2-6.el3.s390",
"3WS:ntp-0:4.1.2-6.el3.s390x",
"3WS:ntp-0:4.1.2-6.el3.src",
"3WS:ntp-0:4.1.2-6.el3.x86_64",
"3WS:ntp-debuginfo-0:4.1.2-6.el3.i386",
"3WS:ntp-debuginfo-0:4.1.2-6.el3.ia64",
"3WS:ntp-debuginfo-0:4.1.2-6.el3.ppc",
"3WS:ntp-debuginfo-0:4.1.2-6.el3.s390",
"3WS:ntp-debuginfo-0:4.1.2-6.el3.s390x",
"3WS:ntp-debuginfo-0:4.1.2-6.el3.x86_64"
]
},
"references": [
{
"category": "self",
"summary": "Canonical URL",
"url": "https://access.redhat.com/security/cve/CVE-2009-3563"
},
{
"category": "external",
"summary": "RHBZ#531213",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=531213"
},
{
"category": "external",
"summary": "https://www.cve.org/CVERecord?id=CVE-2009-3563",
"url": "https://www.cve.org/CVERecord?id=CVE-2009-3563"
},
{
"category": "external",
"summary": "https://nvd.nist.gov/vuln/detail/CVE-2009-3563",
"url": "https://nvd.nist.gov/vuln/detail/CVE-2009-3563"
}
],
"release_date": "2009-12-08T00:00:00+00:00",
"remediations": [
{
"category": "vendor_fix",
"date": "2009-12-08T19:42:00+00:00",
"details": "Before applying this update, make sure that all previously-released\nerrata relevant to your system have been applied.\n\nThis update is available via Red Hat Network. Details on how to use\nthe Red Hat Network to apply this update are available at\nhttp://kbase.redhat.com/faq/docs/DOC-11259",
"product_ids": [
"3AS:ntp-0:4.1.2-6.el3.i386",
"3AS:ntp-0:4.1.2-6.el3.ia64",
"3AS:ntp-0:4.1.2-6.el3.ppc",
"3AS:ntp-0:4.1.2-6.el3.s390",
"3AS:ntp-0:4.1.2-6.el3.s390x",
"3AS:ntp-0:4.1.2-6.el3.src",
"3AS:ntp-0:4.1.2-6.el3.x86_64",
"3AS:ntp-debuginfo-0:4.1.2-6.el3.i386",
"3AS:ntp-debuginfo-0:4.1.2-6.el3.ia64",
"3AS:ntp-debuginfo-0:4.1.2-6.el3.ppc",
"3AS:ntp-debuginfo-0:4.1.2-6.el3.s390",
"3AS:ntp-debuginfo-0:4.1.2-6.el3.s390x",
"3AS:ntp-debuginfo-0:4.1.2-6.el3.x86_64",
"3Desktop:ntp-0:4.1.2-6.el3.i386",
"3Desktop:ntp-0:4.1.2-6.el3.ia64",
"3Desktop:ntp-0:4.1.2-6.el3.ppc",
"3Desktop:ntp-0:4.1.2-6.el3.s390",
"3Desktop:ntp-0:4.1.2-6.el3.s390x",
"3Desktop:ntp-0:4.1.2-6.el3.src",
"3Desktop:ntp-0:4.1.2-6.el3.x86_64",
"3Desktop:ntp-debuginfo-0:4.1.2-6.el3.i386",
"3Desktop:ntp-debuginfo-0:4.1.2-6.el3.ia64",
"3Desktop:ntp-debuginfo-0:4.1.2-6.el3.ppc",
"3Desktop:ntp-debuginfo-0:4.1.2-6.el3.s390",
"3Desktop:ntp-debuginfo-0:4.1.2-6.el3.s390x",
"3Desktop:ntp-debuginfo-0:4.1.2-6.el3.x86_64",
"3ES:ntp-0:4.1.2-6.el3.i386",
"3ES:ntp-0:4.1.2-6.el3.ia64",
"3ES:ntp-0:4.1.2-6.el3.ppc",
"3ES:ntp-0:4.1.2-6.el3.s390",
"3ES:ntp-0:4.1.2-6.el3.s390x",
"3ES:ntp-0:4.1.2-6.el3.src",
"3ES:ntp-0:4.1.2-6.el3.x86_64",
"3ES:ntp-debuginfo-0:4.1.2-6.el3.i386",
"3ES:ntp-debuginfo-0:4.1.2-6.el3.ia64",
"3ES:ntp-debuginfo-0:4.1.2-6.el3.ppc",
"3ES:ntp-debuginfo-0:4.1.2-6.el3.s390",
"3ES:ntp-debuginfo-0:4.1.2-6.el3.s390x",
"3ES:ntp-debuginfo-0:4.1.2-6.el3.x86_64",
"3WS:ntp-0:4.1.2-6.el3.i386",
"3WS:ntp-0:4.1.2-6.el3.ia64",
"3WS:ntp-0:4.1.2-6.el3.ppc",
"3WS:ntp-0:4.1.2-6.el3.s390",
"3WS:ntp-0:4.1.2-6.el3.s390x",
"3WS:ntp-0:4.1.2-6.el3.src",
"3WS:ntp-0:4.1.2-6.el3.x86_64",
"3WS:ntp-debuginfo-0:4.1.2-6.el3.i386",
"3WS:ntp-debuginfo-0:4.1.2-6.el3.ia64",
"3WS:ntp-debuginfo-0:4.1.2-6.el3.ppc",
"3WS:ntp-debuginfo-0:4.1.2-6.el3.s390",
"3WS:ntp-debuginfo-0:4.1.2-6.el3.s390x",
"3WS:ntp-debuginfo-0:4.1.2-6.el3.x86_64"
],
"restart_required": {
"category": "none"
},
"url": "https://access.redhat.com/errata/RHSA-2009:1651"
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.0,
"confidentialityImpact": "NONE",
"integrityImpact": "NONE",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"products": [
"3AS:ntp-0:4.1.2-6.el3.i386",
"3AS:ntp-0:4.1.2-6.el3.ia64",
"3AS:ntp-0:4.1.2-6.el3.ppc",
"3AS:ntp-0:4.1.2-6.el3.s390",
"3AS:ntp-0:4.1.2-6.el3.s390x",
"3AS:ntp-0:4.1.2-6.el3.src",
"3AS:ntp-0:4.1.2-6.el3.x86_64",
"3AS:ntp-debuginfo-0:4.1.2-6.el3.i386",
"3AS:ntp-debuginfo-0:4.1.2-6.el3.ia64",
"3AS:ntp-debuginfo-0:4.1.2-6.el3.ppc",
"3AS:ntp-debuginfo-0:4.1.2-6.el3.s390",
"3AS:ntp-debuginfo-0:4.1.2-6.el3.s390x",
"3AS:ntp-debuginfo-0:4.1.2-6.el3.x86_64",
"3Desktop:ntp-0:4.1.2-6.el3.i386",
"3Desktop:ntp-0:4.1.2-6.el3.ia64",
"3Desktop:ntp-0:4.1.2-6.el3.ppc",
"3Desktop:ntp-0:4.1.2-6.el3.s390",
"3Desktop:ntp-0:4.1.2-6.el3.s390x",
"3Desktop:ntp-0:4.1.2-6.el3.src",
"3Desktop:ntp-0:4.1.2-6.el3.x86_64",
"3Desktop:ntp-debuginfo-0:4.1.2-6.el3.i386",
"3Desktop:ntp-debuginfo-0:4.1.2-6.el3.ia64",
"3Desktop:ntp-debuginfo-0:4.1.2-6.el3.ppc",
"3Desktop:ntp-debuginfo-0:4.1.2-6.el3.s390",
"3Desktop:ntp-debuginfo-0:4.1.2-6.el3.s390x",
"3Desktop:ntp-debuginfo-0:4.1.2-6.el3.x86_64",
"3ES:ntp-0:4.1.2-6.el3.i386",
"3ES:ntp-0:4.1.2-6.el3.ia64",
"3ES:ntp-0:4.1.2-6.el3.ppc",
"3ES:ntp-0:4.1.2-6.el3.s390",
"3ES:ntp-0:4.1.2-6.el3.s390x",
"3ES:ntp-0:4.1.2-6.el3.src",
"3ES:ntp-0:4.1.2-6.el3.x86_64",
"3ES:ntp-debuginfo-0:4.1.2-6.el3.i386",
"3ES:ntp-debuginfo-0:4.1.2-6.el3.ia64",
"3ES:ntp-debuginfo-0:4.1.2-6.el3.ppc",
"3ES:ntp-debuginfo-0:4.1.2-6.el3.s390",
"3ES:ntp-debuginfo-0:4.1.2-6.el3.s390x",
"3ES:ntp-debuginfo-0:4.1.2-6.el3.x86_64",
"3WS:ntp-0:4.1.2-6.el3.i386",
"3WS:ntp-0:4.1.2-6.el3.ia64",
"3WS:ntp-0:4.1.2-6.el3.ppc",
"3WS:ntp-0:4.1.2-6.el3.s390",
"3WS:ntp-0:4.1.2-6.el3.s390x",
"3WS:ntp-0:4.1.2-6.el3.src",
"3WS:ntp-0:4.1.2-6.el3.x86_64",
"3WS:ntp-debuginfo-0:4.1.2-6.el3.i386",
"3WS:ntp-debuginfo-0:4.1.2-6.el3.ia64",
"3WS:ntp-debuginfo-0:4.1.2-6.el3.ppc",
"3WS:ntp-debuginfo-0:4.1.2-6.el3.s390",
"3WS:ntp-debuginfo-0:4.1.2-6.el3.s390x",
"3WS:ntp-debuginfo-0:4.1.2-6.el3.x86_64"
]
}
],
"threats": [
{
"category": "impact",
"details": "Moderate"
}
],
"title": "ntpd: DoS with mode 7 packets (VU#568372)"
}
]
}
GSD-2009-3563
Vulnerability from gsd - Updated: 2023-12-13 01:19Details
ntp_request.c in ntpd in NTP before 4.2.4p8, and 4.2.5, allows remote attackers to cause a denial of service (CPU and bandwidth consumption) by using MODE_PRIVATE to send a spoofed (1) request or (2) response packet that triggers a continuous exchange of MODE_PRIVATE error responses between two NTP daemons.
Aliases
Aliases
{
"GSD": {
"alias": "CVE-2009-3563",
"description": "ntp_request.c in ntpd in NTP before 4.2.4p8, and 4.2.5, allows remote attackers to cause a denial of service (CPU and bandwidth consumption) by using MODE_PRIVATE to send a spoofed (1) request or (2) response packet that triggers a continuous exchange of MODE_PRIVATE error responses between two NTP daemons.",
"id": "GSD-2009-3563",
"references": [
"https://www.suse.com/security/cve/CVE-2009-3563.html",
"https://www.debian.org/security/2009/dsa-1948",
"https://access.redhat.com/errata/RHSA-2009:1651",
"https://access.redhat.com/errata/RHSA-2009:1648",
"https://linux.oracle.com/cve/CVE-2009-3563.html"
]
},
"gsd": {
"metadata": {
"exploitCode": "unknown",
"remediation": "unknown",
"reportConfidence": "confirmed",
"type": "vulnerability"
},
"osvSchema": {
"aliases": [
"CVE-2009-3563"
],
"details": "ntp_request.c in ntpd in NTP before 4.2.4p8, and 4.2.5, allows remote attackers to cause a denial of service (CPU and bandwidth consumption) by using MODE_PRIVATE to send a spoofed (1) request or (2) response packet that triggers a continuous exchange of MODE_PRIVATE error responses between two NTP daemons.",
"id": "GSD-2009-3563",
"modified": "2023-12-13T01:19:49.509033Z",
"schema_version": "1.4.0"
}
},
"namespaces": {
"cve.org": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-3563",
"STATE": "PUBLIC"
},
"affects": {
"vendor": {
"vendor_data": [
{
"product": {
"product_data": [
{
"product_name": "n/a",
"version": {
"version_data": [
{
"version_value": "n/a"
}
]
}
}
]
},
"vendor_name": "n/a"
}
]
}
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "eng",
"value": "ntp_request.c in ntpd in NTP before 4.2.4p8, and 4.2.5, allows remote attackers to cause a denial of service (CPU and bandwidth consumption) by using MODE_PRIVATE to send a spoofed (1) request or (2) response packet that triggers a continuous exchange of MODE_PRIVATE error responses between two NTP daemons."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "eng",
"value": "n/a"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "VU#568372",
"refsource": "CERT-VN",
"url": "http://www.kb.cert.org/vuls/id/568372"
},
{
"name": "38832",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/38832"
},
{
"name": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10673",
"refsource": "CONFIRM",
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10673"
},
{
"name": "oval:org.mitre.oval:def:11225",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11225"
},
{
"name": "http://support.avaya.com/css/P8/documents/100071808",
"refsource": "CONFIRM",
"url": "http://support.avaya.com/css/P8/documents/100071808"
},
{
"name": "38794",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/38794"
},
{
"name": "[security-announce] 20100303 VMSA-2010-0004 ESX Service Console and vMA third party updates",
"refsource": "MLIST",
"url": "http://lists.vmware.com/pipermail/security-announce/2010/000082.html"
},
{
"name": "FEDORA-2009-13121",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00809.html"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=531213",
"refsource": "CONFIRM",
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=531213"
},
{
"name": "38764",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/38764"
},
{
"name": "http://support.ntp.org/bin/view/Main/SecurityNotice#DoS_attack_from_certain_NTP_mode",
"refsource": "CONFIRM",
"url": "http://support.ntp.org/bin/view/Main/SecurityNotice#DoS_attack_from_certain_NTP_mode"
},
{
"name": "http://www.kb.cert.org/vuls/id/MAPG-7X7V6J",
"refsource": "CONFIRM",
"url": "http://www.kb.cert.org/vuls/id/MAPG-7X7V6J"
},
{
"name": "oval:org.mitre.oval:def:19376",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19376"
},
{
"name": "37255",
"refsource": "BID",
"url": "http://www.securityfocus.com/bid/37255"
},
{
"name": "SSRT101144",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=136482797910018\u0026w=2"
},
{
"name": "39593",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/39593"
},
{
"name": "IZ71047",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg1IZ71047"
},
{
"name": "ADV-2010-0993",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/0993"
},
{
"name": "DSA-1948",
"refsource": "DEBIAN",
"url": "http://www.debian.org/security/2009/dsa-1948"
},
{
"name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560074",
"refsource": "CONFIRM",
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560074"
},
{
"name": "http://aix.software.ibm.com/aix/efixes/security/xntpd_advisory.asc",
"refsource": "CONFIRM",
"url": "http://aix.software.ibm.com/aix/efixes/security/xntpd_advisory.asc"
},
{
"name": "HPSBUX02639",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=130168580504508\u0026w=2"
},
{
"name": "1021781",
"refsource": "SUNALERT",
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021781.1-1"
},
{
"name": "IZ68659",
"refsource": "AIXAPAR",
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg1IZ68659"
},
{
"name": "SSRT100293",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=130168580504508\u0026w=2"
},
{
"name": "https://support.ntp.org/bugs/show_bug.cgi?id=1331",
"refsource": "CONFIRM",
"url": "https://support.ntp.org/bugs/show_bug.cgi?id=1331"
},
{
"name": "oval:org.mitre.oval:def:7076",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7076"
},
{
"name": "37922",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/37922"
},
{
"name": "NetBSD-SA2010-005",
"refsource": "NETBSD",
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2010-005.txt.asc"
},
{
"name": "38834",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/38834"
},
{
"name": "FEDORA-2009-13090",
"refsource": "FEDORA",
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00763.html"
},
{
"name": "http://security-tracker.debian.org/tracker/CVE-2009-3563",
"refsource": "CONFIRM",
"url": "http://security-tracker.debian.org/tracker/CVE-2009-3563"
},
{
"name": "1023298",
"refsource": "SECTRACK",
"url": "http://securitytracker.com/id?1023298"
},
{
"name": "oval:org.mitre.oval:def:12141",
"refsource": "OVAL",
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12141"
},
{
"name": "RHSA-2009:1651",
"refsource": "REDHAT",
"url": "https://rhn.redhat.com/errata/RHSA-2009-1651.html"
},
{
"name": "37629",
"refsource": "SECUNIA",
"url": "http://secunia.com/advisories/37629"
},
{
"name": "RHSA-2010:0095",
"refsource": "REDHAT",
"url": "https://rhn.redhat.com/errata/RHSA-2010-0095.html"
},
{
"name": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10691",
"refsource": "CONFIRM",
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10691"
},
{
"name": "HPSBUX02859",
"refsource": "HP",
"url": "http://marc.info/?l=bugtraq\u0026m=136482797910018\u0026w=2"
},
{
"name": "[announce] 20091208 NTP 4.2.4p8 Released",
"refsource": "MLIST",
"url": "https://lists.ntp.org/pipermail/announce/2009-December/000086.html"
},
{
"name": "ADV-2010-0510",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/0510"
},
{
"name": "RHSA-2009:1648",
"refsource": "REDHAT",
"url": "https://rhn.redhat.com/errata/RHSA-2009-1648.html"
},
{
"name": "http://www.kb.cert.org/vuls/id/MAPG-7X7VD7",
"refsource": "CONFIRM",
"url": "http://www.kb.cert.org/vuls/id/MAPG-7X7VD7"
},
{
"name": "ADV-2010-0528",
"refsource": "VUPEN",
"url": "http://www.vupen.com/english/advisories/2010/0528"
},
{
"name": "VU#417980",
"refsource": "CERT-VN",
"url": "https://www.kb.cert.org/vuls/id/417980"
}
]
}
},
"nvd.nist.gov": {
"configurations": {
"CVE_data_version": "4.0",
"nodes": [
{
"children": [],
"cpe_match": [
{
"cpe23Uri": "cpe:2.3:a:ntp:ntp:4.0.72:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ntp:ntp:4.1.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ntp:ntp:4.2.2p1:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ntp:ntp:4.2.2p2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ntp:ntp:4.2.2p3:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ntp:ntp:4.0.96:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ntp:ntp:4.0.95:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ntp:ntp:4.0.90:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ntp:ntp:4.0.73:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ntp:ntp:4.2.2:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ntp:ntp:4.2.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ntp:ntp:4.0.98:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ntp:ntp:4.0.97:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ntp:ntp:4.0.92:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ntp:ntp:4.0.91:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ntp:ntp:*:*:*:*:*:*:*:*",
"cpe_name": [],
"versionEndIncluding": "4.2.2p4",
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ntp:ntp:4.2.5:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ntp:ntp:4.1.0:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ntp:ntp:4.0.99:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ntp:ntp:4.0.94:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
},
{
"cpe23Uri": "cpe:2.3:a:ntp:ntp:4.0.93:*:*:*:*:*:*:*",
"cpe_name": [],
"vulnerable": true
}
],
"operator": "OR"
}
]
},
"cve": {
"CVE_data_meta": {
"ASSIGNER": "cve@mitre.org",
"ID": "CVE-2009-3563"
},
"data_format": "MITRE",
"data_type": "CVE",
"data_version": "4.0",
"description": {
"description_data": [
{
"lang": "en",
"value": "ntp_request.c in ntpd in NTP before 4.2.4p8, and 4.2.5, allows remote attackers to cause a denial of service (CPU and bandwidth consumption) by using MODE_PRIVATE to send a spoofed (1) request or (2) response packet that triggers a continuous exchange of MODE_PRIVATE error responses between two NTP daemons."
}
]
},
"problemtype": {
"problemtype_data": [
{
"description": [
{
"lang": "en",
"value": "NVD-CWE-Other"
}
]
}
]
},
"references": {
"reference_data": [
{
"name": "RHSA-2009:1651",
"refsource": "REDHAT",
"tags": [],
"url": "https://rhn.redhat.com/errata/RHSA-2009-1651.html"
},
{
"name": "http://www.kb.cert.org/vuls/id/MAPG-7X7VD7",
"refsource": "CONFIRM",
"tags": [],
"url": "http://www.kb.cert.org/vuls/id/MAPG-7X7VD7"
},
{
"name": "DSA-1948",
"refsource": "DEBIAN",
"tags": [
"Patch"
],
"url": "http://www.debian.org/security/2009/dsa-1948"
},
{
"name": "http://support.ntp.org/bin/view/Main/SecurityNotice#DoS_attack_from_certain_NTP_mode",
"refsource": "CONFIRM",
"tags": [
"Patch"
],
"url": "http://support.ntp.org/bin/view/Main/SecurityNotice#DoS_attack_from_certain_NTP_mode"
},
{
"name": "1023298",
"refsource": "SECTRACK",
"tags": [],
"url": "http://securitytracker.com/id?1023298"
},
{
"name": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560074",
"refsource": "CONFIRM",
"tags": [],
"url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560074"
},
{
"name": "37255",
"refsource": "BID",
"tags": [
"Patch"
],
"url": "http://www.securityfocus.com/bid/37255"
},
{
"name": "RHSA-2009:1648",
"refsource": "REDHAT",
"tags": [],
"url": "https://rhn.redhat.com/errata/RHSA-2009-1648.html"
},
{
"name": "[announce] 20091208 NTP 4.2.4p8 Released",
"refsource": "MLIST",
"tags": [],
"url": "https://lists.ntp.org/pipermail/announce/2009-December/000086.html"
},
{
"name": "VU#568372",
"refsource": "CERT-VN",
"tags": [
"Patch",
"US Government Resource"
],
"url": "http://www.kb.cert.org/vuls/id/568372"
},
{
"name": "http://security-tracker.debian.org/tracker/CVE-2009-3563",
"refsource": "CONFIRM",
"tags": [],
"url": "http://security-tracker.debian.org/tracker/CVE-2009-3563"
},
{
"name": "https://support.ntp.org/bugs/show_bug.cgi?id=1331",
"refsource": "CONFIRM",
"tags": [],
"url": "https://support.ntp.org/bugs/show_bug.cgi?id=1331"
},
{
"name": "http://www.kb.cert.org/vuls/id/MAPG-7X7V6J",
"refsource": "CONFIRM",
"tags": [],
"url": "http://www.kb.cert.org/vuls/id/MAPG-7X7V6J"
},
{
"name": "https://bugzilla.redhat.com/show_bug.cgi?id=531213",
"refsource": "CONFIRM",
"tags": [],
"url": "https://bugzilla.redhat.com/show_bug.cgi?id=531213"
},
{
"name": "FEDORA-2009-13121",
"refsource": "FEDORA",
"tags": [],
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00809.html"
},
{
"name": "FEDORA-2009-13090",
"refsource": "FEDORA",
"tags": [],
"url": "https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00763.html"
},
{
"name": "RHSA-2010:0095",
"refsource": "REDHAT",
"tags": [],
"url": "https://rhn.redhat.com/errata/RHSA-2010-0095.html"
},
{
"name": "http://support.avaya.com/css/P8/documents/100071808",
"refsource": "CONFIRM",
"tags": [],
"url": "http://support.avaya.com/css/P8/documents/100071808"
},
{
"name": "37922",
"refsource": "SECUNIA",
"tags": [],
"url": "http://secunia.com/advisories/37922"
},
{
"name": "IZ71047",
"refsource": "AIXAPAR",
"tags": [],
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg1IZ71047"
},
{
"name": "37629",
"refsource": "SECUNIA",
"tags": [],
"url": "http://secunia.com/advisories/37629"
},
{
"name": "http://aix.software.ibm.com/aix/efixes/security/xntpd_advisory.asc",
"refsource": "CONFIRM",
"tags": [],
"url": "http://aix.software.ibm.com/aix/efixes/security/xntpd_advisory.asc"
},
{
"name": "ADV-2010-0510",
"refsource": "VUPEN",
"tags": [],
"url": "http://www.vupen.com/english/advisories/2010/0510"
},
{
"name": "38764",
"refsource": "SECUNIA",
"tags": [],
"url": "http://secunia.com/advisories/38764"
},
{
"name": "IZ68659",
"refsource": "AIXAPAR",
"tags": [],
"url": "http://www-01.ibm.com/support/docview.wss?uid=isg1IZ68659"
},
{
"name": "38794",
"refsource": "SECUNIA",
"tags": [],
"url": "http://secunia.com/advisories/38794"
},
{
"name": "ADV-2010-0528",
"refsource": "VUPEN",
"tags": [],
"url": "http://www.vupen.com/english/advisories/2010/0528"
},
{
"name": "38832",
"refsource": "SECUNIA",
"tags": [],
"url": "http://secunia.com/advisories/38832"
},
{
"name": "38834",
"refsource": "SECUNIA",
"tags": [],
"url": "http://secunia.com/advisories/38834"
},
{
"name": "[security-announce] 20100303 VMSA-2010-0004 ESX Service Console and vMA third party updates",
"refsource": "MLIST",
"tags": [],
"url": "http://lists.vmware.com/pipermail/security-announce/2010/000082.html"
},
{
"name": "NetBSD-SA2010-005",
"refsource": "NETBSD",
"tags": [],
"url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2010-005.txt.asc"
},
{
"name": "39593",
"refsource": "SECUNIA",
"tags": [],
"url": "http://secunia.com/advisories/39593"
},
{
"name": "ADV-2010-0993",
"refsource": "VUPEN",
"tags": [],
"url": "http://www.vupen.com/english/advisories/2010/0993"
},
{
"name": "1021781",
"refsource": "SUNALERT",
"tags": [],
"url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021781.1-1"
},
{
"name": "SSRT101144",
"refsource": "HP",
"tags": [],
"url": "http://marc.info/?l=bugtraq\u0026m=136482797910018\u0026w=2"
},
{
"name": "HPSBUX02639",
"refsource": "HP",
"tags": [],
"url": "http://marc.info/?l=bugtraq\u0026m=130168580504508\u0026w=2"
},
{
"name": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10691",
"refsource": "CONFIRM",
"tags": [],
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10691"
},
{
"name": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10673",
"refsource": "CONFIRM",
"tags": [],
"url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10673"
},
{
"name": "oval:org.mitre.oval:def:7076",
"refsource": "OVAL",
"tags": [],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7076"
},
{
"name": "oval:org.mitre.oval:def:19376",
"refsource": "OVAL",
"tags": [],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19376"
},
{
"name": "oval:org.mitre.oval:def:12141",
"refsource": "OVAL",
"tags": [],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12141"
},
{
"name": "oval:org.mitre.oval:def:11225",
"refsource": "OVAL",
"tags": [],
"url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11225"
}
]
}
},
"impact": {
"baseMetricV2": {
"cvssV2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.4,
"confidentialityImpact": "NONE",
"integrityImpact": "PARTIAL",
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P",
"version": "2.0"
},
"exploitabilityScore": 10.0,
"impactScore": 4.9,
"obtainAllPrivilege": false,
"obtainOtherPrivilege": false,
"obtainUserPrivilege": false,
"severity": "MEDIUM",
"userInteractionRequired": false
}
},
"lastModifiedDate": "2017-09-19T01:29Z",
"publishedDate": "2009-12-09T18:30Z"
}
}
}
VDE-2022-032
Vulnerability from csaf_aumariestergmbhcokg - Published: 2022-08-09 08:00 - Updated: 2022-08-09 08:00Summary
AUMA: Multiple Vulnerabilities in Automation Runtime NTP Service
Notes
Summary: The SIMA2 Master Station features an NTP service based on ntpd, a reference implementation of the Network Time Protocol (NTP). Affected SIMA2 Master Stations with software version < V2.6 include an outdated version of ntpd which is affected by a large number of vulnerabilities
Mitigation: 1. If your SIMA2 does not need to provide time information to other systems or synchronize itself with an NTP server, disable the NTP client on those systems. Please note that the NTP client is disabled by default in SIMA2
2. In case you must use the NTP server on an SIMA2, choose from the following options to reduce NTP-based risks:
- Allow NTP traffic to/from trusted NTP clients only
- Monitor the network for malicious NTP traffic going to/coming from the SIMA2
- Filter malicious NTP traffic going to/coming from the SIMA2 Monitor NTP server operations on your SIMA2 (server availability, correctness of advertised time, NTP-related log entries, etc.)
3. In case you must use the NTP client on an SIMA2, choose from the following options to reduce NTP-based risks:
- Use trusted NTP servers only
- Allow NTP traffic to/from trusted NTP servers only
- Monitor the network for malicious NTP traffic targeting the SIMA2
- Filter malicious NTP traffic targeting the SIMA2
- Monitor NTP client operations on your SIMA2 (correctness of system time, NTP-related log entries, etc.)
Remediation: Upgrade your SIMA2 to software version 2.6 or above. The NTP service of the SIMA2 Master Station with software version V2.6 and above includes a current, supported version of ntpd.
ntp_request.c in ntpd in NTP before 4.2.4p8, and 4.2.5, allows remote attackers to cause a denial of service (CPU and bandwidth consumption) by using MODE_PRIVATE to send a spoofed (1) request or (2) response packet that triggers a continuous exchange of MODE_PRIVATE error responses between two NTP daemons.
6.4 ()
Mitigation
1. If your SIMA2 does not need to provide time information to other systems or synchronize itself with an NTP server, disable the NTP client on those systems. Please note that the NTP client is disabled by default in SIMA2
2. In case you must use the NTP server on an SIMA2, choose from the following options to reduce NTP-based risks:
- Allow NTP traffic to/from trusted NTP clients only
- Monitor the network for malicious NTP traffic going to/coming from the SIMA2
- Filter malicious NTP traffic going to/coming from the SIMA2 Monitor NTP server operations on your SIMA2 (server availability, correctness of advertised time, NTP-related log entries, etc.)
3. In case you must use the NTP client on an SIMA2, choose from the following options to reduce NTP-based risks:
- Use trusted NTP servers only
- Allow NTP traffic to/from trusted NTP servers only
- Monitor the network for malicious NTP traffic targeting the SIMA2
- Filter malicious NTP traffic targeting the SIMA2
- Monitor NTP client operations on your SIMA2 (correctness of system time, NTP-related log entries, etc.)
Vendor Fix
Upgrade your SIMA2 to software version 2.6 or above. The NTP service of the SIMA2 Master Station with software version V2.6 and above includes a current, supported version of ntpd.
The monlist feature in ntp_request.c in ntpd in NTP before 4.2.7p26 allows remote attackers to cause a denial of service (traffic amplification) via forged (1) REQ_MON_GETLIST or (2) REQ_MON_GETLIST_1 requests, as exploited in the wild in December 2013.
CWE-20 - Improper Input Validation
Mitigation
1. If your SIMA2 does not need to provide time information to other systems or synchronize itself with an NTP server, disable the NTP client on those systems. Please note that the NTP client is disabled by default in SIMA2
2. In case you must use the NTP server on an SIMA2, choose from the following options to reduce NTP-based risks:
- Allow NTP traffic to/from trusted NTP clients only
- Monitor the network for malicious NTP traffic going to/coming from the SIMA2
- Filter malicious NTP traffic going to/coming from the SIMA2 Monitor NTP server operations on your SIMA2 (server availability, correctness of advertised time, NTP-related log entries, etc.)
3. In case you must use the NTP client on an SIMA2, choose from the following options to reduce NTP-based risks:
- Use trusted NTP servers only
- Allow NTP traffic to/from trusted NTP servers only
- Monitor the network for malicious NTP traffic targeting the SIMA2
- Filter malicious NTP traffic targeting the SIMA2
- Monitor NTP client operations on your SIMA2 (correctness of system time, NTP-related log entries, etc.)
Vendor Fix
Upgrade your SIMA2 to software version 2.6 or above. The NTP service of the SIMA2 Master Station with software version V2.6 and above includes a current, supported version of ntpd.
The config_auth function in ntpd in NTP before 4.2.7p11, when an auth key is not configured, improperly generates a key, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via a brute-force attack.
7.5 ()
Mitigation
1. If your SIMA2 does not need to provide time information to other systems or synchronize itself with an NTP server, disable the NTP client on those systems. Please note that the NTP client is disabled by default in SIMA2
2. In case you must use the NTP server on an SIMA2, choose from the following options to reduce NTP-based risks:
- Allow NTP traffic to/from trusted NTP clients only
- Monitor the network for malicious NTP traffic going to/coming from the SIMA2
- Filter malicious NTP traffic going to/coming from the SIMA2 Monitor NTP server operations on your SIMA2 (server availability, correctness of advertised time, NTP-related log entries, etc.)
3. In case you must use the NTP client on an SIMA2, choose from the following options to reduce NTP-based risks:
- Use trusted NTP servers only
- Allow NTP traffic to/from trusted NTP servers only
- Monitor the network for malicious NTP traffic targeting the SIMA2
- Filter malicious NTP traffic targeting the SIMA2
- Monitor NTP client operations on your SIMA2 (correctness of system time, NTP-related log entries, etc.)
Vendor Fix
Upgrade your SIMA2 to software version 2.6 or above. The NTP service of the SIMA2 Master Station with software version V2.6 and above includes a current, supported version of ntpd.
util/ntp-keygen.c in ntp-keygen in NTP before 4.2.7p230 uses a weak RNG seed, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via a brute-force attack.
7.5 ()
Mitigation
1. If your SIMA2 does not need to provide time information to other systems or synchronize itself with an NTP server, disable the NTP client on those systems. Please note that the NTP client is disabled by default in SIMA2
2. In case you must use the NTP server on an SIMA2, choose from the following options to reduce NTP-based risks:
- Allow NTP traffic to/from trusted NTP clients only
- Monitor the network for malicious NTP traffic going to/coming from the SIMA2
- Filter malicious NTP traffic going to/coming from the SIMA2 Monitor NTP server operations on your SIMA2 (server availability, correctness of advertised time, NTP-related log entries, etc.)
3. In case you must use the NTP client on an SIMA2, choose from the following options to reduce NTP-based risks:
- Use trusted NTP servers only
- Allow NTP traffic to/from trusted NTP servers only
- Monitor the network for malicious NTP traffic targeting the SIMA2
- Filter malicious NTP traffic targeting the SIMA2
- Monitor NTP client operations on your SIMA2 (correctness of system time, NTP-related log entries, etc.)
Vendor Fix
Upgrade your SIMA2 to software version 2.6 or above. The NTP service of the SIMA2 Master Station with software version V2.6 and above includes a current, supported version of ntpd.
Multiple stack-based buffer overflows in ntpd in NTP before 4.2.8 allow remote attackers to execute arbitrary code via a crafted packet, related to (1) the crypto_recv function when the Autokey Authentication feature is used, (2) the ctl_putdata function, and (3) the configure function.
7.5 ()
Mitigation
1. If your SIMA2 does not need to provide time information to other systems or synchronize itself with an NTP server, disable the NTP client on those systems. Please note that the NTP client is disabled by default in SIMA2
2. In case you must use the NTP server on an SIMA2, choose from the following options to reduce NTP-based risks:
- Allow NTP traffic to/from trusted NTP clients only
- Monitor the network for malicious NTP traffic going to/coming from the SIMA2
- Filter malicious NTP traffic going to/coming from the SIMA2 Monitor NTP server operations on your SIMA2 (server availability, correctness of advertised time, NTP-related log entries, etc.)
3. In case you must use the NTP client on an SIMA2, choose from the following options to reduce NTP-based risks:
- Use trusted NTP servers only
- Allow NTP traffic to/from trusted NTP servers only
- Monitor the network for malicious NTP traffic targeting the SIMA2
- Filter malicious NTP traffic targeting the SIMA2
- Monitor NTP client operations on your SIMA2 (correctness of system time, NTP-related log entries, etc.)
Vendor Fix
Upgrade your SIMA2 to software version 2.6 or above. The NTP service of the SIMA2 Master Station with software version V2.6 and above includes a current, supported version of ntpd.
The receive function in ntp_proto.c in ntpd in NTP before 4.2.8 continues to execute after detecting a certain authentication error, which might allow remote attackers to trigger an unintended association change via crafted packets.
Mitigation
1. If your SIMA2 does not need to provide time information to other systems or synchronize itself with an NTP server, disable the NTP client on those systems. Please note that the NTP client is disabled by default in SIMA2
2. In case you must use the NTP server on an SIMA2, choose from the following options to reduce NTP-based risks:
- Allow NTP traffic to/from trusted NTP clients only
- Monitor the network for malicious NTP traffic going to/coming from the SIMA2
- Filter malicious NTP traffic going to/coming from the SIMA2 Monitor NTP server operations on your SIMA2 (server availability, correctness of advertised time, NTP-related log entries, etc.)
3. In case you must use the NTP client on an SIMA2, choose from the following options to reduce NTP-based risks:
- Use trusted NTP servers only
- Allow NTP traffic to/from trusted NTP servers only
- Monitor the network for malicious NTP traffic targeting the SIMA2
- Filter malicious NTP traffic targeting the SIMA2
- Monitor NTP client operations on your SIMA2 (correctness of system time, NTP-related log entries, etc.)
Vendor Fix
Upgrade your SIMA2 to software version 2.6 or above. The NTP service of the SIMA2 Master Station with software version V2.6 and above includes a current, supported version of ntpd.
ntp_crypto.c in ntpd in NTP 4.x before 4.2.8p1, when Autokey Authentication is enabled, allows remote attackers to obtain sensitive information from process memory or cause a denial of service (daemon crash) via a packet containing an extension field with an invalid value for the length of its value field.
5.8 ()
Mitigation
1. If your SIMA2 does not need to provide time information to other systems or synchronize itself with an NTP server, disable the NTP client on those systems. Please note that the NTP client is disabled by default in SIMA2
2. In case you must use the NTP server on an SIMA2, choose from the following options to reduce NTP-based risks:
- Allow NTP traffic to/from trusted NTP clients only
- Monitor the network for malicious NTP traffic going to/coming from the SIMA2
- Filter malicious NTP traffic going to/coming from the SIMA2 Monitor NTP server operations on your SIMA2 (server availability, correctness of advertised time, NTP-related log entries, etc.)
3. In case you must use the NTP client on an SIMA2, choose from the following options to reduce NTP-based risks:
- Use trusted NTP servers only
- Allow NTP traffic to/from trusted NTP servers only
- Monitor the network for malicious NTP traffic targeting the SIMA2
- Filter malicious NTP traffic targeting the SIMA2
- Monitor NTP client operations on your SIMA2 (correctness of system time, NTP-related log entries, etc.)
Vendor Fix
Upgrade your SIMA2 to software version 2.6 or above. The NTP service of the SIMA2 Master Station with software version V2.6 and above includes a current, supported version of ntpd.
The crypto_xmit function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (crash) via crafted packets containing particular autokey operations. NOTE: This vulnerability exists due to an incomplete fix for CVE-2014-9750.
7.5 (High)
Mitigation
1. If your SIMA2 does not need to provide time information to other systems or synchronize itself with an NTP server, disable the NTP client on those systems. Please note that the NTP client is disabled by default in SIMA2
2. In case you must use the NTP server on an SIMA2, choose from the following options to reduce NTP-based risks:
- Allow NTP traffic to/from trusted NTP clients only
- Monitor the network for malicious NTP traffic going to/coming from the SIMA2
- Filter malicious NTP traffic going to/coming from the SIMA2 Monitor NTP server operations on your SIMA2 (server availability, correctness of advertised time, NTP-related log entries, etc.)
3. In case you must use the NTP client on an SIMA2, choose from the following options to reduce NTP-based risks:
- Use trusted NTP servers only
- Allow NTP traffic to/from trusted NTP servers only
- Monitor the network for malicious NTP traffic targeting the SIMA2
- Filter malicious NTP traffic targeting the SIMA2
- Monitor NTP client operations on your SIMA2 (correctness of system time, NTP-related log entries, etc.)
Vendor Fix
Upgrade your SIMA2 to software version 2.6 or above. The NTP service of the SIMA2 Master Station with software version V2.6 and above includes a current, supported version of ntpd.
The crypto_xmit function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (crash). NOTE: This vulnerability exists due to an incomplete fix for CVE-2014-9750.
7.5 (High)
Mitigation
1. If your SIMA2 does not need to provide time information to other systems or synchronize itself with an NTP server, disable the NTP client on those systems. Please note that the NTP client is disabled by default in SIMA2
2. In case you must use the NTP server on an SIMA2, choose from the following options to reduce NTP-based risks:
- Allow NTP traffic to/from trusted NTP clients only
- Monitor the network for malicious NTP traffic going to/coming from the SIMA2
- Filter malicious NTP traffic going to/coming from the SIMA2 Monitor NTP server operations on your SIMA2 (server availability, correctness of advertised time, NTP-related log entries, etc.)
3. In case you must use the NTP client on an SIMA2, choose from the following options to reduce NTP-based risks:
- Use trusted NTP servers only
- Allow NTP traffic to/from trusted NTP servers only
- Monitor the network for malicious NTP traffic targeting the SIMA2
- Filter malicious NTP traffic targeting the SIMA2
- Monitor NTP client operations on your SIMA2 (correctness of system time, NTP-related log entries, etc.)
Vendor Fix
Upgrade your SIMA2 to software version 2.6 or above. The NTP service of the SIMA2 Master Station with software version V2.6 and above includes a current, supported version of ntpd.
The crypto_xmit function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (crash). NOTE: This vulnerability exists due to an incomplete fix for CVE-2014-9750.
6.5 (Medium)
Mitigation
1. If your SIMA2 does not need to provide time information to other systems or synchronize itself with an NTP server, disable the NTP client on those systems. Please note that the NTP client is disabled by default in SIMA2
2. In case you must use the NTP server on an SIMA2, choose from the following options to reduce NTP-based risks:
- Allow NTP traffic to/from trusted NTP clients only
- Monitor the network for malicious NTP traffic going to/coming from the SIMA2
- Filter malicious NTP traffic going to/coming from the SIMA2 Monitor NTP server operations on your SIMA2 (server availability, correctness of advertised time, NTP-related log entries, etc.)
3. In case you must use the NTP client on an SIMA2, choose from the following options to reduce NTP-based risks:
- Use trusted NTP servers only
- Allow NTP traffic to/from trusted NTP servers only
- Monitor the network for malicious NTP traffic targeting the SIMA2
- Filter malicious NTP traffic targeting the SIMA2
- Monitor NTP client operations on your SIMA2 (correctness of system time, NTP-related log entries, etc.)
Vendor Fix
Upgrade your SIMA2 to software version 2.6 or above. The NTP service of the SIMA2 Master Station with software version V2.6 and above includes a current, supported version of ntpd.
The ntpd client in NTP 4.x before 4.2.8p4 and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service via a number of crafted "KOD" messages.
7.5 (High)
Mitigation
1. If your SIMA2 does not need to provide time information to other systems or synchronize itself with an NTP server, disable the NTP client on those systems. Please note that the NTP client is disabled by default in SIMA2
2. In case you must use the NTP server on an SIMA2, choose from the following options to reduce NTP-based risks:
- Allow NTP traffic to/from trusted NTP clients only
- Monitor the network for malicious NTP traffic going to/coming from the SIMA2
- Filter malicious NTP traffic going to/coming from the SIMA2 Monitor NTP server operations on your SIMA2 (server availability, correctness of advertised time, NTP-related log entries, etc.)
3. In case you must use the NTP client on an SIMA2, choose from the following options to reduce NTP-based risks:
- Use trusted NTP servers only
- Allow NTP traffic to/from trusted NTP servers only
- Monitor the network for malicious NTP traffic targeting the SIMA2
- Filter malicious NTP traffic targeting the SIMA2
- Monitor NTP client operations on your SIMA2 (correctness of system time, NTP-related log entries, etc.)
Vendor Fix
Upgrade your SIMA2 to software version 2.6 or above. The NTP service of the SIMA2 Master Station with software version V2.6 and above includes a current, supported version of ntpd.
Use-after-free vulnerability in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote authenticated users to possibly execute arbitrary code or cause a denial of service (crash) via crafted packets.
8.8 (High)
Mitigation
1. If your SIMA2 does not need to provide time information to other systems or synchronize itself with an NTP server, disable the NTP client on those systems. Please note that the NTP client is disabled by default in SIMA2
2. In case you must use the NTP server on an SIMA2, choose from the following options to reduce NTP-based risks:
- Allow NTP traffic to/from trusted NTP clients only
- Monitor the network for malicious NTP traffic going to/coming from the SIMA2
- Filter malicious NTP traffic going to/coming from the SIMA2 Monitor NTP server operations on your SIMA2 (server availability, correctness of advertised time, NTP-related log entries, etc.)
3. In case you must use the NTP client on an SIMA2, choose from the following options to reduce NTP-based risks:
- Use trusted NTP servers only
- Allow NTP traffic to/from trusted NTP servers only
- Monitor the network for malicious NTP traffic targeting the SIMA2
- Filter malicious NTP traffic targeting the SIMA2
- Monitor NTP client operations on your SIMA2 (correctness of system time, NTP-related log entries, etc.)
Vendor Fix
Upgrade your SIMA2 to software version 2.6 or above. The NTP service of the SIMA2 Master Station with software version V2.6 and above includes a current, supported version of ntpd.
ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote authenticated users to cause a denial of service (infinite loop or crash) by pointing the key file at the log file.
6.5 (Medium)
Mitigation
1. If your SIMA2 does not need to provide time information to other systems or synchronize itself with an NTP server, disable the NTP client on those systems. Please note that the NTP client is disabled by default in SIMA2
2. In case you must use the NTP server on an SIMA2, choose from the following options to reduce NTP-based risks:
- Allow NTP traffic to/from trusted NTP clients only
- Monitor the network for malicious NTP traffic going to/coming from the SIMA2
- Filter malicious NTP traffic going to/coming from the SIMA2 Monitor NTP server operations on your SIMA2 (server availability, correctness of advertised time, NTP-related log entries, etc.)
3. In case you must use the NTP client on an SIMA2, choose from the following options to reduce NTP-based risks:
- Use trusted NTP servers only
- Allow NTP traffic to/from trusted NTP servers only
- Monitor the network for malicious NTP traffic targeting the SIMA2
- Filter malicious NTP traffic targeting the SIMA2
- Monitor NTP client operations on your SIMA2 (correctness of system time, NTP-related log entries, etc.)
Vendor Fix
Upgrade your SIMA2 to software version 2.6 or above. The NTP service of the SIMA2 Master Station with software version V2.6 and above includes a current, supported version of ntpd.
Directory traversal vulnerability in the save_config function in ntpd in ntp_control.c in NTP before 4.2.8p4, when used on systems that do not use '\' or '/' characters for directory separation such as OpenVMS, allows remote authenticated users to overwrite arbitrary files.
6.5 (Medium)
Mitigation
1. If your SIMA2 does not need to provide time information to other systems or synchronize itself with an NTP server, disable the NTP client on those systems. Please note that the NTP client is disabled by default in SIMA2
2. In case you must use the NTP server on an SIMA2, choose from the following options to reduce NTP-based risks:
- Allow NTP traffic to/from trusted NTP clients only
- Monitor the network for malicious NTP traffic going to/coming from the SIMA2
- Filter malicious NTP traffic going to/coming from the SIMA2 Monitor NTP server operations on your SIMA2 (server availability, correctness of advertised time, NTP-related log entries, etc.)
3. In case you must use the NTP client on an SIMA2, choose from the following options to reduce NTP-based risks:
- Use trusted NTP servers only
- Allow NTP traffic to/from trusted NTP servers only
- Monitor the network for malicious NTP traffic targeting the SIMA2
- Filter malicious NTP traffic targeting the SIMA2
- Monitor NTP client operations on your SIMA2 (correctness of system time, NTP-related log entries, etc.)
Vendor Fix
Upgrade your SIMA2 to software version 2.6 or above. The NTP service of the SIMA2 Master Station with software version V2.6 and above includes a current, supported version of ntpd.
ntpq in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (crash) via crafted mode 6 response packets.
5.9 (Medium)
Mitigation
1. If your SIMA2 does not need to provide time information to other systems or synchronize itself with an NTP server, disable the NTP client on those systems. Please note that the NTP client is disabled by default in SIMA2
2. In case you must use the NTP server on an SIMA2, choose from the following options to reduce NTP-based risks:
- Allow NTP traffic to/from trusted NTP clients only
- Monitor the network for malicious NTP traffic going to/coming from the SIMA2
- Filter malicious NTP traffic going to/coming from the SIMA2 Monitor NTP server operations on your SIMA2 (server availability, correctness of advertised time, NTP-related log entries, etc.)
3. In case you must use the NTP client on an SIMA2, choose from the following options to reduce NTP-based risks:
- Use trusted NTP servers only
- Allow NTP traffic to/from trusted NTP servers only
- Monitor the network for malicious NTP traffic targeting the SIMA2
- Filter malicious NTP traffic targeting the SIMA2
- Monitor NTP client operations on your SIMA2 (correctness of system time, NTP-related log entries, etc.)
Vendor Fix
Upgrade your SIMA2 to software version 2.6 or above. The NTP service of the SIMA2 Master Station with software version V2.6 and above includes a current, supported version of ntpd.
Buffer overflow in the password management functionality in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote authenticated users to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted key file.
8.8 (High)
Mitigation
1. If your SIMA2 does not need to provide time information to other systems or synchronize itself with an NTP server, disable the NTP client on those systems. Please note that the NTP client is disabled by default in SIMA2
2. In case you must use the NTP server on an SIMA2, choose from the following options to reduce NTP-based risks:
- Allow NTP traffic to/from trusted NTP clients only
- Monitor the network for malicious NTP traffic going to/coming from the SIMA2
- Filter malicious NTP traffic going to/coming from the SIMA2 Monitor NTP server operations on your SIMA2 (server availability, correctness of advertised time, NTP-related log entries, etc.)
3. In case you must use the NTP client on an SIMA2, choose from the following options to reduce NTP-based risks:
- Use trusted NTP servers only
- Allow NTP traffic to/from trusted NTP servers only
- Monitor the network for malicious NTP traffic targeting the SIMA2
- Filter malicious NTP traffic targeting the SIMA2
- Monitor NTP client operations on your SIMA2 (correctness of system time, NTP-related log entries, etc.)
Vendor Fix
Upgrade your SIMA2 to software version 2.6 or above. The NTP service of the SIMA2 Master Station with software version V2.6 and above includes a current, supported version of ntpd.
The decodenetnum function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (assertion failure) via a 6 or mode 7 packet containing a long data value.
6.5 (Medium)
Mitigation
1. If your SIMA2 does not need to provide time information to other systems or synchronize itself with an NTP server, disable the NTP client on those systems. Please note that the NTP client is disabled by default in SIMA2
2. In case you must use the NTP server on an SIMA2, choose from the following options to reduce NTP-based risks:
- Allow NTP traffic to/from trusted NTP clients only
- Monitor the network for malicious NTP traffic going to/coming from the SIMA2
- Filter malicious NTP traffic going to/coming from the SIMA2 Monitor NTP server operations on your SIMA2 (server availability, correctness of advertised time, NTP-related log entries, etc.)
3. In case you must use the NTP client on an SIMA2, choose from the following options to reduce NTP-based risks:
- Use trusted NTP servers only
- Allow NTP traffic to/from trusted NTP servers only
- Monitor the network for malicious NTP traffic targeting the SIMA2
- Filter malicious NTP traffic targeting the SIMA2
- Monitor NTP client operations on your SIMA2 (correctness of system time, NTP-related log entries, etc.)
Vendor Fix
Upgrade your SIMA2 to software version 2.6 or above. The NTP service of the SIMA2 Master Station with software version V2.6 and above includes a current, supported version of ntpd.
Crypto-NAK packets in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to bypass authentication.
9.8 (Critical)
Mitigation
1. If your SIMA2 does not need to provide time information to other systems or synchronize itself with an NTP server, disable the NTP client on those systems. Please note that the NTP client is disabled by default in SIMA2
2. In case you must use the NTP server on an SIMA2, choose from the following options to reduce NTP-based risks:
- Allow NTP traffic to/from trusted NTP clients only
- Monitor the network for malicious NTP traffic going to/coming from the SIMA2
- Filter malicious NTP traffic going to/coming from the SIMA2 Monitor NTP server operations on your SIMA2 (server availability, correctness of advertised time, NTP-related log entries, etc.)
3. In case you must use the NTP client on an SIMA2, choose from the following options to reduce NTP-based risks:
- Use trusted NTP servers only
- Allow NTP traffic to/from trusted NTP servers only
- Monitor the network for malicious NTP traffic targeting the SIMA2
- Filter malicious NTP traffic targeting the SIMA2
- Monitor NTP client operations on your SIMA2 (correctness of system time, NTP-related log entries, etc.)
Vendor Fix
Upgrade your SIMA2 to software version 2.6 or above. The NTP service of the SIMA2 Master Station with software version V2.6 and above includes a current, supported version of ntpd.
NTP before 4.2.8p6 and 4.3.x before 4.3.90, when configured in broadcast mode, allows man-in-the-middle attackers to conduct replay attacks by sniffing the network.
6.5 (Medium)
Mitigation
1. If your SIMA2 does not need to provide time information to other systems or synchronize itself with an NTP server, disable the NTP client on those systems. Please note that the NTP client is disabled by default in SIMA2
2. In case you must use the NTP server on an SIMA2, choose from the following options to reduce NTP-based risks:
- Allow NTP traffic to/from trusted NTP clients only
- Monitor the network for malicious NTP traffic going to/coming from the SIMA2
- Filter malicious NTP traffic going to/coming from the SIMA2 Monitor NTP server operations on your SIMA2 (server availability, correctness of advertised time, NTP-related log entries, etc.)
3. In case you must use the NTP client on an SIMA2, choose from the following options to reduce NTP-based risks:
- Use trusted NTP servers only
- Allow NTP traffic to/from trusted NTP servers only
- Monitor the network for malicious NTP traffic targeting the SIMA2
- Filter malicious NTP traffic targeting the SIMA2
- Monitor NTP client operations on your SIMA2 (correctness of system time, NTP-related log entries, etc.)
Vendor Fix
Upgrade your SIMA2 to software version 2.6 or above. The NTP service of the SIMA2 Master Station with software version V2.6 and above includes a current, supported version of ntpd.
NTP 4.x before 4.2.8p6 and 4.3.x before 4.3.90 do not verify peer associations of symmetric keys when authenticating packets, which might allow remote attackers to conduct impersonation attacks via an arbitrary trusted key, aka a "skeleton key."
7.7 (High)
Mitigation
1. If your SIMA2 does not need to provide time information to other systems or synchronize itself with an NTP server, disable the NTP client on those systems. Please note that the NTP client is disabled by default in SIMA2
2. In case you must use the NTP server on an SIMA2, choose from the following options to reduce NTP-based risks:
- Allow NTP traffic to/from trusted NTP clients only
- Monitor the network for malicious NTP traffic going to/coming from the SIMA2
- Filter malicious NTP traffic going to/coming from the SIMA2 Monitor NTP server operations on your SIMA2 (server availability, correctness of advertised time, NTP-related log entries, etc.)
3. In case you must use the NTP client on an SIMA2, choose from the following options to reduce NTP-based risks:
- Use trusted NTP servers only
- Allow NTP traffic to/from trusted NTP servers only
- Monitor the network for malicious NTP traffic targeting the SIMA2
- Filter malicious NTP traffic targeting the SIMA2
- Monitor NTP client operations on your SIMA2 (correctness of system time, NTP-related log entries, etc.)
Vendor Fix
Upgrade your SIMA2 to software version 2.6 or above. The NTP service of the SIMA2 Master Station with software version V2.6 and above includes a current, supported version of ntpd.
The nextvar function in NTP before 4.2.8p6 and 4.3.x before 4.3.90 does not properly validate the length of its input, which allows an attacker to cause a denial of service (application crash).
6.2 (Medium)
Mitigation
1. If your SIMA2 does not need to provide time information to other systems or synchronize itself with an NTP server, disable the NTP client on those systems. Please note that the NTP client is disabled by default in SIMA2
2. In case you must use the NTP server on an SIMA2, choose from the following options to reduce NTP-based risks:
- Allow NTP traffic to/from trusted NTP clients only
- Monitor the network for malicious NTP traffic going to/coming from the SIMA2
- Filter malicious NTP traffic going to/coming from the SIMA2 Monitor NTP server operations on your SIMA2 (server availability, correctness of advertised time, NTP-related log entries, etc.)
3. In case you must use the NTP client on an SIMA2, choose from the following options to reduce NTP-based risks:
- Use trusted NTP servers only
- Allow NTP traffic to/from trusted NTP servers only
- Monitor the network for malicious NTP traffic targeting the SIMA2
- Filter malicious NTP traffic targeting the SIMA2
- Monitor NTP client operations on your SIMA2 (correctness of system time, NTP-related log entries, etc.)
Vendor Fix
Upgrade your SIMA2 to software version 2.6 or above. The NTP service of the SIMA2 Master Station with software version V2.6 and above includes a current, supported version of ntpd.
The ntpq saveconfig command in NTP 4.1.2, 4.2.x before 4.2.8p6, 4.3, 4.3.25, 4.3.70, and 4.3.77 does not properly filter special characters, which allows attackers to cause unspecified impact via a crafted filename.
4.3 (Medium)
Mitigation
1. If your SIMA2 does not need to provide time information to other systems or synchronize itself with an NTP server, disable the NTP client on those systems. Please note that the NTP client is disabled by default in SIMA2
2. In case you must use the NTP server on an SIMA2, choose from the following options to reduce NTP-based risks:
- Allow NTP traffic to/from trusted NTP clients only
- Monitor the network for malicious NTP traffic going to/coming from the SIMA2
- Filter malicious NTP traffic going to/coming from the SIMA2 Monitor NTP server operations on your SIMA2 (server availability, correctness of advertised time, NTP-related log entries, etc.)
3. In case you must use the NTP client on an SIMA2, choose from the following options to reduce NTP-based risks:
- Use trusted NTP servers only
- Allow NTP traffic to/from trusted NTP servers only
- Monitor the network for malicious NTP traffic targeting the SIMA2
- Filter malicious NTP traffic targeting the SIMA2
- Monitor NTP client operations on your SIMA2 (correctness of system time, NTP-related log entries, etc.)
Vendor Fix
Upgrade your SIMA2 to software version 2.6 or above. The NTP service of the SIMA2 Master Station with software version V2.6 and above includes a current, supported version of ntpd.
ntpd in NTP before 4.2.8p6 and 4.3.x before 4.3.90 allows remote attackers to cause a denial of service (NULL pointer dereference) via a ntpdc reslist command.
5.9 (Medium)
Mitigation
1. If your SIMA2 does not need to provide time information to other systems or synchronize itself with an NTP server, disable the NTP client on those systems. Please note that the NTP client is disabled by default in SIMA2
2. In case you must use the NTP server on an SIMA2, choose from the following options to reduce NTP-based risks:
- Allow NTP traffic to/from trusted NTP clients only
- Monitor the network for malicious NTP traffic going to/coming from the SIMA2
- Filter malicious NTP traffic going to/coming from the SIMA2 Monitor NTP server operations on your SIMA2 (server availability, correctness of advertised time, NTP-related log entries, etc.)
3. In case you must use the NTP client on an SIMA2, choose from the following options to reduce NTP-based risks:
- Use trusted NTP servers only
- Allow NTP traffic to/from trusted NTP servers only
- Monitor the network for malicious NTP traffic targeting the SIMA2
- Filter malicious NTP traffic targeting the SIMA2
- Monitor NTP client operations on your SIMA2 (correctness of system time, NTP-related log entries, etc.)
Vendor Fix
Upgrade your SIMA2 to software version 2.6 or above. The NTP service of the SIMA2 Master Station with software version V2.6 and above includes a current, supported version of ntpd.
NTP before 4.2.8p6 and 4.3.0 before 4.3.90 allows a remote attackers to cause a denial of service (stack exhaustion) via an ntpdc relist command, which triggers recursive traversal of the restriction list.
7.5 (High)
Mitigation
1. If your SIMA2 does not need to provide time information to other systems or synchronize itself with an NTP server, disable the NTP client on those systems. Please note that the NTP client is disabled by default in SIMA2
2. In case you must use the NTP server on an SIMA2, choose from the following options to reduce NTP-based risks:
- Allow NTP traffic to/from trusted NTP clients only
- Monitor the network for malicious NTP traffic going to/coming from the SIMA2
- Filter malicious NTP traffic going to/coming from the SIMA2 Monitor NTP server operations on your SIMA2 (server availability, correctness of advertised time, NTP-related log entries, etc.)
3. In case you must use the NTP client on an SIMA2, choose from the following options to reduce NTP-based risks:
- Use trusted NTP servers only
- Allow NTP traffic to/from trusted NTP servers only
- Monitor the network for malicious NTP traffic targeting the SIMA2
- Filter malicious NTP traffic targeting the SIMA2
- Monitor NTP client operations on your SIMA2 (correctness of system time, NTP-related log entries, etc.)
Vendor Fix
Upgrade your SIMA2 to software version 2.6 or above. The NTP service of the SIMA2 Master Station with software version V2.6 and above includes a current, supported version of ntpd.
NTP before 4.2.8p6 and 4.3.x before 4.3.90 allows remote attackers to cause a denial of service (client-server association tear down) by sending broadcast packets with invalid authentication to a broadcast client.
7.5 (High)
Mitigation
1. If your SIMA2 does not need to provide time information to other systems or synchronize itself with an NTP server, disable the NTP client on those systems. Please note that the NTP client is disabled by default in SIMA2
2. In case you must use the NTP server on an SIMA2, choose from the following options to reduce NTP-based risks:
- Allow NTP traffic to/from trusted NTP clients only
- Monitor the network for malicious NTP traffic going to/coming from the SIMA2
- Filter malicious NTP traffic going to/coming from the SIMA2 Monitor NTP server operations on your SIMA2 (server availability, correctness of advertised time, NTP-related log entries, etc.)
3. In case you must use the NTP client on an SIMA2, choose from the following options to reduce NTP-based risks:
- Use trusted NTP servers only
- Allow NTP traffic to/from trusted NTP servers only
- Monitor the network for malicious NTP traffic targeting the SIMA2
- Filter malicious NTP traffic targeting the SIMA2
- Monitor NTP client operations on your SIMA2 (correctness of system time, NTP-related log entries, etc.)
Vendor Fix
Upgrade your SIMA2 to software version 2.6 or above. The NTP service of the SIMA2 Master Station with software version V2.6 and above includes a current, supported version of ntpd.
NTP before 4.2.8p6 and 4.3.x before 4.3.90 allows remote attackers to bypass the origin timestamp validation via a packet with an origin timestamp set to zero.
5.3 (Medium)
Mitigation
1. If your SIMA2 does not need to provide time information to other systems or synchronize itself with an NTP server, disable the NTP client on those systems. Please note that the NTP client is disabled by default in SIMA2
2. In case you must use the NTP server on an SIMA2, choose from the following options to reduce NTP-based risks:
- Allow NTP traffic to/from trusted NTP clients only
- Monitor the network for malicious NTP traffic going to/coming from the SIMA2
- Filter malicious NTP traffic going to/coming from the SIMA2 Monitor NTP server operations on your SIMA2 (server availability, correctness of advertised time, NTP-related log entries, etc.)
3. In case you must use the NTP client on an SIMA2, choose from the following options to reduce NTP-based risks:
- Use trusted NTP servers only
- Allow NTP traffic to/from trusted NTP servers only
- Monitor the network for malicious NTP traffic targeting the SIMA2
- Filter malicious NTP traffic targeting the SIMA2
- Monitor NTP client operations on your SIMA2 (correctness of system time, NTP-related log entries, etc.)
Vendor Fix
Upgrade your SIMA2 to software version 2.6 or above. The NTP service of the SIMA2 Master Station with software version V2.6 and above includes a current, supported version of ntpd.
ntpq in NTP before 4.2.8p7 allows remote attackers to obtain origin timestamps and then impersonate peers via unspecified vectors.
5.3 (Medium)
Mitigation
1. If your SIMA2 does not need to provide time information to other systems or synchronize itself with an NTP server, disable the NTP client on those systems. Please note that the NTP client is disabled by default in SIMA2
2. In case you must use the NTP server on an SIMA2, choose from the following options to reduce NTP-based risks:
- Allow NTP traffic to/from trusted NTP clients only
- Monitor the network for malicious NTP traffic going to/coming from the SIMA2
- Filter malicious NTP traffic going to/coming from the SIMA2 Monitor NTP server operations on your SIMA2 (server availability, correctness of advertised time, NTP-related log entries, etc.)
3. In case you must use the NTP client on an SIMA2, choose from the following options to reduce NTP-based risks:
- Use trusted NTP servers only
- Allow NTP traffic to/from trusted NTP servers only
- Monitor the network for malicious NTP traffic targeting the SIMA2
- Filter malicious NTP traffic targeting the SIMA2
- Monitor NTP client operations on your SIMA2 (correctness of system time, NTP-related log entries, etc.)
Vendor Fix
Upgrade your SIMA2 to software version 2.6 or above. The NTP service of the SIMA2 Master Station with software version V2.6 and above includes a current, supported version of ntpd.
The ntpq protocol in NTP before 4.2.8p7 allows remote attackers to conduct replay attacks by sniffing the network.
4.8 (Medium)
Mitigation
1. If your SIMA2 does not need to provide time information to other systems or synchronize itself with an NTP server, disable the NTP client on those systems. Please note that the NTP client is disabled by default in SIMA2
2. In case you must use the NTP server on an SIMA2, choose from the following options to reduce NTP-based risks:
- Allow NTP traffic to/from trusted NTP clients only
- Monitor the network for malicious NTP traffic going to/coming from the SIMA2
- Filter malicious NTP traffic going to/coming from the SIMA2 Monitor NTP server operations on your SIMA2 (server availability, correctness of advertised time, NTP-related log entries, etc.)
3. In case you must use the NTP client on an SIMA2, choose from the following options to reduce NTP-based risks:
- Use trusted NTP servers only
- Allow NTP traffic to/from trusted NTP servers only
- Monitor the network for malicious NTP traffic targeting the SIMA2
- Filter malicious NTP traffic targeting the SIMA2
- Monitor NTP client operations on your SIMA2 (correctness of system time, NTP-related log entries, etc.)
Vendor Fix
Upgrade your SIMA2 to software version 2.6 or above. The NTP service of the SIMA2 Master Station with software version V2.6 and above includes a current, supported version of ntpd.
The getresponse function in ntpq in NTP versions before 4.2.8p9 and 4.3.x before 4.3.90 allows remote attackers to cause a denial of service (infinite loop) via crafted packets with incorrect values.
5.9 (Medium)
Mitigation
1. If your SIMA2 does not need to provide time information to other systems or synchronize itself with an NTP server, disable the NTP client on those systems. Please note that the NTP client is disabled by default in SIMA2
2. In case you must use the NTP server on an SIMA2, choose from the following options to reduce NTP-based risks:
- Allow NTP traffic to/from trusted NTP clients only
- Monitor the network for malicious NTP traffic going to/coming from the SIMA2
- Filter malicious NTP traffic going to/coming from the SIMA2 Monitor NTP server operations on your SIMA2 (server availability, correctness of advertised time, NTP-related log entries, etc.)
3. In case you must use the NTP client on an SIMA2, choose from the following options to reduce NTP-based risks:
- Use trusted NTP servers only
- Allow NTP traffic to/from trusted NTP servers only
- Monitor the network for malicious NTP traffic targeting the SIMA2
- Filter malicious NTP traffic targeting the SIMA2
- Monitor NTP client operations on your SIMA2 (correctness of system time, NTP-related log entries, etc.)
Vendor Fix
Upgrade your SIMA2 to software version 2.6 or above. The NTP service of the SIMA2 Master Station with software version V2.6 and above includes a current, supported version of ntpd.
An off-path attacker can cause a preemptible client association to be demobilized in NTP 4.2.8p4 and earlier and NTPSec a5fb34b9cc89b92a8fef2f459004865c93bb7f92 by sending a crypto NAK packet to a victim client with a spoofed source address of an existing associated peer. This is true even if authentication is enabled.
5.3 (Medium)
Mitigation
1. If your SIMA2 does not need to provide time information to other systems or synchronize itself with an NTP server, disable the NTP client on those systems. Please note that the NTP client is disabled by default in SIMA2
2. In case you must use the NTP server on an SIMA2, choose from the following options to reduce NTP-based risks:
- Allow NTP traffic to/from trusted NTP clients only
- Monitor the network for malicious NTP traffic going to/coming from the SIMA2
- Filter malicious NTP traffic going to/coming from the SIMA2 Monitor NTP server operations on your SIMA2 (server availability, correctness of advertised time, NTP-related log entries, etc.)
3. In case you must use the NTP client on an SIMA2, choose from the following options to reduce NTP-based risks:
- Use trusted NTP servers only
- Allow NTP traffic to/from trusted NTP servers only
- Monitor the network for malicious NTP traffic targeting the SIMA2
- Filter malicious NTP traffic targeting the SIMA2
- Monitor NTP client operations on your SIMA2 (correctness of system time, NTP-related log entries, etc.)
Vendor Fix
Upgrade your SIMA2 to software version 2.6 or above. The NTP service of the SIMA2 Master Station with software version V2.6 and above includes a current, supported version of ntpd.
An exploitable vulnerability exists in the message authentication functionality of libntp in ntp 4.2.8p4 and NTPSec a5fb34b9cc89b92a8fef2f459004865c93bb7f92. An attacker can send a series of crafted messages to attempt to recover the message digest key.
5.3 (Medium)
Mitigation
1. If your SIMA2 does not need to provide time information to other systems or synchronize itself with an NTP server, disable the NTP client on those systems. Please note that the NTP client is disabled by default in SIMA2
2. In case you must use the NTP server on an SIMA2, choose from the following options to reduce NTP-based risks:
- Allow NTP traffic to/from trusted NTP clients only
- Monitor the network for malicious NTP traffic going to/coming from the SIMA2
- Filter malicious NTP traffic going to/coming from the SIMA2 Monitor NTP server operations on your SIMA2 (server availability, correctness of advertised time, NTP-related log entries, etc.)
3. In case you must use the NTP client on an SIMA2, choose from the following options to reduce NTP-based risks:
- Use trusted NTP servers only
- Allow NTP traffic to/from trusted NTP servers only
- Monitor the network for malicious NTP traffic targeting the SIMA2
- Filter malicious NTP traffic targeting the SIMA2
- Monitor NTP client operations on your SIMA2 (correctness of system time, NTP-related log entries, etc.)
Vendor Fix
Upgrade your SIMA2 to software version 2.6 or above. The NTP service of the SIMA2 Master Station with software version V2.6 and above includes a current, supported version of ntpd.
NTP before 4.2.8p7 and 4.3.x before 4.3.92 allows remote attackers to cause a denial of service (prevent subsequent authentication) by leveraging knowledge of the controlkey or requestkey and sending a crafted packet to ntpd, which changes the value of trustedkey, controlkey, or requestkey. NOTE: this vulnerability exists because of a CVE-2016-2516 regression.
5.3 (Medium)
Mitigation
1. If your SIMA2 does not need to provide time information to other systems or synchronize itself with an NTP server, disable the NTP client on those systems. Please note that the NTP client is disabled by default in SIMA2
2. In case you must use the NTP server on an SIMA2, choose from the following options to reduce NTP-based risks:
- Allow NTP traffic to/from trusted NTP clients only
- Monitor the network for malicious NTP traffic going to/coming from the SIMA2
- Filter malicious NTP traffic going to/coming from the SIMA2 Monitor NTP server operations on your SIMA2 (server availability, correctness of advertised time, NTP-related log entries, etc.)
3. In case you must use the NTP client on an SIMA2, choose from the following options to reduce NTP-based risks:
- Use trusted NTP servers only
- Allow NTP traffic to/from trusted NTP servers only
- Monitor the network for malicious NTP traffic targeting the SIMA2
- Filter malicious NTP traffic targeting the SIMA2
- Monitor NTP client operations on your SIMA2 (correctness of system time, NTP-related log entries, etc.)
Vendor Fix
Upgrade your SIMA2 to software version 2.6 or above. The NTP service of the SIMA2 Master Station with software version V2.6 and above includes a current, supported version of ntpd.
The MATCH_ASSOC function in NTP before version 4.2.8p9 and 4.3.x before 4.3.92 allows remote attackers to cause an out-of-bounds reference via an addpeer request with a large hmode value.
5.3 (Medium)
Mitigation
1. If your SIMA2 does not need to provide time information to other systems or synchronize itself with an NTP server, disable the NTP client on those systems. Please note that the NTP client is disabled by default in SIMA2
2. In case you must use the NTP server on an SIMA2, choose from the following options to reduce NTP-based risks:
- Allow NTP traffic to/from trusted NTP clients only
- Monitor the network for malicious NTP traffic going to/coming from the SIMA2
- Filter malicious NTP traffic going to/coming from the SIMA2 Monitor NTP server operations on your SIMA2 (server availability, correctness of advertised time, NTP-related log entries, etc.)
3. In case you must use the NTP client on an SIMA2, choose from the following options to reduce NTP-based risks:
- Use trusted NTP servers only
- Allow NTP traffic to/from trusted NTP servers only
- Monitor the network for malicious NTP traffic targeting the SIMA2
- Filter malicious NTP traffic targeting the SIMA2
- Monitor NTP client operations on your SIMA2 (correctness of system time, NTP-related log entries, etc.)
Vendor Fix
Upgrade your SIMA2 to software version 2.6 or above. The NTP service of the SIMA2 Master Station with software version V2.6 and above includes a current, supported version of ntpd.
ntpd in NTP 4.x before 4.2.8p8 allows remote attackers to cause a denial of service (ephemeral-association demobilization) by sending a spoofed crypto-NAK packet with incorrect authentication data at a certain time.
7.5 (High)
Mitigation
1. If your SIMA2 does not need to provide time information to other systems or synchronize itself with an NTP server, disable the NTP client on those systems. Please note that the NTP client is disabled by default in SIMA2
2. In case you must use the NTP server on an SIMA2, choose from the following options to reduce NTP-based risks:
- Allow NTP traffic to/from trusted NTP clients only
- Monitor the network for malicious NTP traffic going to/coming from the SIMA2
- Filter malicious NTP traffic going to/coming from the SIMA2 Monitor NTP server operations on your SIMA2 (server availability, correctness of advertised time, NTP-related log entries, etc.)
3. In case you must use the NTP client on an SIMA2, choose from the following options to reduce NTP-based risks:
- Use trusted NTP servers only
- Allow NTP traffic to/from trusted NTP servers only
- Monitor the network for malicious NTP traffic targeting the SIMA2
- Filter malicious NTP traffic targeting the SIMA2
- Monitor NTP client operations on your SIMA2 (correctness of system time, NTP-related log entries, etc.)
Vendor Fix
Upgrade your SIMA2 to software version 2.6 or above. The NTP service of the SIMA2 Master Station with software version V2.6 and above includes a current, supported version of ntpd.
The process_packet function in ntp_proto.c in ntpd in NTP 4.x before 4.2.8p8 allows remote attackers to cause a denial of service (peer-variable modification) by sending spoofed packets from many source IP addresses in a certain scenario, as demonstrated by triggering an incorrect leap indication.
7.5 (High)
Mitigation
1. If your SIMA2 does not need to provide time information to other systems or synchronize itself with an NTP server, disable the NTP client on those systems. Please note that the NTP client is disabled by default in SIMA2
2. In case you must use the NTP server on an SIMA2, choose from the following options to reduce NTP-based risks:
- Allow NTP traffic to/from trusted NTP clients only
- Monitor the network for malicious NTP traffic going to/coming from the SIMA2
- Filter malicious NTP traffic going to/coming from the SIMA2 Monitor NTP server operations on your SIMA2 (server availability, correctness of advertised time, NTP-related log entries, etc.)
3. In case you must use the NTP client on an SIMA2, choose from the following options to reduce NTP-based risks:
- Use trusted NTP servers only
- Allow NTP traffic to/from trusted NTP servers only
- Monitor the network for malicious NTP traffic targeting the SIMA2
- Filter malicious NTP traffic targeting the SIMA2
- Monitor NTP client operations on your SIMA2 (correctness of system time, NTP-related log entries, etc.)
Vendor Fix
Upgrade your SIMA2 to software version 2.6 or above. The NTP service of the SIMA2 Master Station with software version V2.6 and above includes a current, supported version of ntpd.
ntpd in NTP 4.x before 4.2.8p8, when autokey is enabled, allows remote attackers to cause a denial of service (peer-variable clearing and association outage) by sending (1) a spoofed crypto-NAK packet or (2) a packet with an incorrect MAC value at a certain time.
5.9 (Medium)
Mitigation
1. If your SIMA2 does not need to provide time information to other systems or synchronize itself with an NTP server, disable the NTP client on those systems. Please note that the NTP client is disabled by default in SIMA2
2. In case you must use the NTP server on an SIMA2, choose from the following options to reduce NTP-based risks:
- Allow NTP traffic to/from trusted NTP clients only
- Monitor the network for malicious NTP traffic going to/coming from the SIMA2
- Filter malicious NTP traffic going to/coming from the SIMA2 Monitor NTP server operations on your SIMA2 (server availability, correctness of advertised time, NTP-related log entries, etc.)
3. In case you must use the NTP client on an SIMA2, choose from the following options to reduce NTP-based risks:
- Use trusted NTP servers only
- Allow NTP traffic to/from trusted NTP servers only
- Monitor the network for malicious NTP traffic targeting the SIMA2
- Filter malicious NTP traffic targeting the SIMA2
- Monitor NTP client operations on your SIMA2 (correctness of system time, NTP-related log entries, etc.)
Vendor Fix
Upgrade your SIMA2 to software version 2.6 or above. The NTP service of the SIMA2 Master Station with software version V2.6 and above includes a current, supported version of ntpd.
The broadcast mode replay prevention functionality in ntpd in NTP before 4.2.8p9 allows remote attackers to cause a denial of service (reject broadcast mode packets) via a crafted broadcast mode packet.
4.3 (Medium)
Mitigation
1. If your SIMA2 does not need to provide time information to other systems or synchronize itself with an NTP server, disable the NTP client on those systems. Please note that the NTP client is disabled by default in SIMA2
2. In case you must use the NTP server on an SIMA2, choose from the following options to reduce NTP-based risks:
- Allow NTP traffic to/from trusted NTP clients only
- Monitor the network for malicious NTP traffic going to/coming from the SIMA2
- Filter malicious NTP traffic going to/coming from the SIMA2 Monitor NTP server operations on your SIMA2 (server availability, correctness of advertised time, NTP-related log entries, etc.)
3. In case you must use the NTP client on an SIMA2, choose from the following options to reduce NTP-based risks:
- Use trusted NTP servers only
- Allow NTP traffic to/from trusted NTP servers only
- Monitor the network for malicious NTP traffic targeting the SIMA2
- Filter malicious NTP traffic targeting the SIMA2
- Monitor NTP client operations on your SIMA2 (correctness of system time, NTP-related log entries, etc.)
Vendor Fix
Upgrade your SIMA2 to software version 2.6 or above. The NTP service of the SIMA2 Master Station with software version V2.6 and above includes a current, supported version of ntpd.
NTP before 4.2.8p9 allows remote attackers to bypass the origin timestamp protection mechanism via an origin timestamp of zero. NOTE: this vulnerability exists because of a CVE-2015-8138 regression.
5.3 (Medium)
Mitigation
1. If your SIMA2 does not need to provide time information to other systems or synchronize itself with an NTP server, disable the NTP client on those systems. Please note that the NTP client is disabled by default in SIMA2
2. In case you must use the NTP server on an SIMA2, choose from the following options to reduce NTP-based risks:
- Allow NTP traffic to/from trusted NTP clients only
- Monitor the network for malicious NTP traffic going to/coming from the SIMA2
- Filter malicious NTP traffic going to/coming from the SIMA2 Monitor NTP server operations on your SIMA2 (server availability, correctness of advertised time, NTP-related log entries, etc.)
3. In case you must use the NTP client on an SIMA2, choose from the following options to reduce NTP-based risks:
- Use trusted NTP servers only
- Allow NTP traffic to/from trusted NTP servers only
- Monitor the network for malicious NTP traffic targeting the SIMA2
- Filter malicious NTP traffic targeting the SIMA2
- Monitor NTP client operations on your SIMA2 (correctness of system time, NTP-related log entries, etc.)
Vendor Fix
Upgrade your SIMA2 to software version 2.6 or above. The NTP service of the SIMA2 Master Station with software version V2.6 and above includes a current, supported version of ntpd.
NTP before 4.2.8p9 does not properly perform the initial sync calculations, which allows remote attackers to unspecified impact via unknown vectors, related to a "root distance that did not include the peer dispersion."
5.3 (Medium)
Mitigation
1. If your SIMA2 does not need to provide time information to other systems or synchronize itself with an NTP server, disable the NTP client on those systems. Please note that the NTP client is disabled by default in SIMA2
2. In case you must use the NTP server on an SIMA2, choose from the following options to reduce NTP-based risks:
- Allow NTP traffic to/from trusted NTP clients only
- Monitor the network for malicious NTP traffic going to/coming from the SIMA2
- Filter malicious NTP traffic going to/coming from the SIMA2 Monitor NTP server operations on your SIMA2 (server availability, correctness of advertised time, NTP-related log entries, etc.)
3. In case you must use the NTP client on an SIMA2, choose from the following options to reduce NTP-based risks:
- Use trusted NTP servers only
- Allow NTP traffic to/from trusted NTP servers only
- Monitor the network for malicious NTP traffic targeting the SIMA2
- Filter malicious NTP traffic targeting the SIMA2
- Monitor NTP client operations on your SIMA2 (correctness of system time, NTP-related log entries, etc.)
Vendor Fix
Upgrade your SIMA2 to software version 2.6 or above. The NTP service of the SIMA2 Master Station with software version V2.6 and above includes a current, supported version of ntpd.
The read_mru_list function in NTP before 4.2.8p9 allows remote attackers to cause a denial of service (crash) via a crafted mrulist query.
7.5 (High)
Mitigation
1. If your SIMA2 does not need to provide time information to other systems or synchronize itself with an NTP server, disable the NTP client on those systems. Please note that the NTP client is disabled by default in SIMA2
2. In case you must use the NTP server on an SIMA2, choose from the following options to reduce NTP-based risks:
- Allow NTP traffic to/from trusted NTP clients only
- Monitor the network for malicious NTP traffic going to/coming from the SIMA2
- Filter malicious NTP traffic going to/coming from the SIMA2 Monitor NTP server operations on your SIMA2 (server availability, correctness of advertised time, NTP-related log entries, etc.)
3. In case you must use the NTP client on an SIMA2, choose from the following options to reduce NTP-based risks:
- Use trusted NTP servers only
- Allow NTP traffic to/from trusted NTP servers only
- Monitor the network for malicious NTP traffic targeting the SIMA2
- Filter malicious NTP traffic targeting the SIMA2
- Monitor NTP client operations on your SIMA2 (correctness of system time, NTP-related log entries, etc.)
Vendor Fix
Upgrade your SIMA2 to software version 2.6 or above. The NTP service of the SIMA2 Master Station with software version V2.6 and above includes a current, supported version of ntpd.
The control mode (mode 6) functionality in ntpd in NTP before 4.2.8p9 allows remote attackers to set or unset traps via a crafted control mode packet.
6.5 (Medium)
Mitigation
1. If your SIMA2 does not need to provide time information to other systems or synchronize itself with an NTP server, disable the NTP client on those systems. Please note that the NTP client is disabled by default in SIMA2
2. In case you must use the NTP server on an SIMA2, choose from the following options to reduce NTP-based risks:
- Allow NTP traffic to/from trusted NTP clients only
- Monitor the network for malicious NTP traffic going to/coming from the SIMA2
- Filter malicious NTP traffic going to/coming from the SIMA2 Monitor NTP server operations on your SIMA2 (server availability, correctness of advertised time, NTP-related log entries, etc.)
3. In case you must use the NTP client on an SIMA2, choose from the following options to reduce NTP-based risks:
- Use trusted NTP servers only
- Allow NTP traffic to/from trusted NTP servers only
- Monitor the network for malicious NTP traffic targeting the SIMA2
- Filter malicious NTP traffic targeting the SIMA2
- Monitor NTP client operations on your SIMA2 (correctness of system time, NTP-related log entries, etc.)
Vendor Fix
Upgrade your SIMA2 to software version 2.6 or above. The NTP service of the SIMA2 Master Station with software version V2.6 and above includes a current, supported version of ntpd.
ntpd in NTP before 4.2.8p9, when the trap service is enabled, allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted packet.
5.9 (Medium)
Mitigation
1. If your SIMA2 does not need to provide time information to other systems or synchronize itself with an NTP server, disable the NTP client on those systems. Please note that the NTP client is disabled by default in SIMA2
2. In case you must use the NTP server on an SIMA2, choose from the following options to reduce NTP-based risks:
- Allow NTP traffic to/from trusted NTP clients only
- Monitor the network for malicious NTP traffic going to/coming from the SIMA2
- Filter malicious NTP traffic going to/coming from the SIMA2 Monitor NTP server operations on your SIMA2 (server availability, correctness of advertised time, NTP-related log entries, etc.)
3. In case you must use the NTP client on an SIMA2, choose from the following options to reduce NTP-based risks:
- Use trusted NTP servers only
- Allow NTP traffic to/from trusted NTP servers only
- Monitor the network for malicious NTP traffic targeting the SIMA2
- Filter malicious NTP traffic targeting the SIMA2
- Monitor NTP client operations on your SIMA2 (correctness of system time, NTP-related log entries, etc.)
Vendor Fix
Upgrade your SIMA2 to software version 2.6 or above. The NTP service of the SIMA2 Master Station with software version V2.6 and above includes a current, supported version of ntpd.
The mx4200_send function in the legacy MX4200 refclock in NTP before 4.2.8p10 and 4.3.x before 4.3.94 does not properly handle the return value of the snprintf function, which allows local users to execute arbitrary code via unspecified vectors, which trigger an out-of-bounds memory write.
7.8 (High)
Mitigation
1. If your SIMA2 does not need to provide time information to other systems or synchronize itself with an NTP server, disable the NTP client on those systems. Please note that the NTP client is disabled by default in SIMA2
2. In case you must use the NTP server on an SIMA2, choose from the following options to reduce NTP-based risks:
- Allow NTP traffic to/from trusted NTP clients only
- Monitor the network for malicious NTP traffic going to/coming from the SIMA2
- Filter malicious NTP traffic going to/coming from the SIMA2 Monitor NTP server operations on your SIMA2 (server availability, correctness of advertised time, NTP-related log entries, etc.)
3. In case you must use the NTP client on an SIMA2, choose from the following options to reduce NTP-based risks:
- Use trusted NTP servers only
- Allow NTP traffic to/from trusted NTP servers only
- Monitor the network for malicious NTP traffic targeting the SIMA2
- Filter malicious NTP traffic targeting the SIMA2
- Monitor NTP client operations on your SIMA2 (correctness of system time, NTP-related log entries, etc.)
Vendor Fix
Upgrade your SIMA2 to software version 2.6 or above. The NTP service of the SIMA2 Master Station with software version V2.6 and above includes a current, supported version of ntpd.
Multiple buffer overflows in the ctl_put* functions in NTP before 4.2.8p10 and 4.3.x before 4.3.94 allow remote authenticated users to have unspecified impact via a long variable.
8.8 (High)
Mitigation
1. If your SIMA2 does not need to provide time information to other systems or synchronize itself with an NTP server, disable the NTP client on those systems. Please note that the NTP client is disabled by default in SIMA2
2. In case you must use the NTP server on an SIMA2, choose from the following options to reduce NTP-based risks:
- Allow NTP traffic to/from trusted NTP clients only
- Monitor the network for malicious NTP traffic going to/coming from the SIMA2
- Filter malicious NTP traffic going to/coming from the SIMA2 Monitor NTP server operations on your SIMA2 (server availability, correctness of advertised time, NTP-related log entries, etc.)
3. In case you must use the NTP client on an SIMA2, choose from the following options to reduce NTP-based risks:
- Use trusted NTP servers only
- Allow NTP traffic to/from trusted NTP servers only
- Monitor the network for malicious NTP traffic targeting the SIMA2
- Filter malicious NTP traffic targeting the SIMA2
- Monitor NTP client operations on your SIMA2 (correctness of system time, NTP-related log entries, etc.)
Vendor Fix
Upgrade your SIMA2 to software version 2.6 or above. The NTP service of the SIMA2 Master Station with software version V2.6 and above includes a current, supported version of ntpd.
Stack-based buffer overflow in the reslist function in ntpq in NTP before 4.2.8p10 and 4.3.x before 4.3.94 allows remote servers have unspecified impact via a long flagstr variable in a restriction list response.
8.8 (High)
Mitigation
1. If your SIMA2 does not need to provide time information to other systems or synchronize itself with an NTP server, disable the NTP client on those systems. Please note that the NTP client is disabled by default in SIMA2
2. In case you must use the NTP server on an SIMA2, choose from the following options to reduce NTP-based risks:
- Allow NTP traffic to/from trusted NTP clients only
- Monitor the network for malicious NTP traffic going to/coming from the SIMA2
- Filter malicious NTP traffic going to/coming from the SIMA2 Monitor NTP server operations on your SIMA2 (server availability, correctness of advertised time, NTP-related log entries, etc.)
3. In case you must use the NTP client on an SIMA2, choose from the following options to reduce NTP-based risks:
- Use trusted NTP servers only
- Allow NTP traffic to/from trusted NTP servers only
- Monitor the network for malicious NTP traffic targeting the SIMA2
- Filter malicious NTP traffic targeting the SIMA2
- Monitor NTP client operations on your SIMA2 (correctness of system time, NTP-related log entries, etc.)
Vendor Fix
Upgrade your SIMA2 to software version 2.6 or above. The NTP service of the SIMA2 Master Station with software version V2.6 and above includes a current, supported version of ntpd.
Buffer overflow in the legacy Datum Programmable Time Server (DPTS) refclock driver in NTP before 4.2.8p10 and 4.3.x before 4.3.94 allows local users to have unspecified impact via a crafted /dev/datum device.
7.8 (High)
Mitigation
1. If your SIMA2 does not need to provide time information to other systems or synchronize itself with an NTP server, disable the NTP client on those systems. Please note that the NTP client is disabled by default in SIMA2
2. In case you must use the NTP server on an SIMA2, choose from the following options to reduce NTP-based risks:
- Allow NTP traffic to/from trusted NTP clients only
- Monitor the network for malicious NTP traffic going to/coming from the SIMA2
- Filter malicious NTP traffic going to/coming from the SIMA2 Monitor NTP server operations on your SIMA2 (server availability, correctness of advertised time, NTP-related log entries, etc.)
3. In case you must use the NTP client on an SIMA2, choose from the following options to reduce NTP-based risks:
- Use trusted NTP servers only
- Allow NTP traffic to/from trusted NTP servers only
- Monitor the network for malicious NTP traffic targeting the SIMA2
- Filter malicious NTP traffic targeting the SIMA2
- Monitor NTP client operations on your SIMA2 (correctness of system time, NTP-related log entries, etc.)
Vendor Fix
Upgrade your SIMA2 to software version 2.6 or above. The NTP service of the SIMA2 Master Station with software version V2.6 and above includes a current, supported version of ntpd.
NTP before 4.2.8p10 and 4.3.x before 4.3.94 allows remote authenticated users to cause a denial of service (daemon crash) via an invalid setting in a :config directive, related to the unpeer option.
6.5 (Medium)
Mitigation
1. If your SIMA2 does not need to provide time information to other systems or synchronize itself with an NTP server, disable the NTP client on those systems. Please note that the NTP client is disabled by default in SIMA2
2. In case you must use the NTP server on an SIMA2, choose from the following options to reduce NTP-based risks:
- Allow NTP traffic to/from trusted NTP clients only
- Monitor the network for malicious NTP traffic going to/coming from the SIMA2
- Filter malicious NTP traffic going to/coming from the SIMA2 Monitor NTP server operations on your SIMA2 (server availability, correctness of advertised time, NTP-related log entries, etc.)
3. In case you must use the NTP client on an SIMA2, choose from the following options to reduce NTP-based risks:
- Use trusted NTP servers only
- Allow NTP traffic to/from trusted NTP servers only
- Monitor the network for malicious NTP traffic targeting the SIMA2
- Filter malicious NTP traffic targeting the SIMA2
- Monitor NTP client operations on your SIMA2 (correctness of system time, NTP-related log entries, etc.)
Vendor Fix
Upgrade your SIMA2 to software version 2.6 or above. The NTP service of the SIMA2 Master Station with software version V2.6 and above includes a current, supported version of ntpd.
NTP before 4.2.8p10 and 4.3.x before 4.3.94 allows remote attackers to cause a denial of service (ntpd crash) via a malformed mode configuration directive.
6.5 (Medium)
Mitigation
1. If your SIMA2 does not need to provide time information to other systems or synchronize itself with an NTP server, disable the NTP client on those systems. Please note that the NTP client is disabled by default in SIMA2
2. In case you must use the NTP server on an SIMA2, choose from the following options to reduce NTP-based risks:
- Allow NTP traffic to/from trusted NTP clients only
- Monitor the network for malicious NTP traffic going to/coming from the SIMA2
- Filter malicious NTP traffic going to/coming from the SIMA2 Monitor NTP server operations on your SIMA2 (server availability, correctness of advertised time, NTP-related log entries, etc.)
3. In case you must use the NTP client on an SIMA2, choose from the following options to reduce NTP-based risks:
- Use trusted NTP servers only
- Allow NTP traffic to/from trusted NTP servers only
- Monitor the network for malicious NTP traffic targeting the SIMA2
- Filter malicious NTP traffic targeting the SIMA2
- Monitor NTP client operations on your SIMA2 (correctness of system time, NTP-related log entries, etc.)
Vendor Fix
Upgrade your SIMA2 to software version 2.6 or above. The NTP service of the SIMA2 Master Station with software version V2.6 and above includes a current, supported version of ntpd.
Stack-based buffer overflow in ntpq and ntpdc of NTP version 4.2.8p11 allows an attacker to achieve code execution or escalate to higher privileges via a long string as the argument for an IPv4 or IPv6 command-line parameter. NOTE: It is unclear whether there are any common situations in which ntpq or ntpdc is used with a command line from an untrusted source.
9.8 (Critical)
Mitigation
1. If your SIMA2 does not need to provide time information to other systems or synchronize itself with an NTP server, disable the NTP client on those systems. Please note that the NTP client is disabled by default in SIMA2
2. In case you must use the NTP server on an SIMA2, choose from the following options to reduce NTP-based risks:
- Allow NTP traffic to/from trusted NTP clients only
- Monitor the network for malicious NTP traffic going to/coming from the SIMA2
- Filter malicious NTP traffic going to/coming from the SIMA2 Monitor NTP server operations on your SIMA2 (server availability, correctness of advertised time, NTP-related log entries, etc.)
3. In case you must use the NTP client on an SIMA2, choose from the following options to reduce NTP-based risks:
- Use trusted NTP servers only
- Allow NTP traffic to/from trusted NTP servers only
- Monitor the network for malicious NTP traffic targeting the SIMA2
- Filter malicious NTP traffic targeting the SIMA2
- Monitor NTP client operations on your SIMA2 (correctness of system time, NTP-related log entries, etc.)
Vendor Fix
Upgrade your SIMA2 to software version 2.6 or above. The NTP service of the SIMA2 Master Station with software version V2.6 and above includes a current, supported version of ntpd.
The ctl_getitem method in ntpd in ntp-4.2.8p6 before 4.2.8p11 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted mode 6 packet with a ntpd instance from 4.2.8p6 through 4.2.8p10.
7.5 (High)
Mitigation
1. If your SIMA2 does not need to provide time information to other systems or synchronize itself with an NTP server, disable the NTP client on those systems. Please note that the NTP client is disabled by default in SIMA2
2. In case you must use the NTP server on an SIMA2, choose from the following options to reduce NTP-based risks:
- Allow NTP traffic to/from trusted NTP clients only
- Monitor the network for malicious NTP traffic going to/coming from the SIMA2
- Filter malicious NTP traffic going to/coming from the SIMA2 Monitor NTP server operations on your SIMA2 (server availability, correctness of advertised time, NTP-related log entries, etc.)
3. In case you must use the NTP client on an SIMA2, choose from the following options to reduce NTP-based risks:
- Use trusted NTP servers only
- Allow NTP traffic to/from trusted NTP servers only
- Monitor the network for malicious NTP traffic targeting the SIMA2
- Filter malicious NTP traffic targeting the SIMA2
- Monitor NTP client operations on your SIMA2 (correctness of system time, NTP-related log entries, etc.)
Vendor Fix
Upgrade your SIMA2 to software version 2.6 or above. The NTP service of the SIMA2 Master Station with software version V2.6 and above includes a current, supported version of ntpd.
Buffer overflow in the decodearr function in ntpq in ntp 4.2.8p6 through 4.2.8p10 allows remote attackers to execute arbitrary code by leveraging an ntpq query and sending a response with a crafted array.
9.8 (Critical)
Mitigation
1. If your SIMA2 does not need to provide time information to other systems or synchronize itself with an NTP server, disable the NTP client on those systems. Please note that the NTP client is disabled by default in SIMA2
2. In case you must use the NTP server on an SIMA2, choose from the following options to reduce NTP-based risks:
- Allow NTP traffic to/from trusted NTP clients only
- Monitor the network for malicious NTP traffic going to/coming from the SIMA2
- Filter malicious NTP traffic going to/coming from the SIMA2 Monitor NTP server operations on your SIMA2 (server availability, correctness of advertised time, NTP-related log entries, etc.)
3. In case you must use the NTP client on an SIMA2, choose from the following options to reduce NTP-based risks:
- Use trusted NTP servers only
- Allow NTP traffic to/from trusted NTP servers only
- Monitor the network for malicious NTP traffic targeting the SIMA2
- Filter malicious NTP traffic targeting the SIMA2
- Monitor NTP client operations on your SIMA2 (correctness of system time, NTP-related log entries, etc.)
Vendor Fix
Upgrade your SIMA2 to software version 2.6 or above. The NTP service of the SIMA2 Master Station with software version V2.6 and above includes a current, supported version of ntpd.
ntpd in ntp 4.2.8p4 before 4.2.8p11 drops bad packets before updating the "received" timestamp, which allows remote attackers to cause a denial of service (disruption) by sending a packet with a zero-origin timestamp causing the association to reset and setting the contents of the packet as the most recent timestamp. This issue is a result of an incomplete fix for CVE-2015-7704.
7.5 (High)
Mitigation
1. If your SIMA2 does not need to provide time information to other systems or synchronize itself with an NTP server, disable the NTP client on those systems. Please note that the NTP client is disabled by default in SIMA2
2. In case you must use the NTP server on an SIMA2, choose from the following options to reduce NTP-based risks:
- Allow NTP traffic to/from trusted NTP clients only
- Monitor the network for malicious NTP traffic going to/coming from the SIMA2
- Filter malicious NTP traffic going to/coming from the SIMA2 Monitor NTP server operations on your SIMA2 (server availability, correctness of advertised time, NTP-related log entries, etc.)
3. In case you must use the NTP client on an SIMA2, choose from the following options to reduce NTP-based risks:
- Use trusted NTP servers only
- Allow NTP traffic to/from trusted NTP servers only
- Monitor the network for malicious NTP traffic targeting the SIMA2
- Filter malicious NTP traffic targeting the SIMA2
- Monitor NTP client operations on your SIMA2 (correctness of system time, NTP-related log entries, etc.)
Vendor Fix
Upgrade your SIMA2 to software version 2.6 or above. The NTP service of the SIMA2 Master Station with software version V2.6 and above includes a current, supported version of ntpd.
The protocol engine in ntp 4.2.6 before 4.2.8p11 allows a remote attackers to cause a denial of service (disruption) by continually sending a packet with a zero-origin timestamp and source IP address of the "other side" of an interleaved association causing the victim ntpd to reset its association.
7.5 (High)
Mitigation
1. If your SIMA2 does not need to provide time information to other systems or synchronize itself with an NTP server, disable the NTP client on those systems. Please note that the NTP client is disabled by default in SIMA2
2. In case you must use the NTP server on an SIMA2, choose from the following options to reduce NTP-based risks:
- Allow NTP traffic to/from trusted NTP clients only
- Monitor the network for malicious NTP traffic going to/coming from the SIMA2
- Filter malicious NTP traffic going to/coming from the SIMA2 Monitor NTP server operations on your SIMA2 (server availability, correctness of advertised time, NTP-related log entries, etc.)
3. In case you must use the NTP client on an SIMA2, choose from the following options to reduce NTP-based risks:
- Use trusted NTP servers only
- Allow NTP traffic to/from trusted NTP servers only
- Monitor the network for malicious NTP traffic targeting the SIMA2
- Filter malicious NTP traffic targeting the SIMA2
- Monitor NTP client operations on your SIMA2 (correctness of system time, NTP-related log entries, etc.)
Vendor Fix
Upgrade your SIMA2 to software version 2.6 or above. The NTP service of the SIMA2 Master Station with software version V2.6 and above includes a current, supported version of ntpd.
ntpd in ntp 4.2.8p10, 4.2.8p11, 4.2.8p12 and 4.2.8p13 allow remote attackers to prevent a broadcast client from synchronizing its clock with a broadcast NTP server via soofed mode 3 and mode 5 packets. The attacker must either be a part of the same broadcast network or control a slave in that broadcast network that can capture certain required packets on the attacker's behalf and send them to the attacker.
5.3 (Medium)
Mitigation
1. If your SIMA2 does not need to provide time information to other systems or synchronize itself with an NTP server, disable the NTP client on those systems. Please note that the NTP client is disabled by default in SIMA2
2. In case you must use the NTP server on an SIMA2, choose from the following options to reduce NTP-based risks:
- Allow NTP traffic to/from trusted NTP clients only
- Monitor the network for malicious NTP traffic going to/coming from the SIMA2
- Filter malicious NTP traffic going to/coming from the SIMA2 Monitor NTP server operations on your SIMA2 (server availability, correctness of advertised time, NTP-related log entries, etc.)
3. In case you must use the NTP client on an SIMA2, choose from the following options to reduce NTP-based risks:
- Use trusted NTP servers only
- Allow NTP traffic to/from trusted NTP servers only
- Monitor the network for malicious NTP traffic targeting the SIMA2
- Filter malicious NTP traffic targeting the SIMA2
- Monitor NTP client operations on your SIMA2 (correctness of system time, NTP-related log entries, etc.)
Vendor Fix
Upgrade your SIMA2 to software version 2.6 or above. The NTP service of the SIMA2 Master Station with software version V2.6 and above includes a current, supported version of ntpd.
NTP through 4.2.8p12 has a NULL Pointer Dereference.
7.5 (High)
Mitigation
1. If your SIMA2 does not need to provide time information to other systems or synchronize itself with an NTP server, disable the NTP client on those systems. Please note that the NTP client is disabled by default in SIMA2
2. In case you must use the NTP server on an SIMA2, choose from the following options to reduce NTP-based risks:
- Allow NTP traffic to/from trusted NTP clients only
- Monitor the network for malicious NTP traffic going to/coming from the SIMA2
- Filter malicious NTP traffic going to/coming from the SIMA2 Monitor NTP server operations on your SIMA2 (server availability, correctness of advertised time, NTP-related log entries, etc.)
3. In case you must use the NTP client on an SIMA2, choose from the following options to reduce NTP-based risks:
- Use trusted NTP servers only
- Allow NTP traffic to/from trusted NTP servers only
- Monitor the network for malicious NTP traffic targeting the SIMA2
- Filter malicious NTP traffic targeting the SIMA2
- Monitor NTP client operations on your SIMA2 (correctness of system time, NTP-related log entries, etc.)
Vendor Fix
Upgrade your SIMA2 to software version 2.6 or above. The NTP service of the SIMA2 Master Station with software version V2.6 and above includes a current, supported version of ntpd.
ntpd in ntp before 4.2.8p14 and 4.3.x before 4.3.100 allows an off-path attacker to block unauthenticated synchronization via a server mode packet with a spoofed source IP address, because transmissions are rescheduled even when a packet lacks a valid origin timestamp.
7.5 (High)
Mitigation
1. If your SIMA2 does not need to provide time information to other systems or synchronize itself with an NTP server, disable the NTP client on those systems. Please note that the NTP client is disabled by default in SIMA2
2. In case you must use the NTP server on an SIMA2, choose from the following options to reduce NTP-based risks:
- Allow NTP traffic to/from trusted NTP clients only
- Monitor the network for malicious NTP traffic going to/coming from the SIMA2
- Filter malicious NTP traffic going to/coming from the SIMA2 Monitor NTP server operations on your SIMA2 (server availability, correctness of advertised time, NTP-related log entries, etc.)
3. In case you must use the NTP client on an SIMA2, choose from the following options to reduce NTP-based risks:
- Use trusted NTP servers only
- Allow NTP traffic to/from trusted NTP servers only
- Monitor the network for malicious NTP traffic targeting the SIMA2
- Filter malicious NTP traffic targeting the SIMA2
- Monitor NTP client operations on your SIMA2 (correctness of system time, NTP-related log entries, etc.)
Vendor Fix
Upgrade your SIMA2 to software version 2.6 or above. The NTP service of the SIMA2 Master Station with software version V2.6 and above includes a current, supported version of ntpd.
ntpd in ntp before 4.2.8p14 and 4.3.x before 4.3.100 allows remote attackers to cause a denial of service (daemon exit or system time change) by predicting transmit timestamps for use in spoofed packets. The victim must be relying on unauthenticated IPv4 time sources. There must be an off-path attacker who can query time from the victim's ntpd instance.
7.4 (High)
Mitigation
1. If your SIMA2 does not need to provide time information to other systems or synchronize itself with an NTP server, disable the NTP client on those systems. Please note that the NTP client is disabled by default in SIMA2
2. In case you must use the NTP server on an SIMA2, choose from the following options to reduce NTP-based risks:
- Allow NTP traffic to/from trusted NTP clients only
- Monitor the network for malicious NTP traffic going to/coming from the SIMA2
- Filter malicious NTP traffic going to/coming from the SIMA2 Monitor NTP server operations on your SIMA2 (server availability, correctness of advertised time, NTP-related log entries, etc.)
3. In case you must use the NTP client on an SIMA2, choose from the following options to reduce NTP-based risks:
- Use trusted NTP servers only
- Allow NTP traffic to/from trusted NTP servers only
- Monitor the network for malicious NTP traffic targeting the SIMA2
- Filter malicious NTP traffic targeting the SIMA2
- Monitor NTP client operations on your SIMA2 (correctness of system time, NTP-related log entries, etc.)
Vendor Fix
Upgrade your SIMA2 to software version 2.6 or above. The NTP service of the SIMA2 Master Station with software version V2.6 and above includes a current, supported version of ntpd.
ntpd in ntp 4.2.8 before 4.2.8p15 and 4.3.x before 4.3.101 allows remote attackers to cause a denial of service (memory consumption) by sending packets, because memory is not freed in situations where a CMAC key is used and associated with a CMAC algorithm in the ntp.keys file.
4.9 (Medium)
Mitigation
1. If your SIMA2 does not need to provide time information to other systems or synchronize itself with an NTP server, disable the NTP client on those systems. Please note that the NTP client is disabled by default in SIMA2
2. In case you must use the NTP server on an SIMA2, choose from the following options to reduce NTP-based risks:
- Allow NTP traffic to/from trusted NTP clients only
- Monitor the network for malicious NTP traffic going to/coming from the SIMA2
- Filter malicious NTP traffic going to/coming from the SIMA2 Monitor NTP server operations on your SIMA2 (server availability, correctness of advertised time, NTP-related log entries, etc.)
3. In case you must use the NTP client on an SIMA2, choose from the following options to reduce NTP-based risks:
- Use trusted NTP servers only
- Allow NTP traffic to/from trusted NTP servers only
- Monitor the network for malicious NTP traffic targeting the SIMA2
- Filter malicious NTP traffic targeting the SIMA2
- Monitor NTP client operations on your SIMA2 (correctness of system time, NTP-related log entries, etc.)
Vendor Fix
Upgrade your SIMA2 to software version 2.6 or above. The NTP service of the SIMA2 Master Station with software version V2.6 and above includes a current, supported version of ntpd.
Memory leak in the CRYPTO_ASSOC function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (memory consumption).
7.5 (High)
Mitigation
1. If your SIMA2 does not need to provide time information to other systems or synchronize itself with an NTP server, disable the NTP client on those systems. Please note that the NTP client is disabled by default in SIMA2
2. In case you must use the NTP server on an SIMA2, choose from the following options to reduce NTP-based risks:
- Allow NTP traffic to/from trusted NTP clients only
- Monitor the network for malicious NTP traffic going to/coming from the SIMA2
- Filter malicious NTP traffic going to/coming from the SIMA2 Monitor NTP server operations on your SIMA2 (server availability, correctness of advertised time, NTP-related log entries, etc.)
3. In case you must use the NTP client on an SIMA2, choose from the following options to reduce NTP-based risks:
- Use trusted NTP servers only
- Allow NTP traffic to/from trusted NTP servers only
- Monitor the network for malicious NTP traffic targeting the SIMA2
- Filter malicious NTP traffic targeting the SIMA2
- Monitor NTP client operations on your SIMA2 (correctness of system time, NTP-related log entries, etc.)
Vendor Fix
Upgrade your SIMA2 to software version 2.6 or above. The NTP service of the SIMA2 Master Station with software version V2.6 and above includes a current, supported version of ntpd.
The panic_gate check in NTP before 4.2.8p5 is only re-enabled after the first change to the system clock that was greater than 128 milliseconds by default, which allows remote attackers to set NTP to an arbitrary time when started with the -g option, or to alter the time by up to 900 seconds otherwise by responding to an unspecified number of requests from trusted sources, and leveraging a resulting denial of service (abort and restart).
7.5 (High)
Mitigation
1. If your SIMA2 does not need to provide time information to other systems or synchronize itself with an NTP server, disable the NTP client on those systems. Please note that the NTP client is disabled by default in SIMA2
2. In case you must use the NTP server on an SIMA2, choose from the following options to reduce NTP-based risks:
- Allow NTP traffic to/from trusted NTP clients only
- Monitor the network for malicious NTP traffic going to/coming from the SIMA2
- Filter malicious NTP traffic going to/coming from the SIMA2 Monitor NTP server operations on your SIMA2 (server availability, correctness of advertised time, NTP-related log entries, etc.)
3. In case you must use the NTP client on an SIMA2, choose from the following options to reduce NTP-based risks:
- Use trusted NTP servers only
- Allow NTP traffic to/from trusted NTP servers only
- Monitor the network for malicious NTP traffic targeting the SIMA2
- Filter malicious NTP traffic targeting the SIMA2
- Monitor NTP client operations on your SIMA2 (correctness of system time, NTP-related log entries, etc.)
Vendor Fix
Upgrade your SIMA2 to software version 2.6 or above. The NTP service of the SIMA2 Master Station with software version V2.6 and above includes a current, supported version of ntpd.
The datalen parameter in the refclock driver in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to execute arbitrary code or cause a denial of service (crash) via a negative input value.
9.8 (Critical)
Mitigation
1. If your SIMA2 does not need to provide time information to other systems or synchronize itself with an NTP server, disable the NTP client on those systems. Please note that the NTP client is disabled by default in SIMA2
2. In case you must use the NTP server on an SIMA2, choose from the following options to reduce NTP-based risks:
- Allow NTP traffic to/from trusted NTP clients only
- Monitor the network for malicious NTP traffic going to/coming from the SIMA2
- Filter malicious NTP traffic going to/coming from the SIMA2 Monitor NTP server operations on your SIMA2 (server availability, correctness of advertised time, NTP-related log entries, etc.)
3. In case you must use the NTP client on an SIMA2, choose from the following options to reduce NTP-based risks:
- Use trusted NTP servers only
- Allow NTP traffic to/from trusted NTP servers only
- Monitor the network for malicious NTP traffic targeting the SIMA2
- Filter malicious NTP traffic targeting the SIMA2
- Monitor NTP client operations on your SIMA2 (correctness of system time, NTP-related log entries, etc.)
Vendor Fix
Upgrade your SIMA2 to software version 2.6 or above. The NTP service of the SIMA2 Master Station with software version V2.6 and above includes a current, supported version of ntpd.
The rate limiting feature in NTP 4.x before 4.2.8p4 and 4.3.x before 4.3.77 allows remote attackers to have unspecified impact via a large number of crafted requests.
9.8 (Critical)
Mitigation
1. If your SIMA2 does not need to provide time information to other systems or synchronize itself with an NTP server, disable the NTP client on those systems. Please note that the NTP client is disabled by default in SIMA2
2. In case you must use the NTP server on an SIMA2, choose from the following options to reduce NTP-based risks:
- Allow NTP traffic to/from trusted NTP clients only
- Monitor the network for malicious NTP traffic going to/coming from the SIMA2
- Filter malicious NTP traffic going to/coming from the SIMA2 Monitor NTP server operations on your SIMA2 (server availability, correctness of advertised time, NTP-related log entries, etc.)
3. In case you must use the NTP client on an SIMA2, choose from the following options to reduce NTP-based risks:
- Use trusted NTP servers only
- Allow NTP traffic to/from trusted NTP servers only
- Monitor the network for malicious NTP traffic targeting the SIMA2
- Filter malicious NTP traffic targeting the SIMA2
- Monitor NTP client operations on your SIMA2 (correctness of system time, NTP-related log entries, etc.)
Vendor Fix
Upgrade your SIMA2 to software version 2.6 or above. The NTP service of the SIMA2 Master Station with software version V2.6 and above includes a current, supported version of ntpd.
The "pidfile" or "driftfile" directives in NTP ntpd 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77, when ntpd is configured to allow remote configuration, allows remote attackers with an IP address that is allowed to send configuration requests, and with knowledge of the remote configuration password to write to arbitrary files via the :config command.
7.5 (High)
Mitigation
1. If your SIMA2 does not need to provide time information to other systems or synchronize itself with an NTP server, disable the NTP client on those systems. Please note that the NTP client is disabled by default in SIMA2
2. In case you must use the NTP server on an SIMA2, choose from the following options to reduce NTP-based risks:
- Allow NTP traffic to/from trusted NTP clients only
- Monitor the network for malicious NTP traffic going to/coming from the SIMA2
- Filter malicious NTP traffic going to/coming from the SIMA2 Monitor NTP server operations on your SIMA2 (server availability, correctness of advertised time, NTP-related log entries, etc.)
3. In case you must use the NTP client on an SIMA2, choose from the following options to reduce NTP-based risks:
- Use trusted NTP servers only
- Allow NTP traffic to/from trusted NTP servers only
- Monitor the network for malicious NTP traffic targeting the SIMA2
- Filter malicious NTP traffic targeting the SIMA2
- Monitor NTP client operations on your SIMA2 (correctness of system time, NTP-related log entries, etc.)
Vendor Fix
Upgrade your SIMA2 to software version 2.6 or above. The NTP service of the SIMA2 Master Station with software version V2.6 and above includes a current, supported version of ntpd.
NTP before 4.2.8p9 changes the peer structure to the interface it receives the response from a source, which allows remote attackers to cause a denial of service (prevent communication with a source) by sending a response for a source to an interface the source does not use.
Mitigation
1. If your SIMA2 does not need to provide time information to other systems or synchronize itself with an NTP server, disable the NTP client on those systems. Please note that the NTP client is disabled by default in SIMA2
2. In case you must use the NTP server on an SIMA2, choose from the following options to reduce NTP-based risks:
- Allow NTP traffic to/from trusted NTP clients only
- Monitor the network for malicious NTP traffic going to/coming from the SIMA2
- Filter malicious NTP traffic going to/coming from the SIMA2 Monitor NTP server operations on your SIMA2 (server availability, correctness of advertised time, NTP-related log entries, etc.)
3. In case you must use the NTP client on an SIMA2, choose from the following options to reduce NTP-based risks:
- Use trusted NTP servers only
- Allow NTP traffic to/from trusted NTP servers only
- Monitor the network for malicious NTP traffic targeting the SIMA2
- Filter malicious NTP traffic targeting the SIMA2
- Monitor NTP client operations on your SIMA2 (correctness of system time, NTP-related log entries, etc.)
Vendor Fix
Upgrade your SIMA2 to software version 2.6 or above. The NTP service of the SIMA2 Master Station with software version V2.6 and above includes a current, supported version of ntpd.
ntpd in NTP before 4.2.8p9 allows remote attackers to cause a denial of service (reject broadcast mode packets) via the poll interval in a broadcast packet.
4.3 (Medium)
Mitigation
1. If your SIMA2 does not need to provide time information to other systems or synchronize itself with an NTP server, disable the NTP client on those systems. Please note that the NTP client is disabled by default in SIMA2
2. In case you must use the NTP server on an SIMA2, choose from the following options to reduce NTP-based risks:
- Allow NTP traffic to/from trusted NTP clients only
- Monitor the network for malicious NTP traffic going to/coming from the SIMA2
- Filter malicious NTP traffic going to/coming from the SIMA2 Monitor NTP server operations on your SIMA2 (server availability, correctness of advertised time, NTP-related log entries, etc.)
3. In case you must use the NTP client on an SIMA2, choose from the following options to reduce NTP-based risks:
- Use trusted NTP servers only
- Allow NTP traffic to/from trusted NTP servers only
- Monitor the network for malicious NTP traffic targeting the SIMA2
- Filter malicious NTP traffic targeting the SIMA2
- Monitor NTP client operations on your SIMA2 (correctness of system time, NTP-related log entries, etc.)
Vendor Fix
Upgrade your SIMA2 to software version 2.6 or above. The NTP service of the SIMA2 Master Station with software version V2.6 and above includes a current, supported version of ntpd.
NTP before 4.2.8p9 rate limits responses received from the configured sources when rate limiting for all associations is enabled, which allows remote attackers to cause a denial of service (prevent responses from the sources) by sending responses with a spoofed source address.
7.5 (High)
Mitigation
1. If your SIMA2 does not need to provide time information to other systems or synchronize itself with an NTP server, disable the NTP client on those systems. Please note that the NTP client is disabled by default in SIMA2
2. In case you must use the NTP server on an SIMA2, choose from the following options to reduce NTP-based risks:
- Allow NTP traffic to/from trusted NTP clients only
- Monitor the network for malicious NTP traffic going to/coming from the SIMA2
- Filter malicious NTP traffic going to/coming from the SIMA2 Monitor NTP server operations on your SIMA2 (server availability, correctness of advertised time, NTP-related log entries, etc.)
3. In case you must use the NTP client on an SIMA2, choose from the following options to reduce NTP-based risks:
- Use trusted NTP servers only
- Allow NTP traffic to/from trusted NTP servers only
- Monitor the network for malicious NTP traffic targeting the SIMA2
- Filter malicious NTP traffic targeting the SIMA2
- Monitor NTP client operations on your SIMA2 (correctness of system time, NTP-related log entries, etc.)
Vendor Fix
Upgrade your SIMA2 to software version 2.6 or above. The NTP service of the SIMA2 Master Station with software version V2.6 and above includes a current, supported version of ntpd.
ntpd in NTP before 4.2.8p8 allows remote attackers to cause a denial of service (daemon crash) via a crypto-NAK packet. NOTE: this vulnerability exists because of an incorrect fix for CVE-2016-1547.
7.5 (High)
Mitigation
1. If your SIMA2 does not need to provide time information to other systems or synchronize itself with an NTP server, disable the NTP client on those systems. Please note that the NTP client is disabled by default in SIMA2
2. In case you must use the NTP server on an SIMA2, choose from the following options to reduce NTP-based risks:
- Allow NTP traffic to/from trusted NTP clients only
- Monitor the network for malicious NTP traffic going to/coming from the SIMA2
- Filter malicious NTP traffic going to/coming from the SIMA2 Monitor NTP server operations on your SIMA2 (server availability, correctness of advertised time, NTP-related log entries, etc.)
3. In case you must use the NTP client on an SIMA2, choose from the following options to reduce NTP-based risks:
- Use trusted NTP servers only
- Allow NTP traffic to/from trusted NTP servers only
- Monitor the network for malicious NTP traffic targeting the SIMA2
- Filter malicious NTP traffic targeting the SIMA2
- Monitor NTP client operations on your SIMA2 (correctness of system time, NTP-related log entries, etc.)
Vendor Fix
Upgrade your SIMA2 to software version 2.6 or above. The NTP service of the SIMA2 Master Station with software version V2.6 and above includes a current, supported version of ntpd.
ntpd in NTP 4.x before 4.2.8p8 allows remote attackers to cause a denial of service (interleaved-mode transition and time change) via a spoofed broadcast packet. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-1548.
5.3 (Medium)
Mitigation
1. If your SIMA2 does not need to provide time information to other systems or synchronize itself with an NTP server, disable the NTP client on those systems. Please note that the NTP client is disabled by default in SIMA2
2. In case you must use the NTP server on an SIMA2, choose from the following options to reduce NTP-based risks:
- Allow NTP traffic to/from trusted NTP clients only
- Monitor the network for malicious NTP traffic going to/coming from the SIMA2
- Filter malicious NTP traffic going to/coming from the SIMA2 Monitor NTP server operations on your SIMA2 (server availability, correctness of advertised time, NTP-related log entries, etc.)
3. In case you must use the NTP client on an SIMA2, choose from the following options to reduce NTP-based risks:
- Use trusted NTP servers only
- Allow NTP traffic to/from trusted NTP servers only
- Monitor the network for malicious NTP traffic targeting the SIMA2
- Filter malicious NTP traffic targeting the SIMA2
- Monitor NTP client operations on your SIMA2 (correctness of system time, NTP-related log entries, etc.)
Vendor Fix
Upgrade your SIMA2 to software version 2.6 or above. The NTP service of the SIMA2 Master Station with software version V2.6 and above includes a current, supported version of ntpd.
ntpd in NTP before 4.2.8p7 and 4.3.x before 4.3.92 allows remote attackers to cause a denial of service (ntpd abort) by a large request data value, which triggers the ctl_getitem function to return a NULL value.
5.9 (Medium)
Mitigation
1. If your SIMA2 does not need to provide time information to other systems or synchronize itself with an NTP server, disable the NTP client on those systems. Please note that the NTP client is disabled by default in SIMA2
2. In case you must use the NTP server on an SIMA2, choose from the following options to reduce NTP-based risks:
- Allow NTP traffic to/from trusted NTP clients only
- Monitor the network for malicious NTP traffic going to/coming from the SIMA2
- Filter malicious NTP traffic going to/coming from the SIMA2 Monitor NTP server operations on your SIMA2 (server availability, correctness of advertised time, NTP-related log entries, etc.)
3. In case you must use the NTP client on an SIMA2, choose from the following options to reduce NTP-based risks:
- Use trusted NTP servers only
- Allow NTP traffic to/from trusted NTP servers only
- Monitor the network for malicious NTP traffic targeting the SIMA2
- Filter malicious NTP traffic targeting the SIMA2
- Monitor NTP client operations on your SIMA2 (correctness of system time, NTP-related log entries, etc.)
Vendor Fix
Upgrade your SIMA2 to software version 2.6 or above. The NTP service of the SIMA2 Master Station with software version V2.6 and above includes a current, supported version of ntpd.
NTP before 4.2.8p7 and 4.3.x before 4.3.92, when mode7 is enabled, allows remote attackers to cause a denial of service (ntpd abort) by using the same IP address multiple times in an unconfig directive.
5.3 (Medium)
Mitigation
1. If your SIMA2 does not need to provide time information to other systems or synchronize itself with an NTP server, disable the NTP client on those systems. Please note that the NTP client is disabled by default in SIMA2
2. In case you must use the NTP server on an SIMA2, choose from the following options to reduce NTP-based risks:
- Allow NTP traffic to/from trusted NTP clients only
- Monitor the network for malicious NTP traffic going to/coming from the SIMA2
- Filter malicious NTP traffic going to/coming from the SIMA2 Monitor NTP server operations on your SIMA2 (server availability, correctness of advertised time, NTP-related log entries, etc.)
3. In case you must use the NTP client on an SIMA2, choose from the following options to reduce NTP-based risks:
- Use trusted NTP servers only
- Allow NTP traffic to/from trusted NTP servers only
- Monitor the network for malicious NTP traffic targeting the SIMA2
- Filter malicious NTP traffic targeting the SIMA2
- Monitor NTP client operations on your SIMA2 (correctness of system time, NTP-related log entries, etc.)
Vendor Fix
Upgrade your SIMA2 to software version 2.6 or above. The NTP service of the SIMA2 Master Station with software version V2.6 and above includes a current, supported version of ntpd.
ntpd in NTP 4.2.8p3 and NTPsec a5fb34b9cc89b92a8fef2f459004865c93bb7f92 relies on the underlying operating system to protect it from requests that impersonate reference clocks. Because reference clocks are treated like other peers and stored in the same structure, any packet with a source ip address of a reference clock (127.127.1.1 for example) that reaches the receive() function will match that reference clock's peer record and will be treated as a trusted peer. Any system that lacks the typical martian packet filtering which would block these packets is in danger of having its time controlled by an attacker.
Mitigation
1. If your SIMA2 does not need to provide time information to other systems or synchronize itself with an NTP server, disable the NTP client on those systems. Please note that the NTP client is disabled by default in SIMA2
2. In case you must use the NTP server on an SIMA2, choose from the following options to reduce NTP-based risks:
- Allow NTP traffic to/from trusted NTP clients only
- Monitor the network for malicious NTP traffic going to/coming from the SIMA2
- Filter malicious NTP traffic going to/coming from the SIMA2 Monitor NTP server operations on your SIMA2 (server availability, correctness of advertised time, NTP-related log entries, etc.)
3. In case you must use the NTP client on an SIMA2, choose from the following options to reduce NTP-based risks:
- Use trusted NTP servers only
- Allow NTP traffic to/from trusted NTP servers only
- Monitor the network for malicious NTP traffic targeting the SIMA2
- Filter malicious NTP traffic targeting the SIMA2
- Monitor NTP client operations on your SIMA2 (correctness of system time, NTP-related log entries, etc.)
Vendor Fix
Upgrade your SIMA2 to software version 2.6 or above. The NTP service of the SIMA2 Master Station with software version V2.6 and above includes a current, supported version of ntpd.
A malicious authenticated peer can create arbitrarily-many ephemeral associations in order to win the clock selection algorithm in ntpd in NTP 4.2.8p4 and earlier and NTPsec 3e160db8dc248a0bcb053b56a80167dc742d2b74 and a5fb34b9cc89b92a8fef2f459004865c93bb7f92 and modify a victim's clock.
6.5 (Medium)
Mitigation
1. If your SIMA2 does not need to provide time information to other systems or synchronize itself with an NTP server, disable the NTP client on those systems. Please note that the NTP client is disabled by default in SIMA2
2. In case you must use the NTP server on an SIMA2, choose from the following options to reduce NTP-based risks:
- Allow NTP traffic to/from trusted NTP clients only
- Monitor the network for malicious NTP traffic going to/coming from the SIMA2
- Filter malicious NTP traffic going to/coming from the SIMA2 Monitor NTP server operations on your SIMA2 (server availability, correctness of advertised time, NTP-related log entries, etc.)
3. In case you must use the NTP client on an SIMA2, choose from the following options to reduce NTP-based risks:
- Use trusted NTP servers only
- Allow NTP traffic to/from trusted NTP servers only
- Monitor the network for malicious NTP traffic targeting the SIMA2
- Filter malicious NTP traffic targeting the SIMA2
- Monitor NTP client operations on your SIMA2 (correctness of system time, NTP-related log entries, etc.)
Vendor Fix
Upgrade your SIMA2 to software version 2.6 or above. The NTP service of the SIMA2 Master Station with software version V2.6 and above includes a current, supported version of ntpd.
An attacker can spoof a packet from a legitimate ntpd server with an origin timestamp that matches the peer->dst timestamp recorded for that server. After making this switch, the client in NTP 4.2.8p4 and earlier and NTPSec aa48d001683e5b791a743ec9c575aaf7d867a2b0c will reject all future legitimate server responses. It is possible to force the victim client to move time after the mode has been changed. ntpq gives no indication that the mode has been switched.
7.2 (High)
Mitigation
1. If your SIMA2 does not need to provide time information to other systems or synchronize itself with an NTP server, disable the NTP client on those systems. Please note that the NTP client is disabled by default in SIMA2
2. In case you must use the NTP server on an SIMA2, choose from the following options to reduce NTP-based risks:
- Allow NTP traffic to/from trusted NTP clients only
- Monitor the network for malicious NTP traffic going to/coming from the SIMA2
- Filter malicious NTP traffic going to/coming from the SIMA2 Monitor NTP server operations on your SIMA2 (server availability, correctness of advertised time, NTP-related log entries, etc.)
3. In case you must use the NTP client on an SIMA2, choose from the following options to reduce NTP-based risks:
- Use trusted NTP servers only
- Allow NTP traffic to/from trusted NTP servers only
- Monitor the network for malicious NTP traffic targeting the SIMA2
- Filter malicious NTP traffic targeting the SIMA2
- Monitor NTP client operations on your SIMA2 (correctness of system time, NTP-related log entries, etc.)
Vendor Fix
Upgrade your SIMA2 to software version 2.6 or above. The NTP service of the SIMA2 Master Station with software version V2.6 and above includes a current, supported version of ntpd.
References
Acknowledgments
CERT@VDE
certvde.com
{
"document": {
"acknowledgments": [
{
"organization": "CERT@VDE",
"summary": "coordination",
"urls": [
"https://certvde.com"
]
}
],
"category": "csaf_security_advisory",
"csaf_version": "2.0",
"distribution": {
"tlp": {
"label": "WHITE",
"url": "https://www.first.org/tlp/"
}
},
"lang": "en-GB",
"notes": [
{
"category": "summary",
"text": "The SIMA2 Master Station features an NTP service based on ntpd, a reference implementation of the Network Time Protocol (NTP). Affected SIMA2 Master Stations with software version \u003c V2.6 include an outdated version of ntpd which is affected by a large number of vulnerabilities",
"title": "Summary"
},
{
"category": "description",
"text": "1. If your SIMA2 does not need to provide time information to other systems or synchronize itself with an NTP server, disable the NTP client on those systems. Please note that the NTP client is disabled by default in SIMA2\n\n\n2. In case you must use the NTP server on an SIMA2, choose from the following options to reduce NTP-based risks:\n\n- Allow NTP traffic to/from trusted NTP clients only\n\n- Monitor the network for malicious NTP traffic going to/coming from the SIMA2\n\n- Filter malicious NTP traffic going to/coming from the SIMA2 Monitor NTP server operations on your SIMA2 (server availability, correctness of advertised time, NTP-related log entries, etc.)\n\n\n3. In case you must use the NTP client on an SIMA2, choose from the following options to reduce NTP-based risks:\n\n- Use trusted NTP servers only\n\n- Allow NTP traffic to/from trusted NTP servers only\n\n- Monitor the network for malicious NTP traffic targeting the SIMA2\n\n- Filter malicious NTP traffic targeting the SIMA2\n\n- Monitor NTP client operations on your SIMA2 (correctness of system time, NTP-related log entries, etc.)",
"title": "Mitigation"
},
{
"category": "description",
"text": "Upgrade your\u00a0SIMA2 to software version 2.6 or above. The NTP service of the\u00a0SIMA2 Master Station with software version V2.6 and above includes a current, supported version of ntpd.",
"title": "Remediation"
}
],
"publisher": {
"category": "vendor",
"contact_details": "psirt@auma.com",
"name": "AUMA Riester GmbH \u0026 Co. KG",
"namespace": "https://auma.com"
},
"references": [
{
"category": "self",
"summary": "VDE-2022-032: AUMA: Multiple Vulnerabilities in Automation Runtime NTP Service - HTML",
"url": "https://certvde.com/en/advisories/VDE-2022-032/"
},
{
"category": "self",
"summary": "VDE-2022-032: AUMA: Multiple Vulnerabilities in Automation Runtime NTP Service - CSAF",
"url": "https://auma.csaf-tp.certvde.com/.well-known/csaf/white/2022/vde-2022-032.json"
},
{
"category": "external",
"summary": "AUMA PSIRT",
"url": "https://www.auma.com/en_GB/service/psirt"
},
{
"category": "external",
"summary": "CERT@VDE Security Advisories for AUMA Riester GmbH \u0026 Co. KG",
"url": "https://certvde.com/en/advisories/vendor/auma/"
}
],
"title": "AUMA: Multiple Vulnerabilities in Automation Runtime NTP Service",
"tracking": {
"aliases": [
"VDE-2022-032"
],
"current_release_date": "2022-08-09T08:00:00.000Z",
"generator": {
"date": "2025-05-05T07:36:58.640Z",
"engine": {
"name": "Secvisogram",
"version": "2.5.24"
}
},
"id": "VDE-2022-032",
"initial_release_date": "2022-08-09T08:00:00.000Z",
"revision_history": [
{
"date": "2022-08-09T08:00:00.000Z",
"number": "1",
"summary": "Initial revision."
}
],
"status": "final",
"version": "1"
}
},
"product_tree": {
"branches": [
{
"branches": [
{
"branches": [
{
"branches": [
{
"category": "product_version_range",
"name": "\u003cV2.6",
"product": {
"name": "SIMA\u00b2 Master Station \u003c V2.6",
"product_id": "CSAFPID-51001"
}
},
{
"category": "product_version",
"name": "V2.6",
"product": {
"name": "SIMA\u00b2 Master Station V2.6",
"product_id": "CSAFPID-52001"
}
}
],
"category": "product_name",
"name": "SIMA\u00b2 Master Station"
}
],
"category": "product_family",
"name": "Software"
}
],
"category": "vendor",
"name": "AUMA"
}
]
},
"vulnerabilities": [
{
"cve": "CVE-2009-3563",
"notes": [
{
"category": "description",
"text": "ntp_request.c in ntpd in NTP before 4.2.4p8, and 4.2.5, allows remote attackers to cause a denial of service (CPU and bandwidth consumption) by using MODE_PRIVATE to send a spoofed (1) request or (2) response packet that triggers a continuous exchange of MODE_PRIVATE error responses between two NTP daemons.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-52001"
],
"known_affected": [
"CSAFPID-51001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "1. If your SIMA2 does not need to provide time information to other systems or synchronize itself with an NTP server, disable the NTP client on those systems. Please note that the NTP client is disabled by default in SIMA2\n\n\n2. In case you must use the NTP server on an SIMA2, choose from the following options to reduce NTP-based risks:\n\n- Allow NTP traffic to/from trusted NTP clients only\n\n- Monitor the network for malicious NTP traffic going to/coming from the SIMA2\n\n- Filter malicious NTP traffic going to/coming from the SIMA2 Monitor NTP server operations on your SIMA2 (server availability, correctness of advertised time, NTP-related log entries, etc.)\n\n\n3. In case you must use the NTP client on an SIMA2, choose from the following options to reduce NTP-based risks:\n\n- Use trusted NTP servers only\n\n- Allow NTP traffic to/from trusted NTP servers only\n\n- Monitor the network for malicious NTP traffic targeting the SIMA2\n\n- Filter malicious NTP traffic targeting the SIMA2\n\n- Monitor NTP client operations on your SIMA2 (correctness of system time, NTP-related log entries, etc.)",
"product_ids": [
"CSAFPID-51001"
]
},
{
"category": "vendor_fix",
"details": "Upgrade your\u00a0SIMA2 to software version 2.6 or above. The NTP service of the\u00a0SIMA2 Master Station with software version V2.6 and above includes a current, supported version of ntpd.",
"product_ids": [
"CSAFPID-51001"
]
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 6.4,
"confidentialityImpact": "NONE",
"environmentalScore": 6.4,
"integrityImpact": "PARTIAL",
"temporalScore": 6.4,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P",
"version": "2.0"
},
"products": [
"CSAFPID-51001"
]
}
],
"title": "CVE-2009-3563"
},
{
"cve": "CVE-2013-5211",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "The monlist feature in ntp_request.c in ntpd in NTP before 4.2.7p26 allows remote attackers to cause a denial of service (traffic amplification) via forged (1) REQ_MON_GETLIST or (2) REQ_MON_GETLIST_1 requests, as exploited in the wild in December 2013.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-52001"
],
"known_affected": [
"CSAFPID-51001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "1. If your SIMA2 does not need to provide time information to other systems or synchronize itself with an NTP server, disable the NTP client on those systems. Please note that the NTP client is disabled by default in SIMA2\n\n\n2. In case you must use the NTP server on an SIMA2, choose from the following options to reduce NTP-based risks:\n\n- Allow NTP traffic to/from trusted NTP clients only\n\n- Monitor the network for malicious NTP traffic going to/coming from the SIMA2\n\n- Filter malicious NTP traffic going to/coming from the SIMA2 Monitor NTP server operations on your SIMA2 (server availability, correctness of advertised time, NTP-related log entries, etc.)\n\n\n3. In case you must use the NTP client on an SIMA2, choose from the following options to reduce NTP-based risks:\n\n- Use trusted NTP servers only\n\n- Allow NTP traffic to/from trusted NTP servers only\n\n- Monitor the network for malicious NTP traffic targeting the SIMA2\n\n- Filter malicious NTP traffic targeting the SIMA2\n\n- Monitor NTP client operations on your SIMA2 (correctness of system time, NTP-related log entries, etc.)",
"product_ids": [
"CSAFPID-51001"
]
},
{
"category": "vendor_fix",
"details": "Upgrade your\u00a0SIMA2 to software version 2.6 or above. The NTP service of the\u00a0SIMA2 Master Station with software version V2.6 and above includes a current, supported version of ntpd.",
"product_ids": [
"CSAFPID-51001"
]
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5,
"confidentialityImpact": "NONE",
"environmentalScore": 5,
"integrityImpact": "NONE",
"temporalScore": 5,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"products": [
"CSAFPID-51001"
]
}
],
"title": "CVE-2013-5211"
},
{
"cve": "CVE-2014-9293",
"notes": [
{
"category": "description",
"text": "The config_auth function in ntpd in NTP before 4.2.7p11, when an auth key is not configured, improperly generates a key, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via a brute-force attack.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-52001"
],
"known_affected": [
"CSAFPID-51001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "1. If your SIMA2 does not need to provide time information to other systems or synchronize itself with an NTP server, disable the NTP client on those systems. Please note that the NTP client is disabled by default in SIMA2\n\n\n2. In case you must use the NTP server on an SIMA2, choose from the following options to reduce NTP-based risks:\n\n- Allow NTP traffic to/from trusted NTP clients only\n\n- Monitor the network for malicious NTP traffic going to/coming from the SIMA2\n\n- Filter malicious NTP traffic going to/coming from the SIMA2 Monitor NTP server operations on your SIMA2 (server availability, correctness of advertised time, NTP-related log entries, etc.)\n\n\n3. In case you must use the NTP client on an SIMA2, choose from the following options to reduce NTP-based risks:\n\n- Use trusted NTP servers only\n\n- Allow NTP traffic to/from trusted NTP servers only\n\n- Monitor the network for malicious NTP traffic targeting the SIMA2\n\n- Filter malicious NTP traffic targeting the SIMA2\n\n- Monitor NTP client operations on your SIMA2 (correctness of system time, NTP-related log entries, etc.)",
"product_ids": [
"CSAFPID-51001"
]
},
{
"category": "vendor_fix",
"details": "Upgrade your\u00a0SIMA2 to software version 2.6 or above. The NTP service of the\u00a0SIMA2 Master Station with software version V2.6 and above includes a current, supported version of ntpd.",
"product_ids": [
"CSAFPID-51001"
]
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"environmentalScore": 7.5,
"integrityImpact": "PARTIAL",
"temporalScore": 7.5,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"CSAFPID-51001"
]
}
],
"title": "CVE-2014-9293"
},
{
"cve": "CVE-2014-9294",
"notes": [
{
"category": "description",
"text": "util/ntp-keygen.c in ntp-keygen in NTP before 4.2.7p230 uses a weak RNG seed, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via a brute-force attack.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-52001"
],
"known_affected": [
"CSAFPID-51001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "1. If your SIMA2 does not need to provide time information to other systems or synchronize itself with an NTP server, disable the NTP client on those systems. Please note that the NTP client is disabled by default in SIMA2\n\n\n2. In case you must use the NTP server on an SIMA2, choose from the following options to reduce NTP-based risks:\n\n- Allow NTP traffic to/from trusted NTP clients only\n\n- Monitor the network for malicious NTP traffic going to/coming from the SIMA2\n\n- Filter malicious NTP traffic going to/coming from the SIMA2 Monitor NTP server operations on your SIMA2 (server availability, correctness of advertised time, NTP-related log entries, etc.)\n\n\n3. In case you must use the NTP client on an SIMA2, choose from the following options to reduce NTP-based risks:\n\n- Use trusted NTP servers only\n\n- Allow NTP traffic to/from trusted NTP servers only\n\n- Monitor the network for malicious NTP traffic targeting the SIMA2\n\n- Filter malicious NTP traffic targeting the SIMA2\n\n- Monitor NTP client operations on your SIMA2 (correctness of system time, NTP-related log entries, etc.)",
"product_ids": [
"CSAFPID-51001"
]
},
{
"category": "vendor_fix",
"details": "Upgrade your\u00a0SIMA2 to software version 2.6 or above. The NTP service of the\u00a0SIMA2 Master Station with software version V2.6 and above includes a current, supported version of ntpd.",
"product_ids": [
"CSAFPID-51001"
]
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"environmentalScore": 7.5,
"integrityImpact": "PARTIAL",
"temporalScore": 7.5,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"CSAFPID-51001"
]
}
],
"title": "CVE-2014-9294"
},
{
"cve": "CVE-2014-9295",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"notes": [
{
"category": "description",
"text": "Multiple stack-based buffer overflows in ntpd in NTP before 4.2.8 allow remote attackers to execute arbitrary code via a crafted packet, related to (1) the crypto_recv function when the Autokey Authentication feature is used, (2) the ctl_putdata function, and (3) the configure function.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-52001"
],
"known_affected": [
"CSAFPID-51001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "1. If your SIMA2 does not need to provide time information to other systems or synchronize itself with an NTP server, disable the NTP client on those systems. Please note that the NTP client is disabled by default in SIMA2\n\n\n2. In case you must use the NTP server on an SIMA2, choose from the following options to reduce NTP-based risks:\n\n- Allow NTP traffic to/from trusted NTP clients only\n\n- Monitor the network for malicious NTP traffic going to/coming from the SIMA2\n\n- Filter malicious NTP traffic going to/coming from the SIMA2 Monitor NTP server operations on your SIMA2 (server availability, correctness of advertised time, NTP-related log entries, etc.)\n\n\n3. In case you must use the NTP client on an SIMA2, choose from the following options to reduce NTP-based risks:\n\n- Use trusted NTP servers only\n\n- Allow NTP traffic to/from trusted NTP servers only\n\n- Monitor the network for malicious NTP traffic targeting the SIMA2\n\n- Filter malicious NTP traffic targeting the SIMA2\n\n- Monitor NTP client operations on your SIMA2 (correctness of system time, NTP-related log entries, etc.)",
"product_ids": [
"CSAFPID-51001"
]
},
{
"category": "vendor_fix",
"details": "Upgrade your\u00a0SIMA2 to software version 2.6 or above. The NTP service of the\u00a0SIMA2 Master Station with software version V2.6 and above includes a current, supported version of ntpd.",
"product_ids": [
"CSAFPID-51001"
]
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 7.5,
"confidentialityImpact": "PARTIAL",
"environmentalScore": 7.5,
"integrityImpact": "PARTIAL",
"temporalScore": 7.5,
"vectorString": "AV:N/AC:L/Au:N/C:P/I:P/A:P",
"version": "2.0"
},
"products": [
"CSAFPID-51001"
]
}
],
"title": "CVE-2014-9295"
},
{
"cve": "CVE-2014-9296",
"notes": [
{
"category": "description",
"text": "The receive function in ntp_proto.c in ntpd in NTP before 4.2.8 continues to execute after detecting a certain authentication error, which might allow remote attackers to trigger an unintended association change via crafted packets.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-52001"
],
"known_affected": [
"CSAFPID-51001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "1. If your SIMA2 does not need to provide time information to other systems or synchronize itself with an NTP server, disable the NTP client on those systems. Please note that the NTP client is disabled by default in SIMA2\n\n\n2. In case you must use the NTP server on an SIMA2, choose from the following options to reduce NTP-based risks:\n\n- Allow NTP traffic to/from trusted NTP clients only\n\n- Monitor the network for malicious NTP traffic going to/coming from the SIMA2\n\n- Filter malicious NTP traffic going to/coming from the SIMA2 Monitor NTP server operations on your SIMA2 (server availability, correctness of advertised time, NTP-related log entries, etc.)\n\n\n3. In case you must use the NTP client on an SIMA2, choose from the following options to reduce NTP-based risks:\n\n- Use trusted NTP servers only\n\n- Allow NTP traffic to/from trusted NTP servers only\n\n- Monitor the network for malicious NTP traffic targeting the SIMA2\n\n- Filter malicious NTP traffic targeting the SIMA2\n\n- Monitor NTP client operations on your SIMA2 (correctness of system time, NTP-related log entries, etc.)",
"product_ids": [
"CSAFPID-51001"
]
},
{
"category": "vendor_fix",
"details": "Upgrade your\u00a0SIMA2 to software version 2.6 or above. The NTP service of the\u00a0SIMA2 Master Station with software version V2.6 and above includes a current, supported version of ntpd.",
"product_ids": [
"CSAFPID-51001"
]
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "LOW",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5,
"confidentialityImpact": "NONE",
"environmentalScore": 5,
"integrityImpact": "NONE",
"temporalScore": 5,
"vectorString": "AV:N/AC:L/Au:N/C:N/I:N/A:P",
"version": "2.0"
},
"products": [
"CSAFPID-51001"
]
}
],
"title": "CVE-2014-9296"
},
{
"cve": "CVE-2014-9750",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "ntp_crypto.c in ntpd in NTP 4.x before 4.2.8p1, when Autokey Authentication is enabled, allows remote attackers to obtain sensitive information from process memory or cause a denial of service (daemon crash) via a packet containing an extension field with an invalid value for the length of its value field.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-52001"
],
"known_affected": [
"CSAFPID-51001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "1. If your SIMA2 does not need to provide time information to other systems or synchronize itself with an NTP server, disable the NTP client on those systems. Please note that the NTP client is disabled by default in SIMA2\n\n\n2. In case you must use the NTP server on an SIMA2, choose from the following options to reduce NTP-based risks:\n\n- Allow NTP traffic to/from trusted NTP clients only\n\n- Monitor the network for malicious NTP traffic going to/coming from the SIMA2\n\n- Filter malicious NTP traffic going to/coming from the SIMA2 Monitor NTP server operations on your SIMA2 (server availability, correctness of advertised time, NTP-related log entries, etc.)\n\n\n3. In case you must use the NTP client on an SIMA2, choose from the following options to reduce NTP-based risks:\n\n- Use trusted NTP servers only\n\n- Allow NTP traffic to/from trusted NTP servers only\n\n- Monitor the network for malicious NTP traffic targeting the SIMA2\n\n- Filter malicious NTP traffic targeting the SIMA2\n\n- Monitor NTP client operations on your SIMA2 (correctness of system time, NTP-related log entries, etc.)",
"product_ids": [
"CSAFPID-51001"
]
},
{
"category": "vendor_fix",
"details": "Upgrade your\u00a0SIMA2 to software version 2.6 or above. The NTP service of the\u00a0SIMA2 Master Station with software version V2.6 and above includes a current, supported version of ntpd.",
"product_ids": [
"CSAFPID-51001"
]
}
],
"scores": [
{
"cvss_v2": {
"accessComplexity": "MEDIUM",
"accessVector": "NETWORK",
"authentication": "NONE",
"availabilityImpact": "PARTIAL",
"baseScore": 5.8,
"confidentialityImpact": "PARTIAL",
"environmentalScore": 5.8,
"integrityImpact": "NONE",
"temporalScore": 5.8,
"vectorString": "AV:N/AC:M/Au:N/C:P/I:N/A:P",
"version": "2.0"
},
"products": [
"CSAFPID-51001"
]
}
],
"title": "CVE-2014-9750"
},
{
"cve": "CVE-2015-7691",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "The crypto_xmit function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (crash) via crafted packets containing particular autokey operations. NOTE: This vulnerability exists due to an incomplete fix for CVE-2014-9750.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-52001"
],
"known_affected": [
"CSAFPID-51001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "1. If your SIMA2 does not need to provide time information to other systems or synchronize itself with an NTP server, disable the NTP client on those systems. Please note that the NTP client is disabled by default in SIMA2\n\n\n2. In case you must use the NTP server on an SIMA2, choose from the following options to reduce NTP-based risks:\n\n- Allow NTP traffic to/from trusted NTP clients only\n\n- Monitor the network for malicious NTP traffic going to/coming from the SIMA2\n\n- Filter malicious NTP traffic going to/coming from the SIMA2 Monitor NTP server operations on your SIMA2 (server availability, correctness of advertised time, NTP-related log entries, etc.)\n\n\n3. In case you must use the NTP client on an SIMA2, choose from the following options to reduce NTP-based risks:\n\n- Use trusted NTP servers only\n\n- Allow NTP traffic to/from trusted NTP servers only\n\n- Monitor the network for malicious NTP traffic targeting the SIMA2\n\n- Filter malicious NTP traffic targeting the SIMA2\n\n- Monitor NTP client operations on your SIMA2 (correctness of system time, NTP-related log entries, etc.)",
"product_ids": [
"CSAFPID-51001"
]
},
{
"category": "vendor_fix",
"details": "Upgrade your\u00a0SIMA2 to software version 2.6 or above. The NTP service of the\u00a0SIMA2 Master Station with software version V2.6 and above includes a current, supported version of ntpd.",
"product_ids": [
"CSAFPID-51001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"environmentalScore": 7.5,
"environmentalSeverity": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.5,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-51001"
]
}
],
"title": "CVE-2015-7691"
},
{
"cve": "CVE-2015-7692",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "The crypto_xmit function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (crash). NOTE: This vulnerability exists due to an incomplete fix for CVE-2014-9750.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-52001"
],
"known_affected": [
"CSAFPID-51001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "1. If your SIMA2 does not need to provide time information to other systems or synchronize itself with an NTP server, disable the NTP client on those systems. Please note that the NTP client is disabled by default in SIMA2\n\n\n2. In case you must use the NTP server on an SIMA2, choose from the following options to reduce NTP-based risks:\n\n- Allow NTP traffic to/from trusted NTP clients only\n\n- Monitor the network for malicious NTP traffic going to/coming from the SIMA2\n\n- Filter malicious NTP traffic going to/coming from the SIMA2 Monitor NTP server operations on your SIMA2 (server availability, correctness of advertised time, NTP-related log entries, etc.)\n\n\n3. In case you must use the NTP client on an SIMA2, choose from the following options to reduce NTP-based risks:\n\n- Use trusted NTP servers only\n\n- Allow NTP traffic to/from trusted NTP servers only\n\n- Monitor the network for malicious NTP traffic targeting the SIMA2\n\n- Filter malicious NTP traffic targeting the SIMA2\n\n- Monitor NTP client operations on your SIMA2 (correctness of system time, NTP-related log entries, etc.)",
"product_ids": [
"CSAFPID-51001"
]
},
{
"category": "vendor_fix",
"details": "Upgrade your\u00a0SIMA2 to software version 2.6 or above. The NTP service of the\u00a0SIMA2 Master Station with software version V2.6 and above includes a current, supported version of ntpd.",
"product_ids": [
"CSAFPID-51001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"environmentalScore": 7.5,
"environmentalSeverity": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.5,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-51001"
]
}
],
"title": "CVE-2015-7692"
},
{
"cve": "CVE-2015-7702",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "The crypto_xmit function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (crash). NOTE: This vulnerability exists due to an incomplete fix for CVE-2014-9750.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-52001"
],
"known_affected": [
"CSAFPID-51001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "1. If your SIMA2 does not need to provide time information to other systems or synchronize itself with an NTP server, disable the NTP client on those systems. Please note that the NTP client is disabled by default in SIMA2\n\n\n2. In case you must use the NTP server on an SIMA2, choose from the following options to reduce NTP-based risks:\n\n- Allow NTP traffic to/from trusted NTP clients only\n\n- Monitor the network for malicious NTP traffic going to/coming from the SIMA2\n\n- Filter malicious NTP traffic going to/coming from the SIMA2 Monitor NTP server operations on your SIMA2 (server availability, correctness of advertised time, NTP-related log entries, etc.)\n\n\n3. In case you must use the NTP client on an SIMA2, choose from the following options to reduce NTP-based risks:\n\n- Use trusted NTP servers only\n\n- Allow NTP traffic to/from trusted NTP servers only\n\n- Monitor the network for malicious NTP traffic targeting the SIMA2\n\n- Filter malicious NTP traffic targeting the SIMA2\n\n- Monitor NTP client operations on your SIMA2 (correctness of system time, NTP-related log entries, etc.)",
"product_ids": [
"CSAFPID-51001"
]
},
{
"category": "vendor_fix",
"details": "Upgrade your\u00a0SIMA2 to software version 2.6 or above. The NTP service of the\u00a0SIMA2 Master Station with software version V2.6 and above includes a current, supported version of ntpd.",
"product_ids": [
"CSAFPID-51001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"environmentalScore": 6.5,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"temporalScore": 6.5,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-51001"
]
}
],
"title": "CVE-2015-7702"
},
{
"cve": "CVE-2015-7704",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "The ntpd client in NTP 4.x before 4.2.8p4 and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service via a number of crafted \"KOD\" messages.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-52001"
],
"known_affected": [
"CSAFPID-51001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "1. If your SIMA2 does not need to provide time information to other systems or synchronize itself with an NTP server, disable the NTP client on those systems. Please note that the NTP client is disabled by default in SIMA2\n\n\n2. In case you must use the NTP server on an SIMA2, choose from the following options to reduce NTP-based risks:\n\n- Allow NTP traffic to/from trusted NTP clients only\n\n- Monitor the network for malicious NTP traffic going to/coming from the SIMA2\n\n- Filter malicious NTP traffic going to/coming from the SIMA2 Monitor NTP server operations on your SIMA2 (server availability, correctness of advertised time, NTP-related log entries, etc.)\n\n\n3. In case you must use the NTP client on an SIMA2, choose from the following options to reduce NTP-based risks:\n\n- Use trusted NTP servers only\n\n- Allow NTP traffic to/from trusted NTP servers only\n\n- Monitor the network for malicious NTP traffic targeting the SIMA2\n\n- Filter malicious NTP traffic targeting the SIMA2\n\n- Monitor NTP client operations on your SIMA2 (correctness of system time, NTP-related log entries, etc.)",
"product_ids": [
"CSAFPID-51001"
]
},
{
"category": "vendor_fix",
"details": "Upgrade your\u00a0SIMA2 to software version 2.6 or above. The NTP service of the\u00a0SIMA2 Master Station with software version V2.6 and above includes a current, supported version of ntpd.",
"product_ids": [
"CSAFPID-51001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"environmentalScore": 7.5,
"environmentalSeverity": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.5,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-51001"
]
}
],
"title": "CVE-2015-7704"
},
{
"cve": "CVE-2015-7849",
"cwe": {
"id": "CWE-416",
"name": "Use After Free"
},
"notes": [
{
"category": "description",
"text": "Use-after-free vulnerability in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote authenticated users to possibly execute arbitrary code or cause a denial of service (crash) via crafted packets.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-52001"
],
"known_affected": [
"CSAFPID-51001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "1. If your SIMA2 does not need to provide time information to other systems or synchronize itself with an NTP server, disable the NTP client on those systems. Please note that the NTP client is disabled by default in SIMA2\n\n\n2. In case you must use the NTP server on an SIMA2, choose from the following options to reduce NTP-based risks:\n\n- Allow NTP traffic to/from trusted NTP clients only\n\n- Monitor the network for malicious NTP traffic going to/coming from the SIMA2\n\n- Filter malicious NTP traffic going to/coming from the SIMA2 Monitor NTP server operations on your SIMA2 (server availability, correctness of advertised time, NTP-related log entries, etc.)\n\n\n3. In case you must use the NTP client on an SIMA2, choose from the following options to reduce NTP-based risks:\n\n- Use trusted NTP servers only\n\n- Allow NTP traffic to/from trusted NTP servers only\n\n- Monitor the network for malicious NTP traffic targeting the SIMA2\n\n- Filter malicious NTP traffic targeting the SIMA2\n\n- Monitor NTP client operations on your SIMA2 (correctness of system time, NTP-related log entries, etc.)",
"product_ids": [
"CSAFPID-51001"
]
},
{
"category": "vendor_fix",
"details": "Upgrade your\u00a0SIMA2 to software version 2.6 or above. The NTP service of the\u00a0SIMA2 Master Station with software version V2.6 and above includes a current, supported version of ntpd.",
"product_ids": [
"CSAFPID-51001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 8.8,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"temporalScore": 8.8,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-51001"
]
}
],
"title": "CVE-2015-7849"
},
{
"cve": "CVE-2015-7850",
"cwe": {
"id": "CWE-835",
"name": "Loop with Unreachable Exit Condition (\u0027Infinite Loop\u0027)"
},
"notes": [
{
"category": "description",
"text": "ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote authenticated users to cause a denial of service (infinite loop or crash) by pointing the key file at the log file.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-52001"
],
"known_affected": [
"CSAFPID-51001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "1. If your SIMA2 does not need to provide time information to other systems or synchronize itself with an NTP server, disable the NTP client on those systems. Please note that the NTP client is disabled by default in SIMA2\n\n\n2. In case you must use the NTP server on an SIMA2, choose from the following options to reduce NTP-based risks:\n\n- Allow NTP traffic to/from trusted NTP clients only\n\n- Monitor the network for malicious NTP traffic going to/coming from the SIMA2\n\n- Filter malicious NTP traffic going to/coming from the SIMA2 Monitor NTP server operations on your SIMA2 (server availability, correctness of advertised time, NTP-related log entries, etc.)\n\n\n3. In case you must use the NTP client on an SIMA2, choose from the following options to reduce NTP-based risks:\n\n- Use trusted NTP servers only\n\n- Allow NTP traffic to/from trusted NTP servers only\n\n- Monitor the network for malicious NTP traffic targeting the SIMA2\n\n- Filter malicious NTP traffic targeting the SIMA2\n\n- Monitor NTP client operations on your SIMA2 (correctness of system time, NTP-related log entries, etc.)",
"product_ids": [
"CSAFPID-51001"
]
},
{
"category": "vendor_fix",
"details": "Upgrade your\u00a0SIMA2 to software version 2.6 or above. The NTP service of the\u00a0SIMA2 Master Station with software version V2.6 and above includes a current, supported version of ntpd.",
"product_ids": [
"CSAFPID-51001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"environmentalScore": 6.5,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"temporalScore": 6.5,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-51001"
]
}
],
"title": "CVE-2015-7850"
},
{
"cve": "CVE-2015-7851",
"cwe": {
"id": "CWE-22",
"name": "Improper Limitation of a Pathname to a Restricted Directory (\u0027Path Traversal\u0027)"
},
"notes": [
{
"category": "description",
"text": "Directory traversal vulnerability in the save_config function in ntpd in ntp_control.c in NTP before 4.2.8p4, when used on systems that do not use \u0027\\\u0027 or \u0027/\u0027 characters for directory separation such as OpenVMS, allows remote authenticated users to overwrite arbitrary files.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-52001"
],
"known_affected": [
"CSAFPID-51001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "1. If your SIMA2 does not need to provide time information to other systems or synchronize itself with an NTP server, disable the NTP client on those systems. Please note that the NTP client is disabled by default in SIMA2\n\n\n2. In case you must use the NTP server on an SIMA2, choose from the following options to reduce NTP-based risks:\n\n- Allow NTP traffic to/from trusted NTP clients only\n\n- Monitor the network for malicious NTP traffic going to/coming from the SIMA2\n\n- Filter malicious NTP traffic going to/coming from the SIMA2 Monitor NTP server operations on your SIMA2 (server availability, correctness of advertised time, NTP-related log entries, etc.)\n\n\n3. In case you must use the NTP client on an SIMA2, choose from the following options to reduce NTP-based risks:\n\n- Use trusted NTP servers only\n\n- Allow NTP traffic to/from trusted NTP servers only\n\n- Monitor the network for malicious NTP traffic targeting the SIMA2\n\n- Filter malicious NTP traffic targeting the SIMA2\n\n- Monitor NTP client operations on your SIMA2 (correctness of system time, NTP-related log entries, etc.)",
"product_ids": [
"CSAFPID-51001"
]
},
{
"category": "vendor_fix",
"details": "Upgrade your\u00a0SIMA2 to software version 2.6 or above. The NTP service of the\u00a0SIMA2 Master Station with software version V2.6 and above includes a current, supported version of ntpd.",
"product_ids": [
"CSAFPID-51001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"environmentalScore": 6.5,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"temporalScore": 6.5,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-51001"
]
}
],
"title": "CVE-2015-7851"
},
{
"cve": "CVE-2015-7852",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "ntpq in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (crash) via crafted mode 6 response packets.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-52001"
],
"known_affected": [
"CSAFPID-51001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "1. If your SIMA2 does not need to provide time information to other systems or synchronize itself with an NTP server, disable the NTP client on those systems. Please note that the NTP client is disabled by default in SIMA2\n\n\n2. In case you must use the NTP server on an SIMA2, choose from the following options to reduce NTP-based risks:\n\n- Allow NTP traffic to/from trusted NTP clients only\n\n- Monitor the network for malicious NTP traffic going to/coming from the SIMA2\n\n- Filter malicious NTP traffic going to/coming from the SIMA2 Monitor NTP server operations on your SIMA2 (server availability, correctness of advertised time, NTP-related log entries, etc.)\n\n\n3. In case you must use the NTP client on an SIMA2, choose from the following options to reduce NTP-based risks:\n\n- Use trusted NTP servers only\n\n- Allow NTP traffic to/from trusted NTP servers only\n\n- Monitor the network for malicious NTP traffic targeting the SIMA2\n\n- Filter malicious NTP traffic targeting the SIMA2\n\n- Monitor NTP client operations on your SIMA2 (correctness of system time, NTP-related log entries, etc.)",
"product_ids": [
"CSAFPID-51001"
]
},
{
"category": "vendor_fix",
"details": "Upgrade your\u00a0SIMA2 to software version 2.6 or above. The NTP service of the\u00a0SIMA2 Master Station with software version V2.6 and above includes a current, supported version of ntpd.",
"product_ids": [
"CSAFPID-51001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"environmentalScore": 5.9,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 5.9,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-51001"
]
}
],
"title": "CVE-2015-7852"
},
{
"cve": "CVE-2015-7854",
"cwe": {
"id": "CWE-120",
"name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
},
"notes": [
{
"category": "description",
"text": "Buffer overflow in the password management functionality in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote authenticated users to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted key file.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-52001"
],
"known_affected": [
"CSAFPID-51001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "1. If your SIMA2 does not need to provide time information to other systems or synchronize itself with an NTP server, disable the NTP client on those systems. Please note that the NTP client is disabled by default in SIMA2\n\n\n2. In case you must use the NTP server on an SIMA2, choose from the following options to reduce NTP-based risks:\n\n- Allow NTP traffic to/from trusted NTP clients only\n\n- Monitor the network for malicious NTP traffic going to/coming from the SIMA2\n\n- Filter malicious NTP traffic going to/coming from the SIMA2 Monitor NTP server operations on your SIMA2 (server availability, correctness of advertised time, NTP-related log entries, etc.)\n\n\n3. In case you must use the NTP client on an SIMA2, choose from the following options to reduce NTP-based risks:\n\n- Use trusted NTP servers only\n\n- Allow NTP traffic to/from trusted NTP servers only\n\n- Monitor the network for malicious NTP traffic targeting the SIMA2\n\n- Filter malicious NTP traffic targeting the SIMA2\n\n- Monitor NTP client operations on your SIMA2 (correctness of system time, NTP-related log entries, etc.)",
"product_ids": [
"CSAFPID-51001"
]
},
{
"category": "vendor_fix",
"details": "Upgrade your\u00a0SIMA2 to software version 2.6 or above. The NTP service of the\u00a0SIMA2 Master Station with software version V2.6 and above includes a current, supported version of ntpd.",
"product_ids": [
"CSAFPID-51001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 8.8,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"temporalScore": 8.8,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-51001"
]
}
],
"title": "CVE-2015-7854"
},
{
"cve": "CVE-2015-7855",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "The decodenetnum function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (assertion failure) via a 6 or mode 7 packet containing a long data value.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-52001"
],
"known_affected": [
"CSAFPID-51001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "1. If your SIMA2 does not need to provide time information to other systems or synchronize itself with an NTP server, disable the NTP client on those systems. Please note that the NTP client is disabled by default in SIMA2\n\n\n2. In case you must use the NTP server on an SIMA2, choose from the following options to reduce NTP-based risks:\n\n- Allow NTP traffic to/from trusted NTP clients only\n\n- Monitor the network for malicious NTP traffic going to/coming from the SIMA2\n\n- Filter malicious NTP traffic going to/coming from the SIMA2 Monitor NTP server operations on your SIMA2 (server availability, correctness of advertised time, NTP-related log entries, etc.)\n\n\n3. In case you must use the NTP client on an SIMA2, choose from the following options to reduce NTP-based risks:\n\n- Use trusted NTP servers only\n\n- Allow NTP traffic to/from trusted NTP servers only\n\n- Monitor the network for malicious NTP traffic targeting the SIMA2\n\n- Filter malicious NTP traffic targeting the SIMA2\n\n- Monitor NTP client operations on your SIMA2 (correctness of system time, NTP-related log entries, etc.)",
"product_ids": [
"CSAFPID-51001"
]
},
{
"category": "vendor_fix",
"details": "Upgrade your\u00a0SIMA2 to software version 2.6 or above. The NTP service of the\u00a0SIMA2 Master Station with software version V2.6 and above includes a current, supported version of ntpd.",
"product_ids": [
"CSAFPID-51001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"environmentalScore": 6.5,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"temporalScore": 6.5,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-51001"
]
}
],
"title": "CVE-2015-7855"
},
{
"cve": "CVE-2015-7871",
"cwe": {
"id": "CWE-287",
"name": "Improper Authentication"
},
"notes": [
{
"category": "description",
"text": "Crypto-NAK packets in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to bypass authentication.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-52001"
],
"known_affected": [
"CSAFPID-51001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "1. If your SIMA2 does not need to provide time information to other systems or synchronize itself with an NTP server, disable the NTP client on those systems. Please note that the NTP client is disabled by default in SIMA2\n\n\n2. In case you must use the NTP server on an SIMA2, choose from the following options to reduce NTP-based risks:\n\n- Allow NTP traffic to/from trusted NTP clients only\n\n- Monitor the network for malicious NTP traffic going to/coming from the SIMA2\n\n- Filter malicious NTP traffic going to/coming from the SIMA2 Monitor NTP server operations on your SIMA2 (server availability, correctness of advertised time, NTP-related log entries, etc.)\n\n\n3. In case you must use the NTP client on an SIMA2, choose from the following options to reduce NTP-based risks:\n\n- Use trusted NTP servers only\n\n- Allow NTP traffic to/from trusted NTP servers only\n\n- Monitor the network for malicious NTP traffic targeting the SIMA2\n\n- Filter malicious NTP traffic targeting the SIMA2\n\n- Monitor NTP client operations on your SIMA2 (correctness of system time, NTP-related log entries, etc.)",
"product_ids": [
"CSAFPID-51001"
]
},
{
"category": "vendor_fix",
"details": "Upgrade your\u00a0SIMA2 to software version 2.6 or above. The NTP service of the\u00a0SIMA2 Master Station with software version V2.6 and above includes a current, supported version of ntpd.",
"product_ids": [
"CSAFPID-51001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"environmentalScore": 9.8,
"environmentalSeverity": "CRITICAL",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 9.8,
"temporalSeverity": "CRITICAL",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-51001"
]
}
],
"title": "CVE-2015-7871"
},
{
"cve": "CVE-2015-7973",
"notes": [
{
"category": "description",
"text": "NTP before 4.2.8p6 and 4.3.x before 4.3.90, when configured in broadcast mode, allows man-in-the-middle attackers to conduct replay attacks by sniffing the network.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-52001"
],
"known_affected": [
"CSAFPID-51001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "1. If your SIMA2 does not need to provide time information to other systems or synchronize itself with an NTP server, disable the NTP client on those systems. Please note that the NTP client is disabled by default in SIMA2\n\n\n2. In case you must use the NTP server on an SIMA2, choose from the following options to reduce NTP-based risks:\n\n- Allow NTP traffic to/from trusted NTP clients only\n\n- Monitor the network for malicious NTP traffic going to/coming from the SIMA2\n\n- Filter malicious NTP traffic going to/coming from the SIMA2 Monitor NTP server operations on your SIMA2 (server availability, correctness of advertised time, NTP-related log entries, etc.)\n\n\n3. In case you must use the NTP client on an SIMA2, choose from the following options to reduce NTP-based risks:\n\n- Use trusted NTP servers only\n\n- Allow NTP traffic to/from trusted NTP servers only\n\n- Monitor the network for malicious NTP traffic targeting the SIMA2\n\n- Filter malicious NTP traffic targeting the SIMA2\n\n- Monitor NTP client operations on your SIMA2 (correctness of system time, NTP-related log entries, etc.)",
"product_ids": [
"CSAFPID-51001"
]
},
{
"category": "vendor_fix",
"details": "Upgrade your\u00a0SIMA2 to software version 2.6 or above. The NTP service of the\u00a0SIMA2 Master Station with software version V2.6 and above includes a current, supported version of ntpd.",
"product_ids": [
"CSAFPID-51001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"environmentalScore": 6.5,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 6.5,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-51001"
]
}
],
"title": "CVE-2015-7973"
},
{
"cve": "CVE-2015-7974",
"cwe": {
"id": "CWE-287",
"name": "Improper Authentication"
},
"notes": [
{
"category": "description",
"text": "NTP 4.x before 4.2.8p6 and 4.3.x before 4.3.90 do not verify peer associations of symmetric keys when authenticating packets, which might allow remote attackers to conduct impersonation attacks via an arbitrary trusted key, aka a \"skeleton key.\"",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-52001"
],
"known_affected": [
"CSAFPID-51001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "1. If your SIMA2 does not need to provide time information to other systems or synchronize itself with an NTP server, disable the NTP client on those systems. Please note that the NTP client is disabled by default in SIMA2\n\n\n2. In case you must use the NTP server on an SIMA2, choose from the following options to reduce NTP-based risks:\n\n- Allow NTP traffic to/from trusted NTP clients only\n\n- Monitor the network for malicious NTP traffic going to/coming from the SIMA2\n\n- Filter malicious NTP traffic going to/coming from the SIMA2 Monitor NTP server operations on your SIMA2 (server availability, correctness of advertised time, NTP-related log entries, etc.)\n\n\n3. In case you must use the NTP client on an SIMA2, choose from the following options to reduce NTP-based risks:\n\n- Use trusted NTP servers only\n\n- Allow NTP traffic to/from trusted NTP servers only\n\n- Monitor the network for malicious NTP traffic targeting the SIMA2\n\n- Filter malicious NTP traffic targeting the SIMA2\n\n- Monitor NTP client operations on your SIMA2 (correctness of system time, NTP-related log entries, etc.)",
"product_ids": [
"CSAFPID-51001"
]
},
{
"category": "vendor_fix",
"details": "Upgrade your\u00a0SIMA2 to software version 2.6 or above. The NTP service of the\u00a0SIMA2 Master Station with software version V2.6 and above includes a current, supported version of ntpd.",
"product_ids": [
"CSAFPID-51001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.7,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"environmentalScore": 7.7,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "CHANGED",
"temporalScore": 7.7,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-51001"
]
}
],
"title": "CVE-2015-7974"
},
{
"cve": "CVE-2015-7975",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"notes": [
{
"category": "description",
"text": "The nextvar function in NTP before 4.2.8p6 and 4.3.x before 4.3.90 does not properly validate the length of its input, which allows an attacker to cause a denial of service (application crash).",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-52001"
],
"known_affected": [
"CSAFPID-51001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "1. If your SIMA2 does not need to provide time information to other systems or synchronize itself with an NTP server, disable the NTP client on those systems. Please note that the NTP client is disabled by default in SIMA2\n\n\n2. In case you must use the NTP server on an SIMA2, choose from the following options to reduce NTP-based risks:\n\n- Allow NTP traffic to/from trusted NTP clients only\n\n- Monitor the network for malicious NTP traffic going to/coming from the SIMA2\n\n- Filter malicious NTP traffic going to/coming from the SIMA2 Monitor NTP server operations on your SIMA2 (server availability, correctness of advertised time, NTP-related log entries, etc.)\n\n\n3. In case you must use the NTP client on an SIMA2, choose from the following options to reduce NTP-based risks:\n\n- Use trusted NTP servers only\n\n- Allow NTP traffic to/from trusted NTP servers only\n\n- Monitor the network for malicious NTP traffic targeting the SIMA2\n\n- Filter malicious NTP traffic targeting the SIMA2\n\n- Monitor NTP client operations on your SIMA2 (correctness of system time, NTP-related log entries, etc.)",
"product_ids": [
"CSAFPID-51001"
]
},
{
"category": "vendor_fix",
"details": "Upgrade your\u00a0SIMA2 to software version 2.6 or above. The NTP service of the\u00a0SIMA2 Master Station with software version V2.6 and above includes a current, supported version of ntpd.",
"product_ids": [
"CSAFPID-51001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 6.2,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"environmentalScore": 6.2,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 6.2,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-51001"
]
}
],
"title": "CVE-2015-7975"
},
{
"cve": "CVE-2015-7976",
"notes": [
{
"category": "description",
"text": "The ntpq saveconfig command in NTP 4.1.2, 4.2.x before 4.2.8p6, 4.3, 4.3.25, 4.3.70, and 4.3.77 does not properly filter special characters, which allows attackers to cause unspecified impact via a crafted filename.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-52001"
],
"known_affected": [
"CSAFPID-51001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "1. If your SIMA2 does not need to provide time information to other systems or synchronize itself with an NTP server, disable the NTP client on those systems. Please note that the NTP client is disabled by default in SIMA2\n\n\n2. In case you must use the NTP server on an SIMA2, choose from the following options to reduce NTP-based risks:\n\n- Allow NTP traffic to/from trusted NTP clients only\n\n- Monitor the network for malicious NTP traffic going to/coming from the SIMA2\n\n- Filter malicious NTP traffic going to/coming from the SIMA2 Monitor NTP server operations on your SIMA2 (server availability, correctness of advertised time, NTP-related log entries, etc.)\n\n\n3. In case you must use the NTP client on an SIMA2, choose from the following options to reduce NTP-based risks:\n\n- Use trusted NTP servers only\n\n- Allow NTP traffic to/from trusted NTP servers only\n\n- Monitor the network for malicious NTP traffic targeting the SIMA2\n\n- Filter malicious NTP traffic targeting the SIMA2\n\n- Monitor NTP client operations on your SIMA2 (correctness of system time, NTP-related log entries, etc.)",
"product_ids": [
"CSAFPID-51001"
]
},
{
"category": "vendor_fix",
"details": "Upgrade your\u00a0SIMA2 to software version 2.6 or above. The NTP service of the\u00a0SIMA2 Master Station with software version V2.6 and above includes a current, supported version of ntpd.",
"product_ids": [
"CSAFPID-51001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"environmentalScore": 4.3,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "LOW",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"temporalScore": 4.3,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
"version": "3.0"
},
"products": [
"CSAFPID-51001"
]
}
],
"title": "CVE-2015-7976"
},
{
"cve": "CVE-2015-7977",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "description",
"text": "ntpd in NTP before 4.2.8p6 and 4.3.x before 4.3.90 allows remote attackers to cause a denial of service (NULL pointer dereference) via a ntpdc reslist command.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-52001"
],
"known_affected": [
"CSAFPID-51001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "1. If your SIMA2 does not need to provide time information to other systems or synchronize itself with an NTP server, disable the NTP client on those systems. Please note that the NTP client is disabled by default in SIMA2\n\n\n2. In case you must use the NTP server on an SIMA2, choose from the following options to reduce NTP-based risks:\n\n- Allow NTP traffic to/from trusted NTP clients only\n\n- Monitor the network for malicious NTP traffic going to/coming from the SIMA2\n\n- Filter malicious NTP traffic going to/coming from the SIMA2 Monitor NTP server operations on your SIMA2 (server availability, correctness of advertised time, NTP-related log entries, etc.)\n\n\n3. In case you must use the NTP client on an SIMA2, choose from the following options to reduce NTP-based risks:\n\n- Use trusted NTP servers only\n\n- Allow NTP traffic to/from trusted NTP servers only\n\n- Monitor the network for malicious NTP traffic targeting the SIMA2\n\n- Filter malicious NTP traffic targeting the SIMA2\n\n- Monitor NTP client operations on your SIMA2 (correctness of system time, NTP-related log entries, etc.)",
"product_ids": [
"CSAFPID-51001"
]
},
{
"category": "vendor_fix",
"details": "Upgrade your\u00a0SIMA2 to software version 2.6 or above. The NTP service of the\u00a0SIMA2 Master Station with software version V2.6 and above includes a current, supported version of ntpd.",
"product_ids": [
"CSAFPID-51001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"environmentalScore": 5.9,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 5.9,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-51001"
]
}
],
"title": "CVE-2015-7977"
},
{
"cve": "CVE-2015-7978",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "description",
"text": "NTP before 4.2.8p6 and 4.3.0 before 4.3.90 allows a remote attackers to cause a denial of service (stack exhaustion) via an ntpdc relist command, which triggers recursive traversal of the restriction list.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-52001"
],
"known_affected": [
"CSAFPID-51001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "1. If your SIMA2 does not need to provide time information to other systems or synchronize itself with an NTP server, disable the NTP client on those systems. Please note that the NTP client is disabled by default in SIMA2\n\n\n2. In case you must use the NTP server on an SIMA2, choose from the following options to reduce NTP-based risks:\n\n- Allow NTP traffic to/from trusted NTP clients only\n\n- Monitor the network for malicious NTP traffic going to/coming from the SIMA2\n\n- Filter malicious NTP traffic going to/coming from the SIMA2 Monitor NTP server operations on your SIMA2 (server availability, correctness of advertised time, NTP-related log entries, etc.)\n\n\n3. In case you must use the NTP client on an SIMA2, choose from the following options to reduce NTP-based risks:\n\n- Use trusted NTP servers only\n\n- Allow NTP traffic to/from trusted NTP servers only\n\n- Monitor the network for malicious NTP traffic targeting the SIMA2\n\n- Filter malicious NTP traffic targeting the SIMA2\n\n- Monitor NTP client operations on your SIMA2 (correctness of system time, NTP-related log entries, etc.)",
"product_ids": [
"CSAFPID-51001"
]
},
{
"category": "vendor_fix",
"details": "Upgrade your\u00a0SIMA2 to software version 2.6 or above. The NTP service of the\u00a0SIMA2 Master Station with software version V2.6 and above includes a current, supported version of ntpd.",
"product_ids": [
"CSAFPID-51001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"environmentalScore": 7.5,
"environmentalSeverity": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.5,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-51001"
]
}
],
"title": "CVE-2015-7978"
},
{
"cve": "CVE-2015-7979",
"notes": [
{
"category": "description",
"text": "NTP before 4.2.8p6 and 4.3.x before 4.3.90 allows remote attackers to cause a denial of service (client-server association tear down) by sending broadcast packets with invalid authentication to a broadcast client.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-52001"
],
"known_affected": [
"CSAFPID-51001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "1. If your SIMA2 does not need to provide time information to other systems or synchronize itself with an NTP server, disable the NTP client on those systems. Please note that the NTP client is disabled by default in SIMA2\n\n\n2. In case you must use the NTP server on an SIMA2, choose from the following options to reduce NTP-based risks:\n\n- Allow NTP traffic to/from trusted NTP clients only\n\n- Monitor the network for malicious NTP traffic going to/coming from the SIMA2\n\n- Filter malicious NTP traffic going to/coming from the SIMA2 Monitor NTP server operations on your SIMA2 (server availability, correctness of advertised time, NTP-related log entries, etc.)\n\n\n3. In case you must use the NTP client on an SIMA2, choose from the following options to reduce NTP-based risks:\n\n- Use trusted NTP servers only\n\n- Allow NTP traffic to/from trusted NTP servers only\n\n- Monitor the network for malicious NTP traffic targeting the SIMA2\n\n- Filter malicious NTP traffic targeting the SIMA2\n\n- Monitor NTP client operations on your SIMA2 (correctness of system time, NTP-related log entries, etc.)",
"product_ids": [
"CSAFPID-51001"
]
},
{
"category": "vendor_fix",
"details": "Upgrade your\u00a0SIMA2 to software version 2.6 or above. The NTP service of the\u00a0SIMA2 Master Station with software version V2.6 and above includes a current, supported version of ntpd.",
"product_ids": [
"CSAFPID-51001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"environmentalScore": 7.5,
"environmentalSeverity": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.5,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-51001"
]
}
],
"title": "CVE-2015-7979"
},
{
"cve": "CVE-2015-8138",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "NTP before 4.2.8p6 and 4.3.x before 4.3.90 allows remote attackers to bypass the origin timestamp validation via a packet with an origin timestamp set to zero.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-52001"
],
"known_affected": [
"CSAFPID-51001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "1. If your SIMA2 does not need to provide time information to other systems or synchronize itself with an NTP server, disable the NTP client on those systems. Please note that the NTP client is disabled by default in SIMA2\n\n\n2. In case you must use the NTP server on an SIMA2, choose from the following options to reduce NTP-based risks:\n\n- Allow NTP traffic to/from trusted NTP clients only\n\n- Monitor the network for malicious NTP traffic going to/coming from the SIMA2\n\n- Filter malicious NTP traffic going to/coming from the SIMA2 Monitor NTP server operations on your SIMA2 (server availability, correctness of advertised time, NTP-related log entries, etc.)\n\n\n3. In case you must use the NTP client on an SIMA2, choose from the following options to reduce NTP-based risks:\n\n- Use trusted NTP servers only\n\n- Allow NTP traffic to/from trusted NTP servers only\n\n- Monitor the network for malicious NTP traffic targeting the SIMA2\n\n- Filter malicious NTP traffic targeting the SIMA2\n\n- Monitor NTP client operations on your SIMA2 (correctness of system time, NTP-related log entries, etc.)",
"product_ids": [
"CSAFPID-51001"
]
},
{
"category": "vendor_fix",
"details": "Upgrade your\u00a0SIMA2 to software version 2.6 or above. The NTP service of the\u00a0SIMA2 Master Station with software version V2.6 and above includes a current, supported version of ntpd.",
"product_ids": [
"CSAFPID-51001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"environmentalScore": 5.3,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 5.3,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.0"
},
"products": [
"CSAFPID-51001"
]
}
],
"title": "CVE-2015-8138"
},
{
"cve": "CVE-2015-8139",
"cwe": {
"id": "CWE-284",
"name": "Improper Access Control"
},
"notes": [
{
"category": "description",
"text": "ntpq in NTP before 4.2.8p7 allows remote attackers to obtain origin timestamps and then impersonate peers via unspecified vectors.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-52001"
],
"known_affected": [
"CSAFPID-51001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "1. If your SIMA2 does not need to provide time information to other systems or synchronize itself with an NTP server, disable the NTP client on those systems. Please note that the NTP client is disabled by default in SIMA2\n\n\n2. In case you must use the NTP server on an SIMA2, choose from the following options to reduce NTP-based risks:\n\n- Allow NTP traffic to/from trusted NTP clients only\n\n- Monitor the network for malicious NTP traffic going to/coming from the SIMA2\n\n- Filter malicious NTP traffic going to/coming from the SIMA2 Monitor NTP server operations on your SIMA2 (server availability, correctness of advertised time, NTP-related log entries, etc.)\n\n\n3. In case you must use the NTP client on an SIMA2, choose from the following options to reduce NTP-based risks:\n\n- Use trusted NTP servers only\n\n- Allow NTP traffic to/from trusted NTP servers only\n\n- Monitor the network for malicious NTP traffic targeting the SIMA2\n\n- Filter malicious NTP traffic targeting the SIMA2\n\n- Monitor NTP client operations on your SIMA2 (correctness of system time, NTP-related log entries, etc.)",
"product_ids": [
"CSAFPID-51001"
]
},
{
"category": "vendor_fix",
"details": "Upgrade your\u00a0SIMA2 to software version 2.6 or above. The NTP service of the\u00a0SIMA2 Master Station with software version V2.6 and above includes a current, supported version of ntpd.",
"product_ids": [
"CSAFPID-51001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"environmentalScore": 5.3,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 5.3,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.0"
},
"products": [
"CSAFPID-51001"
]
}
],
"title": "CVE-2015-8139"
},
{
"cve": "CVE-2015-8140",
"cwe": {
"id": "CWE-284",
"name": "Improper Access Control"
},
"notes": [
{
"category": "description",
"text": "The ntpq protocol in NTP before 4.2.8p7 allows remote attackers to conduct replay attacks by sniffing the network.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-52001"
],
"known_affected": [
"CSAFPID-51001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "1. If your SIMA2 does not need to provide time information to other systems or synchronize itself with an NTP server, disable the NTP client on those systems. Please note that the NTP client is disabled by default in SIMA2\n\n\n2. In case you must use the NTP server on an SIMA2, choose from the following options to reduce NTP-based risks:\n\n- Allow NTP traffic to/from trusted NTP clients only\n\n- Monitor the network for malicious NTP traffic going to/coming from the SIMA2\n\n- Filter malicious NTP traffic going to/coming from the SIMA2 Monitor NTP server operations on your SIMA2 (server availability, correctness of advertised time, NTP-related log entries, etc.)\n\n\n3. In case you must use the NTP client on an SIMA2, choose from the following options to reduce NTP-based risks:\n\n- Use trusted NTP servers only\n\n- Allow NTP traffic to/from trusted NTP servers only\n\n- Monitor the network for malicious NTP traffic targeting the SIMA2\n\n- Filter malicious NTP traffic targeting the SIMA2\n\n- Monitor NTP client operations on your SIMA2 (correctness of system time, NTP-related log entries, etc.)",
"product_ids": [
"CSAFPID-51001"
]
},
{
"category": "vendor_fix",
"details": "Upgrade your\u00a0SIMA2 to software version 2.6 or above. The NTP service of the\u00a0SIMA2 Master Station with software version V2.6 and above includes a current, supported version of ntpd.",
"product_ids": [
"CSAFPID-51001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.8,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"environmentalScore": 4.8,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 4.8,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:L",
"version": "3.0"
},
"products": [
"CSAFPID-51001"
]
}
],
"title": "CVE-2015-8140"
},
{
"cve": "CVE-2015-8158",
"notes": [
{
"category": "description",
"text": "The getresponse function in ntpq in NTP versions before 4.2.8p9 and 4.3.x before 4.3.90 allows remote attackers to cause a denial of service (infinite loop) via crafted packets with incorrect values.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-52001"
],
"known_affected": [
"CSAFPID-51001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "1. If your SIMA2 does not need to provide time information to other systems or synchronize itself with an NTP server, disable the NTP client on those systems. Please note that the NTP client is disabled by default in SIMA2\n\n\n2. In case you must use the NTP server on an SIMA2, choose from the following options to reduce NTP-based risks:\n\n- Allow NTP traffic to/from trusted NTP clients only\n\n- Monitor the network for malicious NTP traffic going to/coming from the SIMA2\n\n- Filter malicious NTP traffic going to/coming from the SIMA2 Monitor NTP server operations on your SIMA2 (server availability, correctness of advertised time, NTP-related log entries, etc.)\n\n\n3. In case you must use the NTP client on an SIMA2, choose from the following options to reduce NTP-based risks:\n\n- Use trusted NTP servers only\n\n- Allow NTP traffic to/from trusted NTP servers only\n\n- Monitor the network for malicious NTP traffic targeting the SIMA2\n\n- Filter malicious NTP traffic targeting the SIMA2\n\n- Monitor NTP client operations on your SIMA2 (correctness of system time, NTP-related log entries, etc.)",
"product_ids": [
"CSAFPID-51001"
]
},
{
"category": "vendor_fix",
"details": "Upgrade your\u00a0SIMA2 to software version 2.6 or above. The NTP service of the\u00a0SIMA2 Master Station with software version V2.6 and above includes a current, supported version of ntpd.",
"product_ids": [
"CSAFPID-51001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"environmentalScore": 5.9,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 5.9,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-51001"
]
}
],
"title": "CVE-2015-8158"
},
{
"cve": "CVE-2016-1547",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "An off-path attacker can cause a preemptible client association to be demobilized in NTP 4.2.8p4 and earlier and NTPSec a5fb34b9cc89b92a8fef2f459004865c93bb7f92 by sending a crypto NAK packet to a victim client with a spoofed source address of an existing associated peer. This is true even if authentication is enabled.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-52001"
],
"known_affected": [
"CSAFPID-51001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "1. If your SIMA2 does not need to provide time information to other systems or synchronize itself with an NTP server, disable the NTP client on those systems. Please note that the NTP client is disabled by default in SIMA2\n\n\n2. In case you must use the NTP server on an SIMA2, choose from the following options to reduce NTP-based risks:\n\n- Allow NTP traffic to/from trusted NTP clients only\n\n- Monitor the network for malicious NTP traffic going to/coming from the SIMA2\n\n- Filter malicious NTP traffic going to/coming from the SIMA2 Monitor NTP server operations on your SIMA2 (server availability, correctness of advertised time, NTP-related log entries, etc.)\n\n\n3. In case you must use the NTP client on an SIMA2, choose from the following options to reduce NTP-based risks:\n\n- Use trusted NTP servers only\n\n- Allow NTP traffic to/from trusted NTP servers only\n\n- Monitor the network for malicious NTP traffic targeting the SIMA2\n\n- Filter malicious NTP traffic targeting the SIMA2\n\n- Monitor NTP client operations on your SIMA2 (correctness of system time, NTP-related log entries, etc.)",
"product_ids": [
"CSAFPID-51001"
]
},
{
"category": "vendor_fix",
"details": "Upgrade your\u00a0SIMA2 to software version 2.6 or above. The NTP service of the\u00a0SIMA2 Master Station with software version V2.6 and above includes a current, supported version of ntpd.",
"product_ids": [
"CSAFPID-51001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"environmentalScore": 5.3,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 5.3,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"CSAFPID-51001"
]
}
],
"title": "CVE-2016-1547"
},
{
"cve": "CVE-2016-1550",
"cwe": {
"id": "CWE-200",
"name": "Exposure of Sensitive Information to an Unauthorized Actor"
},
"notes": [
{
"category": "description",
"text": "An exploitable vulnerability exists in the message authentication functionality of libntp in ntp 4.2.8p4 and NTPSec a5fb34b9cc89b92a8fef2f459004865c93bb7f92. An attacker can send a series of crafted messages to attempt to recover the message digest key.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-52001"
],
"known_affected": [
"CSAFPID-51001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "1. If your SIMA2 does not need to provide time information to other systems or synchronize itself with an NTP server, disable the NTP client on those systems. Please note that the NTP client is disabled by default in SIMA2\n\n\n2. In case you must use the NTP server on an SIMA2, choose from the following options to reduce NTP-based risks:\n\n- Allow NTP traffic to/from trusted NTP clients only\n\n- Monitor the network for malicious NTP traffic going to/coming from the SIMA2\n\n- Filter malicious NTP traffic going to/coming from the SIMA2 Monitor NTP server operations on your SIMA2 (server availability, correctness of advertised time, NTP-related log entries, etc.)\n\n\n3. In case you must use the NTP client on an SIMA2, choose from the following options to reduce NTP-based risks:\n\n- Use trusted NTP servers only\n\n- Allow NTP traffic to/from trusted NTP servers only\n\n- Monitor the network for malicious NTP traffic targeting the SIMA2\n\n- Filter malicious NTP traffic targeting the SIMA2\n\n- Monitor NTP client operations on your SIMA2 (correctness of system time, NTP-related log entries, etc.)",
"product_ids": [
"CSAFPID-51001"
]
},
{
"category": "vendor_fix",
"details": "Upgrade your\u00a0SIMA2 to software version 2.6 or above. The NTP service of the\u00a0SIMA2 Master Station with software version V2.6 and above includes a current, supported version of ntpd.",
"product_ids": [
"CSAFPID-51001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"environmentalScore": 5.3,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 5.3,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
"version": "3.0"
},
"products": [
"CSAFPID-51001"
]
}
],
"title": "CVE-2016-1550"
},
{
"cve": "CVE-2016-2517",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "NTP before 4.2.8p7 and 4.3.x before 4.3.92 allows remote attackers to cause a denial of service (prevent subsequent authentication) by leveraging knowledge of the controlkey or requestkey and sending a crafted packet to ntpd, which changes the value of trustedkey, controlkey, or requestkey. NOTE: this vulnerability exists because of a CVE-2016-2516 regression.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-52001"
],
"known_affected": [
"CSAFPID-51001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "1. If your SIMA2 does not need to provide time information to other systems or synchronize itself with an NTP server, disable the NTP client on those systems. Please note that the NTP client is disabled by default in SIMA2\n\n\n2. In case you must use the NTP server on an SIMA2, choose from the following options to reduce NTP-based risks:\n\n- Allow NTP traffic to/from trusted NTP clients only\n\n- Monitor the network for malicious NTP traffic going to/coming from the SIMA2\n\n- Filter malicious NTP traffic going to/coming from the SIMA2 Monitor NTP server operations on your SIMA2 (server availability, correctness of advertised time, NTP-related log entries, etc.)\n\n\n3. In case you must use the NTP client on an SIMA2, choose from the following options to reduce NTP-based risks:\n\n- Use trusted NTP servers only\n\n- Allow NTP traffic to/from trusted NTP servers only\n\n- Monitor the network for malicious NTP traffic targeting the SIMA2\n\n- Filter malicious NTP traffic targeting the SIMA2\n\n- Monitor NTP client operations on your SIMA2 (correctness of system time, NTP-related log entries, etc.)",
"product_ids": [
"CSAFPID-51001"
]
},
{
"category": "vendor_fix",
"details": "Upgrade your\u00a0SIMA2 to software version 2.6 or above. The NTP service of the\u00a0SIMA2 Master Station with software version V2.6 and above includes a current, supported version of ntpd.",
"product_ids": [
"CSAFPID-51001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"environmentalScore": 5.3,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"temporalScore": 5.3,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-51001"
]
}
],
"title": "CVE-2016-2517"
},
{
"cve": "CVE-2016-2518",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "description",
"text": "The MATCH_ASSOC function in NTP before version 4.2.8p9 and 4.3.x before 4.3.92 allows remote attackers to cause an out-of-bounds reference via an addpeer request with a large hmode value.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-52001"
],
"known_affected": [
"CSAFPID-51001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "1. If your SIMA2 does not need to provide time information to other systems or synchronize itself with an NTP server, disable the NTP client on those systems. Please note that the NTP client is disabled by default in SIMA2\n\n\n2. In case you must use the NTP server on an SIMA2, choose from the following options to reduce NTP-based risks:\n\n- Allow NTP traffic to/from trusted NTP clients only\n\n- Monitor the network for malicious NTP traffic going to/coming from the SIMA2\n\n- Filter malicious NTP traffic going to/coming from the SIMA2 Monitor NTP server operations on your SIMA2 (server availability, correctness of advertised time, NTP-related log entries, etc.)\n\n\n3. In case you must use the NTP client on an SIMA2, choose from the following options to reduce NTP-based risks:\n\n- Use trusted NTP servers only\n\n- Allow NTP traffic to/from trusted NTP servers only\n\n- Monitor the network for malicious NTP traffic targeting the SIMA2\n\n- Filter malicious NTP traffic targeting the SIMA2\n\n- Monitor NTP client operations on your SIMA2 (correctness of system time, NTP-related log entries, etc.)",
"product_ids": [
"CSAFPID-51001"
]
},
{
"category": "vendor_fix",
"details": "Upgrade your\u00a0SIMA2 to software version 2.6 or above. The NTP service of the\u00a0SIMA2 Master Station with software version V2.6 and above includes a current, supported version of ntpd.",
"product_ids": [
"CSAFPID-51001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"environmentalScore": 5.3,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 5.3,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-51001"
]
}
],
"title": "CVE-2016-2518"
},
{
"cve": "CVE-2016-4953",
"cwe": {
"id": "CWE-287",
"name": "Improper Authentication"
},
"notes": [
{
"category": "description",
"text": "ntpd in NTP 4.x before 4.2.8p8 allows remote attackers to cause a denial of service (ephemeral-association demobilization) by sending a spoofed crypto-NAK packet with incorrect authentication data at a certain time.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-52001"
],
"known_affected": [
"CSAFPID-51001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "1. If your SIMA2 does not need to provide time information to other systems or synchronize itself with an NTP server, disable the NTP client on those systems. Please note that the NTP client is disabled by default in SIMA2\n\n\n2. In case you must use the NTP server on an SIMA2, choose from the following options to reduce NTP-based risks:\n\n- Allow NTP traffic to/from trusted NTP clients only\n\n- Monitor the network for malicious NTP traffic going to/coming from the SIMA2\n\n- Filter malicious NTP traffic going to/coming from the SIMA2 Monitor NTP server operations on your SIMA2 (server availability, correctness of advertised time, NTP-related log entries, etc.)\n\n\n3. In case you must use the NTP client on an SIMA2, choose from the following options to reduce NTP-based risks:\n\n- Use trusted NTP servers only\n\n- Allow NTP traffic to/from trusted NTP servers only\n\n- Monitor the network for malicious NTP traffic targeting the SIMA2\n\n- Filter malicious NTP traffic targeting the SIMA2\n\n- Monitor NTP client operations on your SIMA2 (correctness of system time, NTP-related log entries, etc.)",
"product_ids": [
"CSAFPID-51001"
]
},
{
"category": "vendor_fix",
"details": "Upgrade your\u00a0SIMA2 to software version 2.6 or above. The NTP service of the\u00a0SIMA2 Master Station with software version V2.6 and above includes a current, supported version of ntpd.",
"product_ids": [
"CSAFPID-51001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"environmentalScore": 7.5,
"environmentalSeverity": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.5,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-51001"
]
}
],
"title": "CVE-2016-4953"
},
{
"cve": "CVE-2016-4954",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"notes": [
{
"category": "description",
"text": "The process_packet function in ntp_proto.c in ntpd in NTP 4.x before 4.2.8p8 allows remote attackers to cause a denial of service (peer-variable modification) by sending spoofed packets from many source IP addresses in a certain scenario, as demonstrated by triggering an incorrect leap indication.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-52001"
],
"known_affected": [
"CSAFPID-51001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "1. If your SIMA2 does not need to provide time information to other systems or synchronize itself with an NTP server, disable the NTP client on those systems. Please note that the NTP client is disabled by default in SIMA2\n\n\n2. In case you must use the NTP server on an SIMA2, choose from the following options to reduce NTP-based risks:\n\n- Allow NTP traffic to/from trusted NTP clients only\n\n- Monitor the network for malicious NTP traffic going to/coming from the SIMA2\n\n- Filter malicious NTP traffic going to/coming from the SIMA2 Monitor NTP server operations on your SIMA2 (server availability, correctness of advertised time, NTP-related log entries, etc.)\n\n\n3. In case you must use the NTP client on an SIMA2, choose from the following options to reduce NTP-based risks:\n\n- Use trusted NTP servers only\n\n- Allow NTP traffic to/from trusted NTP servers only\n\n- Monitor the network for malicious NTP traffic targeting the SIMA2\n\n- Filter malicious NTP traffic targeting the SIMA2\n\n- Monitor NTP client operations on your SIMA2 (correctness of system time, NTP-related log entries, etc.)",
"product_ids": [
"CSAFPID-51001"
]
},
{
"category": "vendor_fix",
"details": "Upgrade your\u00a0SIMA2 to software version 2.6 or above. The NTP service of the\u00a0SIMA2 Master Station with software version V2.6 and above includes a current, supported version of ntpd.",
"product_ids": [
"CSAFPID-51001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"environmentalScore": 7.5,
"environmentalSeverity": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.5,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-51001"
]
}
],
"title": "CVE-2016-4954"
},
{
"cve": "CVE-2016-4955",
"cwe": {
"id": "CWE-362",
"name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)"
},
"notes": [
{
"category": "description",
"text": "ntpd in NTP 4.x before 4.2.8p8, when autokey is enabled, allows remote attackers to cause a denial of service (peer-variable clearing and association outage) by sending (1) a spoofed crypto-NAK packet or (2) a packet with an incorrect MAC value at a certain time.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-52001"
],
"known_affected": [
"CSAFPID-51001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "1. If your SIMA2 does not need to provide time information to other systems or synchronize itself with an NTP server, disable the NTP client on those systems. Please note that the NTP client is disabled by default in SIMA2\n\n\n2. In case you must use the NTP server on an SIMA2, choose from the following options to reduce NTP-based risks:\n\n- Allow NTP traffic to/from trusted NTP clients only\n\n- Monitor the network for malicious NTP traffic going to/coming from the SIMA2\n\n- Filter malicious NTP traffic going to/coming from the SIMA2 Monitor NTP server operations on your SIMA2 (server availability, correctness of advertised time, NTP-related log entries, etc.)\n\n\n3. In case you must use the NTP client on an SIMA2, choose from the following options to reduce NTP-based risks:\n\n- Use trusted NTP servers only\n\n- Allow NTP traffic to/from trusted NTP servers only\n\n- Monitor the network for malicious NTP traffic targeting the SIMA2\n\n- Filter malicious NTP traffic targeting the SIMA2\n\n- Monitor NTP client operations on your SIMA2 (correctness of system time, NTP-related log entries, etc.)",
"product_ids": [
"CSAFPID-51001"
]
},
{
"category": "vendor_fix",
"details": "Upgrade your\u00a0SIMA2 to software version 2.6 or above. The NTP service of the\u00a0SIMA2 Master Station with software version V2.6 and above includes a current, supported version of ntpd.",
"product_ids": [
"CSAFPID-51001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"environmentalScore": 5.9,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 5.9,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-51001"
]
}
],
"title": "CVE-2016-4955"
},
{
"cve": "CVE-2016-7427",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "description",
"text": "The broadcast mode replay prevention functionality in ntpd in NTP before 4.2.8p9 allows remote attackers to cause a denial of service (reject broadcast mode packets) via a crafted broadcast mode packet.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-52001"
],
"known_affected": [
"CSAFPID-51001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "1. If your SIMA2 does not need to provide time information to other systems or synchronize itself with an NTP server, disable the NTP client on those systems. Please note that the NTP client is disabled by default in SIMA2\n\n\n2. In case you must use the NTP server on an SIMA2, choose from the following options to reduce NTP-based risks:\n\n- Allow NTP traffic to/from trusted NTP clients only\n\n- Monitor the network for malicious NTP traffic going to/coming from the SIMA2\n\n- Filter malicious NTP traffic going to/coming from the SIMA2 Monitor NTP server operations on your SIMA2 (server availability, correctness of advertised time, NTP-related log entries, etc.)\n\n\n3. In case you must use the NTP client on an SIMA2, choose from the following options to reduce NTP-based risks:\n\n- Use trusted NTP servers only\n\n- Allow NTP traffic to/from trusted NTP servers only\n\n- Monitor the network for malicious NTP traffic targeting the SIMA2\n\n- Filter malicious NTP traffic targeting the SIMA2\n\n- Monitor NTP client operations on your SIMA2 (correctness of system time, NTP-related log entries, etc.)",
"product_ids": [
"CSAFPID-51001"
]
},
{
"category": "vendor_fix",
"details": "Upgrade your\u00a0SIMA2 to software version 2.6 or above. The NTP service of the\u00a0SIMA2 Master Station with software version V2.6 and above includes a current, supported version of ntpd.",
"product_ids": [
"CSAFPID-51001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"environmentalScore": 4.3,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 4.3,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"CSAFPID-51001"
]
}
],
"title": "CVE-2016-7427"
},
{
"cve": "CVE-2016-7431",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "NTP before 4.2.8p9 allows remote attackers to bypass the origin timestamp protection mechanism via an origin timestamp of zero. NOTE: this vulnerability exists because of a CVE-2015-8138 regression.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-52001"
],
"known_affected": [
"CSAFPID-51001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "1. If your SIMA2 does not need to provide time information to other systems or synchronize itself with an NTP server, disable the NTP client on those systems. Please note that the NTP client is disabled by default in SIMA2\n\n\n2. In case you must use the NTP server on an SIMA2, choose from the following options to reduce NTP-based risks:\n\n- Allow NTP traffic to/from trusted NTP clients only\n\n- Monitor the network for malicious NTP traffic going to/coming from the SIMA2\n\n- Filter malicious NTP traffic going to/coming from the SIMA2 Monitor NTP server operations on your SIMA2 (server availability, correctness of advertised time, NTP-related log entries, etc.)\n\n\n3. In case you must use the NTP client on an SIMA2, choose from the following options to reduce NTP-based risks:\n\n- Use trusted NTP servers only\n\n- Allow NTP traffic to/from trusted NTP servers only\n\n- Monitor the network for malicious NTP traffic targeting the SIMA2\n\n- Filter malicious NTP traffic targeting the SIMA2\n\n- Monitor NTP client operations on your SIMA2 (correctness of system time, NTP-related log entries, etc.)",
"product_ids": [
"CSAFPID-51001"
]
},
{
"category": "vendor_fix",
"details": "Upgrade your\u00a0SIMA2 to software version 2.6 or above. The NTP service of the\u00a0SIMA2 Master Station with software version V2.6 and above includes a current, supported version of ntpd.",
"product_ids": [
"CSAFPID-51001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"environmentalScore": 5.3,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 5.3,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.0"
},
"products": [
"CSAFPID-51001"
]
}
],
"title": "CVE-2016-7431"
},
{
"cve": "CVE-2016-7433",
"cwe": {
"id": "CWE-682",
"name": "Incorrect Calculation"
},
"notes": [
{
"category": "description",
"text": "NTP before 4.2.8p9 does not properly perform the initial sync calculations, which allows remote attackers to unspecified impact via unknown vectors, related to a \"root distance that did not include the peer dispersion.\"",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-52001"
],
"known_affected": [
"CSAFPID-51001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "1. If your SIMA2 does not need to provide time information to other systems or synchronize itself with an NTP server, disable the NTP client on those systems. Please note that the NTP client is disabled by default in SIMA2\n\n\n2. In case you must use the NTP server on an SIMA2, choose from the following options to reduce NTP-based risks:\n\n- Allow NTP traffic to/from trusted NTP clients only\n\n- Monitor the network for malicious NTP traffic going to/coming from the SIMA2\n\n- Filter malicious NTP traffic going to/coming from the SIMA2 Monitor NTP server operations on your SIMA2 (server availability, correctness of advertised time, NTP-related log entries, etc.)\n\n\n3. In case you must use the NTP client on an SIMA2, choose from the following options to reduce NTP-based risks:\n\n- Use trusted NTP servers only\n\n- Allow NTP traffic to/from trusted NTP servers only\n\n- Monitor the network for malicious NTP traffic targeting the SIMA2\n\n- Filter malicious NTP traffic targeting the SIMA2\n\n- Monitor NTP client operations on your SIMA2 (correctness of system time, NTP-related log entries, etc.)",
"product_ids": [
"CSAFPID-51001"
]
},
{
"category": "vendor_fix",
"details": "Upgrade your\u00a0SIMA2 to software version 2.6 or above. The NTP service of the\u00a0SIMA2 Master Station with software version V2.6 and above includes a current, supported version of ntpd.",
"product_ids": [
"CSAFPID-51001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"environmentalScore": 5.3,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 5.3,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"CSAFPID-51001"
]
}
],
"title": "CVE-2016-7433"
},
{
"cve": "CVE-2016-7434",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "The read_mru_list function in NTP before 4.2.8p9 allows remote attackers to cause a denial of service (crash) via a crafted mrulist query.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-52001"
],
"known_affected": [
"CSAFPID-51001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "1. If your SIMA2 does not need to provide time information to other systems or synchronize itself with an NTP server, disable the NTP client on those systems. Please note that the NTP client is disabled by default in SIMA2\n\n\n2. In case you must use the NTP server on an SIMA2, choose from the following options to reduce NTP-based risks:\n\n- Allow NTP traffic to/from trusted NTP clients only\n\n- Monitor the network for malicious NTP traffic going to/coming from the SIMA2\n\n- Filter malicious NTP traffic going to/coming from the SIMA2 Monitor NTP server operations on your SIMA2 (server availability, correctness of advertised time, NTP-related log entries, etc.)\n\n\n3. In case you must use the NTP client on an SIMA2, choose from the following options to reduce NTP-based risks:\n\n- Use trusted NTP servers only\n\n- Allow NTP traffic to/from trusted NTP servers only\n\n- Monitor the network for malicious NTP traffic targeting the SIMA2\n\n- Filter malicious NTP traffic targeting the SIMA2\n\n- Monitor NTP client operations on your SIMA2 (correctness of system time, NTP-related log entries, etc.)",
"product_ids": [
"CSAFPID-51001"
]
},
{
"category": "vendor_fix",
"details": "Upgrade your\u00a0SIMA2 to software version 2.6 or above. The NTP service of the\u00a0SIMA2 Master Station with software version V2.6 and above includes a current, supported version of ntpd.",
"product_ids": [
"CSAFPID-51001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"environmentalScore": 7.5,
"environmentalSeverity": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.5,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-51001"
]
}
],
"title": "CVE-2016-7434"
},
{
"cve": "CVE-2016-9310",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "description",
"text": "The control mode (mode 6) functionality in ntpd in NTP before 4.2.8p9 allows remote attackers to set or unset traps via a crafted control mode packet.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-52001"
],
"known_affected": [
"CSAFPID-51001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "1. If your SIMA2 does not need to provide time information to other systems or synchronize itself with an NTP server, disable the NTP client on those systems. Please note that the NTP client is disabled by default in SIMA2\n\n\n2. In case you must use the NTP server on an SIMA2, choose from the following options to reduce NTP-based risks:\n\n- Allow NTP traffic to/from trusted NTP clients only\n\n- Monitor the network for malicious NTP traffic going to/coming from the SIMA2\n\n- Filter malicious NTP traffic going to/coming from the SIMA2 Monitor NTP server operations on your SIMA2 (server availability, correctness of advertised time, NTP-related log entries, etc.)\n\n\n3. In case you must use the NTP client on an SIMA2, choose from the following options to reduce NTP-based risks:\n\n- Use trusted NTP servers only\n\n- Allow NTP traffic to/from trusted NTP servers only\n\n- Monitor the network for malicious NTP traffic targeting the SIMA2\n\n- Filter malicious NTP traffic targeting the SIMA2\n\n- Monitor NTP client operations on your SIMA2 (correctness of system time, NTP-related log entries, etc.)",
"product_ids": [
"CSAFPID-51001"
]
},
{
"category": "vendor_fix",
"details": "Upgrade your\u00a0SIMA2 to software version 2.6 or above. The NTP service of the\u00a0SIMA2 Master Station with software version V2.6 and above includes a current, supported version of ntpd.",
"product_ids": [
"CSAFPID-51001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "LOW",
"environmentalScore": 6.5,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 6.5,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:L",
"version": "3.0"
},
"products": [
"CSAFPID-51001"
]
}
],
"title": "CVE-2016-9310"
},
{
"cve": "CVE-2016-9311",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "description",
"text": "ntpd in NTP before 4.2.8p9, when the trap service is enabled, allows remote attackers to cause a denial of service (NULL pointer dereference and crash) via a crafted packet.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-52001"
],
"known_affected": [
"CSAFPID-51001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "1. If your SIMA2 does not need to provide time information to other systems or synchronize itself with an NTP server, disable the NTP client on those systems. Please note that the NTP client is disabled by default in SIMA2\n\n\n2. In case you must use the NTP server on an SIMA2, choose from the following options to reduce NTP-based risks:\n\n- Allow NTP traffic to/from trusted NTP clients only\n\n- Monitor the network for malicious NTP traffic going to/coming from the SIMA2\n\n- Filter malicious NTP traffic going to/coming from the SIMA2 Monitor NTP server operations on your SIMA2 (server availability, correctness of advertised time, NTP-related log entries, etc.)\n\n\n3. In case you must use the NTP client on an SIMA2, choose from the following options to reduce NTP-based risks:\n\n- Use trusted NTP servers only\n\n- Allow NTP traffic to/from trusted NTP servers only\n\n- Monitor the network for malicious NTP traffic targeting the SIMA2\n\n- Filter malicious NTP traffic targeting the SIMA2\n\n- Monitor NTP client operations on your SIMA2 (correctness of system time, NTP-related log entries, etc.)",
"product_ids": [
"CSAFPID-51001"
]
},
{
"category": "vendor_fix",
"details": "Upgrade your\u00a0SIMA2 to software version 2.6 or above. The NTP service of the\u00a0SIMA2 Master Station with software version V2.6 and above includes a current, supported version of ntpd.",
"product_ids": [
"CSAFPID-51001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"environmentalScore": 5.9,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 5.9,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-51001"
]
}
],
"title": "CVE-2016-9311"
},
{
"cve": "CVE-2017-6451",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "description",
"text": "The mx4200_send function in the legacy MX4200 refclock in NTP before 4.2.8p10 and 4.3.x before 4.3.94 does not properly handle the return value of the snprintf function, which allows local users to execute arbitrary code via unspecified vectors, which trigger an out-of-bounds memory write.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-52001"
],
"known_affected": [
"CSAFPID-51001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "1. If your SIMA2 does not need to provide time information to other systems or synchronize itself with an NTP server, disable the NTP client on those systems. Please note that the NTP client is disabled by default in SIMA2\n\n\n2. In case you must use the NTP server on an SIMA2, choose from the following options to reduce NTP-based risks:\n\n- Allow NTP traffic to/from trusted NTP clients only\n\n- Monitor the network for malicious NTP traffic going to/coming from the SIMA2\n\n- Filter malicious NTP traffic going to/coming from the SIMA2 Monitor NTP server operations on your SIMA2 (server availability, correctness of advertised time, NTP-related log entries, etc.)\n\n\n3. In case you must use the NTP client on an SIMA2, choose from the following options to reduce NTP-based risks:\n\n- Use trusted NTP servers only\n\n- Allow NTP traffic to/from trusted NTP servers only\n\n- Monitor the network for malicious NTP traffic targeting the SIMA2\n\n- Filter malicious NTP traffic targeting the SIMA2\n\n- Monitor NTP client operations on your SIMA2 (correctness of system time, NTP-related log entries, etc.)",
"product_ids": [
"CSAFPID-51001"
]
},
{
"category": "vendor_fix",
"details": "Upgrade your\u00a0SIMA2 to software version 2.6 or above. The NTP service of the\u00a0SIMA2 Master Station with software version V2.6 and above includes a current, supported version of ntpd.",
"product_ids": [
"CSAFPID-51001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-51001"
]
}
],
"title": "CVE-2017-6451"
},
{
"cve": "CVE-2017-6458",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"notes": [
{
"category": "description",
"text": "Multiple buffer overflows in the ctl_put* functions in NTP before 4.2.8p10 and 4.3.x before 4.3.94 allow remote authenticated users to have unspecified impact via a long variable.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-52001"
],
"known_affected": [
"CSAFPID-51001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "1. If your SIMA2 does not need to provide time information to other systems or synchronize itself with an NTP server, disable the NTP client on those systems. Please note that the NTP client is disabled by default in SIMA2\n\n\n2. In case you must use the NTP server on an SIMA2, choose from the following options to reduce NTP-based risks:\n\n- Allow NTP traffic to/from trusted NTP clients only\n\n- Monitor the network for malicious NTP traffic going to/coming from the SIMA2\n\n- Filter malicious NTP traffic going to/coming from the SIMA2 Monitor NTP server operations on your SIMA2 (server availability, correctness of advertised time, NTP-related log entries, etc.)\n\n\n3. In case you must use the NTP client on an SIMA2, choose from the following options to reduce NTP-based risks:\n\n- Use trusted NTP servers only\n\n- Allow NTP traffic to/from trusted NTP servers only\n\n- Monitor the network for malicious NTP traffic targeting the SIMA2\n\n- Filter malicious NTP traffic targeting the SIMA2\n\n- Monitor NTP client operations on your SIMA2 (correctness of system time, NTP-related log entries, etc.)",
"product_ids": [
"CSAFPID-51001"
]
},
{
"category": "vendor_fix",
"details": "Upgrade your\u00a0SIMA2 to software version 2.6 or above. The NTP service of the\u00a0SIMA2 Master Station with software version V2.6 and above includes a current, supported version of ntpd.",
"product_ids": [
"CSAFPID-51001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 8.8,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"temporalScore": 8.8,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-51001"
]
}
],
"title": "CVE-2017-6458"
},
{
"cve": "CVE-2017-6460",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"notes": [
{
"category": "description",
"text": "Stack-based buffer overflow in the reslist function in ntpq in NTP before 4.2.8p10 and 4.3.x before 4.3.94 allows remote servers have unspecified impact via a long flagstr variable in a restriction list response.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-52001"
],
"known_affected": [
"CSAFPID-51001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "1. If your SIMA2 does not need to provide time information to other systems or synchronize itself with an NTP server, disable the NTP client on those systems. Please note that the NTP client is disabled by default in SIMA2\n\n\n2. In case you must use the NTP server on an SIMA2, choose from the following options to reduce NTP-based risks:\n\n- Allow NTP traffic to/from trusted NTP clients only\n\n- Monitor the network for malicious NTP traffic going to/coming from the SIMA2\n\n- Filter malicious NTP traffic going to/coming from the SIMA2 Monitor NTP server operations on your SIMA2 (server availability, correctness of advertised time, NTP-related log entries, etc.)\n\n\n3. In case you must use the NTP client on an SIMA2, choose from the following options to reduce NTP-based risks:\n\n- Use trusted NTP servers only\n\n- Allow NTP traffic to/from trusted NTP servers only\n\n- Monitor the network for malicious NTP traffic targeting the SIMA2\n\n- Filter malicious NTP traffic targeting the SIMA2\n\n- Monitor NTP client operations on your SIMA2 (correctness of system time, NTP-related log entries, etc.)",
"product_ids": [
"CSAFPID-51001"
]
},
{
"category": "vendor_fix",
"details": "Upgrade your\u00a0SIMA2 to software version 2.6 or above. The NTP service of the\u00a0SIMA2 Master Station with software version V2.6 and above includes a current, supported version of ntpd.",
"product_ids": [
"CSAFPID-51001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 8.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 8.8,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"temporalScore": 8.8,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-51001"
]
}
],
"title": "CVE-2017-6460"
},
{
"cve": "CVE-2017-6462",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"notes": [
{
"category": "description",
"text": "Buffer overflow in the legacy Datum Programmable Time Server (DPTS) refclock driver in NTP before 4.2.8p10 and 4.3.x before 4.3.94 allows local users to have unspecified impact via a crafted /dev/datum device.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-52001"
],
"known_affected": [
"CSAFPID-51001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "1. If your SIMA2 does not need to provide time information to other systems or synchronize itself with an NTP server, disable the NTP client on those systems. Please note that the NTP client is disabled by default in SIMA2\n\n\n2. In case you must use the NTP server on an SIMA2, choose from the following options to reduce NTP-based risks:\n\n- Allow NTP traffic to/from trusted NTP clients only\n\n- Monitor the network for malicious NTP traffic going to/coming from the SIMA2\n\n- Filter malicious NTP traffic going to/coming from the SIMA2 Monitor NTP server operations on your SIMA2 (server availability, correctness of advertised time, NTP-related log entries, etc.)\n\n\n3. In case you must use the NTP client on an SIMA2, choose from the following options to reduce NTP-based risks:\n\n- Use trusted NTP servers only\n\n- Allow NTP traffic to/from trusted NTP servers only\n\n- Monitor the network for malicious NTP traffic targeting the SIMA2\n\n- Filter malicious NTP traffic targeting the SIMA2\n\n- Monitor NTP client operations on your SIMA2 (correctness of system time, NTP-related log entries, etc.)",
"product_ids": [
"CSAFPID-51001"
]
},
{
"category": "vendor_fix",
"details": "Upgrade your\u00a0SIMA2 to software version 2.6 or above. The NTP service of the\u00a0SIMA2 Master Station with software version V2.6 and above includes a current, supported version of ntpd.",
"product_ids": [
"CSAFPID-51001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "LOCAL",
"availabilityImpact": "HIGH",
"baseScore": 7.8,
"baseSeverity": "HIGH",
"confidentialityImpact": "HIGH",
"environmentalScore": 7.8,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"temporalScore": 7.8,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-51001"
]
}
],
"title": "CVE-2017-6462"
},
{
"cve": "CVE-2017-6463",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "NTP before 4.2.8p10 and 4.3.x before 4.3.94 allows remote authenticated users to cause a denial of service (daemon crash) via an invalid setting in a :config directive, related to the unpeer option.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-52001"
],
"known_affected": [
"CSAFPID-51001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "1. If your SIMA2 does not need to provide time information to other systems or synchronize itself with an NTP server, disable the NTP client on those systems. Please note that the NTP client is disabled by default in SIMA2\n\n\n2. In case you must use the NTP server on an SIMA2, choose from the following options to reduce NTP-based risks:\n\n- Allow NTP traffic to/from trusted NTP clients only\n\n- Monitor the network for malicious NTP traffic going to/coming from the SIMA2\n\n- Filter malicious NTP traffic going to/coming from the SIMA2 Monitor NTP server operations on your SIMA2 (server availability, correctness of advertised time, NTP-related log entries, etc.)\n\n\n3. In case you must use the NTP client on an SIMA2, choose from the following options to reduce NTP-based risks:\n\n- Use trusted NTP servers only\n\n- Allow NTP traffic to/from trusted NTP servers only\n\n- Monitor the network for malicious NTP traffic targeting the SIMA2\n\n- Filter malicious NTP traffic targeting the SIMA2\n\n- Monitor NTP client operations on your SIMA2 (correctness of system time, NTP-related log entries, etc.)",
"product_ids": [
"CSAFPID-51001"
]
},
{
"category": "vendor_fix",
"details": "Upgrade your\u00a0SIMA2 to software version 2.6 or above. The NTP service of the\u00a0SIMA2 Master Station with software version V2.6 and above includes a current, supported version of ntpd.",
"product_ids": [
"CSAFPID-51001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"environmentalScore": 6.5,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"temporalScore": 6.5,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-51001"
]
}
],
"title": "CVE-2017-6463"
},
{
"cve": "CVE-2017-6464",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "NTP before 4.2.8p10 and 4.3.x before 4.3.94 allows remote attackers to cause a denial of service (ntpd crash) via a malformed mode configuration directive.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-52001"
],
"known_affected": [
"CSAFPID-51001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "1. If your SIMA2 does not need to provide time information to other systems or synchronize itself with an NTP server, disable the NTP client on those systems. Please note that the NTP client is disabled by default in SIMA2\n\n\n2. In case you must use the NTP server on an SIMA2, choose from the following options to reduce NTP-based risks:\n\n- Allow NTP traffic to/from trusted NTP clients only\n\n- Monitor the network for malicious NTP traffic going to/coming from the SIMA2\n\n- Filter malicious NTP traffic going to/coming from the SIMA2 Monitor NTP server operations on your SIMA2 (server availability, correctness of advertised time, NTP-related log entries, etc.)\n\n\n3. In case you must use the NTP client on an SIMA2, choose from the following options to reduce NTP-based risks:\n\n- Use trusted NTP servers only\n\n- Allow NTP traffic to/from trusted NTP servers only\n\n- Monitor the network for malicious NTP traffic targeting the SIMA2\n\n- Filter malicious NTP traffic targeting the SIMA2\n\n- Monitor NTP client operations on your SIMA2 (correctness of system time, NTP-related log entries, etc.)",
"product_ids": [
"CSAFPID-51001"
]
},
{
"category": "vendor_fix",
"details": "Upgrade your\u00a0SIMA2 to software version 2.6 or above. The NTP service of the\u00a0SIMA2 Master Station with software version V2.6 and above includes a current, supported version of ntpd.",
"product_ids": [
"CSAFPID-51001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"environmentalScore": 6.5,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"temporalScore": 6.5,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-51001"
]
}
],
"title": "CVE-2017-6464"
},
{
"cve": "CVE-2018-12327",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "description",
"text": "Stack-based buffer overflow in ntpq and ntpdc of NTP version 4.2.8p11 allows an attacker to achieve code execution or escalate to higher privileges via a long string as the argument for an IPv4 or IPv6 command-line parameter. NOTE: It is unclear whether there are any common situations in which ntpq or ntpdc is used with a command line from an untrusted source.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-52001"
],
"known_affected": [
"CSAFPID-51001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "1. If your SIMA2 does not need to provide time information to other systems or synchronize itself with an NTP server, disable the NTP client on those systems. Please note that the NTP client is disabled by default in SIMA2\n\n\n2. In case you must use the NTP server on an SIMA2, choose from the following options to reduce NTP-based risks:\n\n- Allow NTP traffic to/from trusted NTP clients only\n\n- Monitor the network for malicious NTP traffic going to/coming from the SIMA2\n\n- Filter malicious NTP traffic going to/coming from the SIMA2 Monitor NTP server operations on your SIMA2 (server availability, correctness of advertised time, NTP-related log entries, etc.)\n\n\n3. In case you must use the NTP client on an SIMA2, choose from the following options to reduce NTP-based risks:\n\n- Use trusted NTP servers only\n\n- Allow NTP traffic to/from trusted NTP servers only\n\n- Monitor the network for malicious NTP traffic targeting the SIMA2\n\n- Filter malicious NTP traffic targeting the SIMA2\n\n- Monitor NTP client operations on your SIMA2 (correctness of system time, NTP-related log entries, etc.)",
"product_ids": [
"CSAFPID-51001"
]
},
{
"category": "vendor_fix",
"details": "Upgrade your\u00a0SIMA2 to software version 2.6 or above. The NTP service of the\u00a0SIMA2 Master Station with software version V2.6 and above includes a current, supported version of ntpd.",
"product_ids": [
"CSAFPID-51001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"environmentalScore": 9.8,
"environmentalSeverity": "CRITICAL",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 9.8,
"temporalSeverity": "CRITICAL",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-51001"
]
}
],
"title": "CVE-2018-12327"
},
{
"cve": "CVE-2018-7182",
"cwe": {
"id": "CWE-125",
"name": "Out-of-bounds Read"
},
"notes": [
{
"category": "description",
"text": "The ctl_getitem method in ntpd in ntp-4.2.8p6 before 4.2.8p11 allows remote attackers to cause a denial of service (out-of-bounds read) via a crafted mode 6 packet with a ntpd instance from 4.2.8p6 through 4.2.8p10.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-52001"
],
"known_affected": [
"CSAFPID-51001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "1. If your SIMA2 does not need to provide time information to other systems or synchronize itself with an NTP server, disable the NTP client on those systems. Please note that the NTP client is disabled by default in SIMA2\n\n\n2. In case you must use the NTP server on an SIMA2, choose from the following options to reduce NTP-based risks:\n\n- Allow NTP traffic to/from trusted NTP clients only\n\n- Monitor the network for malicious NTP traffic going to/coming from the SIMA2\n\n- Filter malicious NTP traffic going to/coming from the SIMA2 Monitor NTP server operations on your SIMA2 (server availability, correctness of advertised time, NTP-related log entries, etc.)\n\n\n3. In case you must use the NTP client on an SIMA2, choose from the following options to reduce NTP-based risks:\n\n- Use trusted NTP servers only\n\n- Allow NTP traffic to/from trusted NTP servers only\n\n- Monitor the network for malicious NTP traffic targeting the SIMA2\n\n- Filter malicious NTP traffic targeting the SIMA2\n\n- Monitor NTP client operations on your SIMA2 (correctness of system time, NTP-related log entries, etc.)",
"product_ids": [
"CSAFPID-51001"
]
},
{
"category": "vendor_fix",
"details": "Upgrade your\u00a0SIMA2 to software version 2.6 or above. The NTP service of the\u00a0SIMA2 Master Station with software version V2.6 and above includes a current, supported version of ntpd.",
"product_ids": [
"CSAFPID-51001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"environmentalScore": 7.5,
"environmentalSeverity": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.5,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-51001"
]
}
],
"title": "CVE-2018-7182"
},
{
"cve": "CVE-2018-7183",
"cwe": {
"id": "CWE-787",
"name": "Out-of-bounds Write"
},
"notes": [
{
"category": "description",
"text": "Buffer overflow in the decodearr function in ntpq in ntp 4.2.8p6 through 4.2.8p10 allows remote attackers to execute arbitrary code by leveraging an ntpq query and sending a response with a crafted array.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-52001"
],
"known_affected": [
"CSAFPID-51001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "1. If your SIMA2 does not need to provide time information to other systems or synchronize itself with an NTP server, disable the NTP client on those systems. Please note that the NTP client is disabled by default in SIMA2\n\n\n2. In case you must use the NTP server on an SIMA2, choose from the following options to reduce NTP-based risks:\n\n- Allow NTP traffic to/from trusted NTP clients only\n\n- Monitor the network for malicious NTP traffic going to/coming from the SIMA2\n\n- Filter malicious NTP traffic going to/coming from the SIMA2 Monitor NTP server operations on your SIMA2 (server availability, correctness of advertised time, NTP-related log entries, etc.)\n\n\n3. In case you must use the NTP client on an SIMA2, choose from the following options to reduce NTP-based risks:\n\n- Use trusted NTP servers only\n\n- Allow NTP traffic to/from trusted NTP servers only\n\n- Monitor the network for malicious NTP traffic targeting the SIMA2\n\n- Filter malicious NTP traffic targeting the SIMA2\n\n- Monitor NTP client operations on your SIMA2 (correctness of system time, NTP-related log entries, etc.)",
"product_ids": [
"CSAFPID-51001"
]
},
{
"category": "vendor_fix",
"details": "Upgrade your\u00a0SIMA2 to software version 2.6 or above. The NTP service of the\u00a0SIMA2 Master Station with software version V2.6 and above includes a current, supported version of ntpd.",
"product_ids": [
"CSAFPID-51001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"environmentalScore": 9.8,
"environmentalSeverity": "CRITICAL",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 9.8,
"temporalSeverity": "CRITICAL",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-51001"
]
}
],
"title": "CVE-2018-7183"
},
{
"cve": "CVE-2018-7184",
"notes": [
{
"category": "description",
"text": "ntpd in ntp 4.2.8p4 before 4.2.8p11 drops bad packets before updating the \"received\" timestamp, which allows remote attackers to cause a denial of service (disruption) by sending a packet with a zero-origin timestamp causing the association to reset and setting the contents of the packet as the most recent timestamp. This issue is a result of an incomplete fix for CVE-2015-7704.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-52001"
],
"known_affected": [
"CSAFPID-51001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "1. If your SIMA2 does not need to provide time information to other systems or synchronize itself with an NTP server, disable the NTP client on those systems. Please note that the NTP client is disabled by default in SIMA2\n\n\n2. In case you must use the NTP server on an SIMA2, choose from the following options to reduce NTP-based risks:\n\n- Allow NTP traffic to/from trusted NTP clients only\n\n- Monitor the network for malicious NTP traffic going to/coming from the SIMA2\n\n- Filter malicious NTP traffic going to/coming from the SIMA2 Monitor NTP server operations on your SIMA2 (server availability, correctness of advertised time, NTP-related log entries, etc.)\n\n\n3. In case you must use the NTP client on an SIMA2, choose from the following options to reduce NTP-based risks:\n\n- Use trusted NTP servers only\n\n- Allow NTP traffic to/from trusted NTP servers only\n\n- Monitor the network for malicious NTP traffic targeting the SIMA2\n\n- Filter malicious NTP traffic targeting the SIMA2\n\n- Monitor NTP client operations on your SIMA2 (correctness of system time, NTP-related log entries, etc.)",
"product_ids": [
"CSAFPID-51001"
]
},
{
"category": "vendor_fix",
"details": "Upgrade your\u00a0SIMA2 to software version 2.6 or above. The NTP service of the\u00a0SIMA2 Master Station with software version V2.6 and above includes a current, supported version of ntpd.",
"product_ids": [
"CSAFPID-51001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"environmentalScore": 7.5,
"environmentalSeverity": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.5,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-51001"
]
}
],
"title": "CVE-2018-7184"
},
{
"cve": "CVE-2018-7185",
"notes": [
{
"category": "description",
"text": "The protocol engine in ntp 4.2.6 before 4.2.8p11 allows a remote attackers to cause a denial of service (disruption) by continually sending a packet with a zero-origin timestamp and source IP address of the \"other side\" of an interleaved association causing the victim ntpd to reset its association.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-52001"
],
"known_affected": [
"CSAFPID-51001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "1. If your SIMA2 does not need to provide time information to other systems or synchronize itself with an NTP server, disable the NTP client on those systems. Please note that the NTP client is disabled by default in SIMA2\n\n\n2. In case you must use the NTP server on an SIMA2, choose from the following options to reduce NTP-based risks:\n\n- Allow NTP traffic to/from trusted NTP clients only\n\n- Monitor the network for malicious NTP traffic going to/coming from the SIMA2\n\n- Filter malicious NTP traffic going to/coming from the SIMA2 Monitor NTP server operations on your SIMA2 (server availability, correctness of advertised time, NTP-related log entries, etc.)\n\n\n3. In case you must use the NTP client on an SIMA2, choose from the following options to reduce NTP-based risks:\n\n- Use trusted NTP servers only\n\n- Allow NTP traffic to/from trusted NTP servers only\n\n- Monitor the network for malicious NTP traffic targeting the SIMA2\n\n- Filter malicious NTP traffic targeting the SIMA2\n\n- Monitor NTP client operations on your SIMA2 (correctness of system time, NTP-related log entries, etc.)",
"product_ids": [
"CSAFPID-51001"
]
},
{
"category": "vendor_fix",
"details": "Upgrade your\u00a0SIMA2 to software version 2.6 or above. The NTP service of the\u00a0SIMA2 Master Station with software version V2.6 and above includes a current, supported version of ntpd.",
"product_ids": [
"CSAFPID-51001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"environmentalScore": 7.5,
"environmentalSeverity": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.5,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-51001"
]
}
],
"title": "CVE-2018-7185"
},
{
"cve": "CVE-2018-8956",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "ntpd in ntp 4.2.8p10, 4.2.8p11, 4.2.8p12 and 4.2.8p13 allow remote attackers to prevent a broadcast client from synchronizing its clock with a broadcast NTP server via soofed mode 3 and mode 5 packets. The attacker must either be a part of the same broadcast network or control a slave in that broadcast network that can capture certain required packets on the attacker\u0027s behalf and send them to the attacker.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-52001"
],
"known_affected": [
"CSAFPID-51001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "1. If your SIMA2 does not need to provide time information to other systems or synchronize itself with an NTP server, disable the NTP client on those systems. Please note that the NTP client is disabled by default in SIMA2\n\n\n2. In case you must use the NTP server on an SIMA2, choose from the following options to reduce NTP-based risks:\n\n- Allow NTP traffic to/from trusted NTP clients only\n\n- Monitor the network for malicious NTP traffic going to/coming from the SIMA2\n\n- Filter malicious NTP traffic going to/coming from the SIMA2 Monitor NTP server operations on your SIMA2 (server availability, correctness of advertised time, NTP-related log entries, etc.)\n\n\n3. In case you must use the NTP client on an SIMA2, choose from the following options to reduce NTP-based risks:\n\n- Use trusted NTP servers only\n\n- Allow NTP traffic to/from trusted NTP servers only\n\n- Monitor the network for malicious NTP traffic targeting the SIMA2\n\n- Filter malicious NTP traffic targeting the SIMA2\n\n- Monitor NTP client operations on your SIMA2 (correctness of system time, NTP-related log entries, etc.)",
"product_ids": [
"CSAFPID-51001"
]
},
{
"category": "vendor_fix",
"details": "Upgrade your\u00a0SIMA2 to software version 2.6 or above. The NTP service of the\u00a0SIMA2 Master Station with software version V2.6 and above includes a current, supported version of ntpd.",
"product_ids": [
"CSAFPID-51001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"environmentalScore": 5.3,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 5.3,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-51001"
]
}
],
"title": "CVE-2018-8956"
},
{
"cve": "CVE-2019-8936",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "description",
"text": "NTP through 4.2.8p12 has a NULL Pointer Dereference.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-52001"
],
"known_affected": [
"CSAFPID-51001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "1. If your SIMA2 does not need to provide time information to other systems or synchronize itself with an NTP server, disable the NTP client on those systems. Please note that the NTP client is disabled by default in SIMA2\n\n\n2. In case you must use the NTP server on an SIMA2, choose from the following options to reduce NTP-based risks:\n\n- Allow NTP traffic to/from trusted NTP clients only\n\n- Monitor the network for malicious NTP traffic going to/coming from the SIMA2\n\n- Filter malicious NTP traffic going to/coming from the SIMA2 Monitor NTP server operations on your SIMA2 (server availability, correctness of advertised time, NTP-related log entries, etc.)\n\n\n3. In case you must use the NTP client on an SIMA2, choose from the following options to reduce NTP-based risks:\n\n- Use trusted NTP servers only\n\n- Allow NTP traffic to/from trusted NTP servers only\n\n- Monitor the network for malicious NTP traffic targeting the SIMA2\n\n- Filter malicious NTP traffic targeting the SIMA2\n\n- Monitor NTP client operations on your SIMA2 (correctness of system time, NTP-related log entries, etc.)",
"product_ids": [
"CSAFPID-51001"
]
},
{
"category": "vendor_fix",
"details": "Upgrade your\u00a0SIMA2 to software version 2.6 or above. The NTP service of the\u00a0SIMA2 Master Station with software version V2.6 and above includes a current, supported version of ntpd.",
"product_ids": [
"CSAFPID-51001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"environmentalScore": 7.5,
"environmentalSeverity": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.5,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-51001"
]
}
],
"title": "CVE-2019-8936"
},
{
"cve": "CVE-2020-11868",
"cwe": {
"id": "CWE-346",
"name": "Origin Validation Error"
},
"notes": [
{
"category": "description",
"text": "ntpd in ntp before 4.2.8p14 and 4.3.x before 4.3.100 allows an off-path attacker to block unauthenticated synchronization via a server mode packet with a spoofed source IP address, because transmissions are rescheduled even when a packet lacks a valid origin timestamp.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-52001"
],
"known_affected": [
"CSAFPID-51001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "1. If your SIMA2 does not need to provide time information to other systems or synchronize itself with an NTP server, disable the NTP client on those systems. Please note that the NTP client is disabled by default in SIMA2\n\n\n2. In case you must use the NTP server on an SIMA2, choose from the following options to reduce NTP-based risks:\n\n- Allow NTP traffic to/from trusted NTP clients only\n\n- Monitor the network for malicious NTP traffic going to/coming from the SIMA2\n\n- Filter malicious NTP traffic going to/coming from the SIMA2 Monitor NTP server operations on your SIMA2 (server availability, correctness of advertised time, NTP-related log entries, etc.)\n\n\n3. In case you must use the NTP client on an SIMA2, choose from the following options to reduce NTP-based risks:\n\n- Use trusted NTP servers only\n\n- Allow NTP traffic to/from trusted NTP servers only\n\n- Monitor the network for malicious NTP traffic targeting the SIMA2\n\n- Filter malicious NTP traffic targeting the SIMA2\n\n- Monitor NTP client operations on your SIMA2 (correctness of system time, NTP-related log entries, etc.)",
"product_ids": [
"CSAFPID-51001"
]
},
{
"category": "vendor_fix",
"details": "Upgrade your\u00a0SIMA2 to software version 2.6 or above. The NTP service of the\u00a0SIMA2 Master Station with software version V2.6 and above includes a current, supported version of ntpd.",
"product_ids": [
"CSAFPID-51001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"environmentalScore": 7.5,
"environmentalSeverity": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.5,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-51001"
]
}
],
"title": "CVE-2020-11868"
},
{
"cve": "CVE-2020-13817",
"cwe": {
"id": "CWE-330",
"name": "Use of Insufficiently Random Values"
},
"notes": [
{
"category": "description",
"text": "ntpd in ntp before 4.2.8p14 and 4.3.x before 4.3.100 allows remote attackers to cause a denial of service (daemon exit or system time change) by predicting transmit timestamps for use in spoofed packets. The victim must be relying on unauthenticated IPv4 time sources. There must be an off-path attacker who can query time from the victim\u0027s ntpd instance.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-52001"
],
"known_affected": [
"CSAFPID-51001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "1. If your SIMA2 does not need to provide time information to other systems or synchronize itself with an NTP server, disable the NTP client on those systems. Please note that the NTP client is disabled by default in SIMA2\n\n\n2. In case you must use the NTP server on an SIMA2, choose from the following options to reduce NTP-based risks:\n\n- Allow NTP traffic to/from trusted NTP clients only\n\n- Monitor the network for malicious NTP traffic going to/coming from the SIMA2\n\n- Filter malicious NTP traffic going to/coming from the SIMA2 Monitor NTP server operations on your SIMA2 (server availability, correctness of advertised time, NTP-related log entries, etc.)\n\n\n3. In case you must use the NTP client on an SIMA2, choose from the following options to reduce NTP-based risks:\n\n- Use trusted NTP servers only\n\n- Allow NTP traffic to/from trusted NTP servers only\n\n- Monitor the network for malicious NTP traffic targeting the SIMA2\n\n- Filter malicious NTP traffic targeting the SIMA2\n\n- Monitor NTP client operations on your SIMA2 (correctness of system time, NTP-related log entries, etc.)",
"product_ids": [
"CSAFPID-51001"
]
},
{
"category": "vendor_fix",
"details": "Upgrade your\u00a0SIMA2 to software version 2.6 or above. The NTP service of the\u00a0SIMA2 Master Station with software version V2.6 and above includes a current, supported version of ntpd.",
"product_ids": [
"CSAFPID-51001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.4,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"environmentalScore": 7.4,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.4,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-51001"
]
}
],
"title": "CVE-2020-13817"
},
{
"cve": "CVE-2020-15025",
"cwe": {
"id": "CWE-401",
"name": "Missing Release of Memory after Effective Lifetime"
},
"notes": [
{
"category": "description",
"text": "ntpd in ntp 4.2.8 before 4.2.8p15 and 4.3.x before 4.3.101 allows remote attackers to cause a denial of service (memory consumption) by sending packets, because memory is not freed in situations where a CMAC key is used and associated with a CMAC algorithm in the ntp.keys file.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-52001"
],
"known_affected": [
"CSAFPID-51001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "1. If your SIMA2 does not need to provide time information to other systems or synchronize itself with an NTP server, disable the NTP client on those systems. Please note that the NTP client is disabled by default in SIMA2\n\n\n2. In case you must use the NTP server on an SIMA2, choose from the following options to reduce NTP-based risks:\n\n- Allow NTP traffic to/from trusted NTP clients only\n\n- Monitor the network for malicious NTP traffic going to/coming from the SIMA2\n\n- Filter malicious NTP traffic going to/coming from the SIMA2 Monitor NTP server operations on your SIMA2 (server availability, correctness of advertised time, NTP-related log entries, etc.)\n\n\n3. In case you must use the NTP client on an SIMA2, choose from the following options to reduce NTP-based risks:\n\n- Use trusted NTP servers only\n\n- Allow NTP traffic to/from trusted NTP servers only\n\n- Monitor the network for malicious NTP traffic targeting the SIMA2\n\n- Filter malicious NTP traffic targeting the SIMA2\n\n- Monitor NTP client operations on your SIMA2 (correctness of system time, NTP-related log entries, etc.)",
"product_ids": [
"CSAFPID-51001"
]
},
{
"category": "vendor_fix",
"details": "Upgrade your\u00a0SIMA2 to software version 2.6 or above. The NTP service of the\u00a0SIMA2 Master Station with software version V2.6 and above includes a current, supported version of ntpd.",
"product_ids": [
"CSAFPID-51001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 4.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"environmentalScore": 4.9,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "NONE",
"privilegesRequired": "HIGH",
"scope": "UNCHANGED",
"temporalScore": 4.9,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-51001"
]
}
],
"title": "CVE-2020-15025"
},
{
"cve": "CVE-2015-7701",
"cwe": {
"id": "CWE-772",
"name": "Missing Release of Resource after Effective Lifetime"
},
"notes": [
{
"category": "description",
"text": "Memory leak in the CRYPTO_ASSOC function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (memory consumption).",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-52001"
],
"known_affected": [
"CSAFPID-51001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "1. If your SIMA2 does not need to provide time information to other systems or synchronize itself with an NTP server, disable the NTP client on those systems. Please note that the NTP client is disabled by default in SIMA2\n\n\n2. In case you must use the NTP server on an SIMA2, choose from the following options to reduce NTP-based risks:\n\n- Allow NTP traffic to/from trusted NTP clients only\n\n- Monitor the network for malicious NTP traffic going to/coming from the SIMA2\n\n- Filter malicious NTP traffic going to/coming from the SIMA2 Monitor NTP server operations on your SIMA2 (server availability, correctness of advertised time, NTP-related log entries, etc.)\n\n\n3. In case you must use the NTP client on an SIMA2, choose from the following options to reduce NTP-based risks:\n\n- Use trusted NTP servers only\n\n- Allow NTP traffic to/from trusted NTP servers only\n\n- Monitor the network for malicious NTP traffic targeting the SIMA2\n\n- Filter malicious NTP traffic targeting the SIMA2\n\n- Monitor NTP client operations on your SIMA2 (correctness of system time, NTP-related log entries, etc.)",
"product_ids": [
"CSAFPID-51001"
]
},
{
"category": "vendor_fix",
"details": "Upgrade your\u00a0SIMA2 to software version 2.6 or above. The NTP service of the\u00a0SIMA2 Master Station with software version V2.6 and above includes a current, supported version of ntpd.",
"product_ids": [
"CSAFPID-51001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"environmentalScore": 7.5,
"environmentalSeverity": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.5,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-51001"
]
}
],
"title": "CVE-2015-7701"
},
{
"cve": "CVE-2015-5300",
"notes": [
{
"category": "description",
"text": "The panic_gate check in NTP before 4.2.8p5 is only re-enabled after the first change to the system clock that was greater than 128 milliseconds by default, which allows remote attackers to set NTP to an arbitrary time when started with the -g option, or to alter the time by up to 900 seconds otherwise by responding to an unspecified number of requests from trusted sources, and leveraging a resulting denial of service (abort and restart).",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-52001"
],
"known_affected": [
"CSAFPID-51001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "1. If your SIMA2 does not need to provide time information to other systems or synchronize itself with an NTP server, disable the NTP client on those systems. Please note that the NTP client is disabled by default in SIMA2\n\n\n2. In case you must use the NTP server on an SIMA2, choose from the following options to reduce NTP-based risks:\n\n- Allow NTP traffic to/from trusted NTP clients only\n\n- Monitor the network for malicious NTP traffic going to/coming from the SIMA2\n\n- Filter malicious NTP traffic going to/coming from the SIMA2 Monitor NTP server operations on your SIMA2 (server availability, correctness of advertised time, NTP-related log entries, etc.)\n\n\n3. In case you must use the NTP client on an SIMA2, choose from the following options to reduce NTP-based risks:\n\n- Use trusted NTP servers only\n\n- Allow NTP traffic to/from trusted NTP servers only\n\n- Monitor the network for malicious NTP traffic targeting the SIMA2\n\n- Filter malicious NTP traffic targeting the SIMA2\n\n- Monitor NTP client operations on your SIMA2 (correctness of system time, NTP-related log entries, etc.)",
"product_ids": [
"CSAFPID-51001"
]
},
{
"category": "vendor_fix",
"details": "Upgrade your\u00a0SIMA2 to software version 2.6 or above. The NTP service of the\u00a0SIMA2 Master Station with software version V2.6 and above includes a current, supported version of ntpd.",
"product_ids": [
"CSAFPID-51001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"environmentalScore": 7.5,
"environmentalSeverity": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.5,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-51001"
]
}
],
"title": "CVE-2015-5300"
},
{
"cve": "CVE-2015-7853",
"cwe": {
"id": "CWE-120",
"name": "Buffer Copy without Checking Size of Input (\u0027Classic Buffer Overflow\u0027)"
},
"notes": [
{
"category": "description",
"text": "The datalen parameter in the refclock driver in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to execute arbitrary code or cause a denial of service (crash) via a negative input value.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-52001"
],
"known_affected": [
"CSAFPID-51001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "1. If your SIMA2 does not need to provide time information to other systems or synchronize itself with an NTP server, disable the NTP client on those systems. Please note that the NTP client is disabled by default in SIMA2\n\n\n2. In case you must use the NTP server on an SIMA2, choose from the following options to reduce NTP-based risks:\n\n- Allow NTP traffic to/from trusted NTP clients only\n\n- Monitor the network for malicious NTP traffic going to/coming from the SIMA2\n\n- Filter malicious NTP traffic going to/coming from the SIMA2 Monitor NTP server operations on your SIMA2 (server availability, correctness of advertised time, NTP-related log entries, etc.)\n\n\n3. In case you must use the NTP client on an SIMA2, choose from the following options to reduce NTP-based risks:\n\n- Use trusted NTP servers only\n\n- Allow NTP traffic to/from trusted NTP servers only\n\n- Monitor the network for malicious NTP traffic targeting the SIMA2\n\n- Filter malicious NTP traffic targeting the SIMA2\n\n- Monitor NTP client operations on your SIMA2 (correctness of system time, NTP-related log entries, etc.)",
"product_ids": [
"CSAFPID-51001"
]
},
{
"category": "vendor_fix",
"details": "Upgrade your\u00a0SIMA2 to software version 2.6 or above. The NTP service of the\u00a0SIMA2 Master Station with software version V2.6 and above includes a current, supported version of ntpd.",
"product_ids": [
"CSAFPID-51001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"environmentalScore": 9.8,
"environmentalSeverity": "CRITICAL",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 9.8,
"temporalSeverity": "CRITICAL",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-51001"
]
}
],
"title": "CVE-2015-7853"
},
{
"cve": "CVE-2015-7705",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "The rate limiting feature in NTP 4.x before 4.2.8p4 and 4.3.x before 4.3.77 allows remote attackers to have unspecified impact via a large number of crafted requests.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-52001"
],
"known_affected": [
"CSAFPID-51001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "1. If your SIMA2 does not need to provide time information to other systems or synchronize itself with an NTP server, disable the NTP client on those systems. Please note that the NTP client is disabled by default in SIMA2\n\n\n2. In case you must use the NTP server on an SIMA2, choose from the following options to reduce NTP-based risks:\n\n- Allow NTP traffic to/from trusted NTP clients only\n\n- Monitor the network for malicious NTP traffic going to/coming from the SIMA2\n\n- Filter malicious NTP traffic going to/coming from the SIMA2 Monitor NTP server operations on your SIMA2 (server availability, correctness of advertised time, NTP-related log entries, etc.)\n\n\n3. In case you must use the NTP client on an SIMA2, choose from the following options to reduce NTP-based risks:\n\n- Use trusted NTP servers only\n\n- Allow NTP traffic to/from trusted NTP servers only\n\n- Monitor the network for malicious NTP traffic targeting the SIMA2\n\n- Filter malicious NTP traffic targeting the SIMA2\n\n- Monitor NTP client operations on your SIMA2 (correctness of system time, NTP-related log entries, etc.)",
"product_ids": [
"CSAFPID-51001"
]
},
{
"category": "vendor_fix",
"details": "Upgrade your\u00a0SIMA2 to software version 2.6 or above. The NTP service of the\u00a0SIMA2 Master Station with software version V2.6 and above includes a current, supported version of ntpd.",
"product_ids": [
"CSAFPID-51001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 9.8,
"baseSeverity": "CRITICAL",
"confidentialityImpact": "HIGH",
"environmentalScore": 9.8,
"environmentalSeverity": "CRITICAL",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 9.8,
"temporalSeverity": "CRITICAL",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-51001"
]
}
],
"title": "CVE-2015-7705"
},
{
"cve": "CVE-2015-7703",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "The \"pidfile\" or \"driftfile\" directives in NTP ntpd 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77, when ntpd is configured to allow remote configuration, allows remote attackers with an IP address that is allowed to send configuration requests, and with knowledge of the remote configuration password to write to arbitrary files via the :config command.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-52001"
],
"known_affected": [
"CSAFPID-51001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "1. If your SIMA2 does not need to provide time information to other systems or synchronize itself with an NTP server, disable the NTP client on those systems. Please note that the NTP client is disabled by default in SIMA2\n\n\n2. In case you must use the NTP server on an SIMA2, choose from the following options to reduce NTP-based risks:\n\n- Allow NTP traffic to/from trusted NTP clients only\n\n- Monitor the network for malicious NTP traffic going to/coming from the SIMA2\n\n- Filter malicious NTP traffic going to/coming from the SIMA2 Monitor NTP server operations on your SIMA2 (server availability, correctness of advertised time, NTP-related log entries, etc.)\n\n\n3. In case you must use the NTP client on an SIMA2, choose from the following options to reduce NTP-based risks:\n\n- Use trusted NTP servers only\n\n- Allow NTP traffic to/from trusted NTP servers only\n\n- Monitor the network for malicious NTP traffic targeting the SIMA2\n\n- Filter malicious NTP traffic targeting the SIMA2\n\n- Monitor NTP client operations on your SIMA2 (correctness of system time, NTP-related log entries, etc.)",
"product_ids": [
"CSAFPID-51001"
]
},
{
"category": "vendor_fix",
"details": "Upgrade your\u00a0SIMA2 to software version 2.6 or above. The NTP service of the\u00a0SIMA2 Master Station with software version V2.6 and above includes a current, supported version of ntpd.",
"product_ids": [
"CSAFPID-51001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"environmentalScore": 7.5,
"environmentalSeverity": "HIGH",
"integrityImpact": "HIGH",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.5,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N",
"version": "3.1"
},
"products": [
"CSAFPID-51001"
]
}
],
"title": "CVE-2015-7703"
},
{
"cve": "CVE-2016-7429",
"notes": [
{
"category": "description",
"text": "NTP before 4.2.8p9 changes the peer structure to the interface it receives the response from a source, which allows remote attackers to cause a denial of service (prevent communication with a source) by sending a response for a source to an interface the source does not use.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-52001"
],
"known_affected": [
"CSAFPID-51001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "1. If your SIMA2 does not need to provide time information to other systems or synchronize itself with an NTP server, disable the NTP client on those systems. Please note that the NTP client is disabled by default in SIMA2\n\n\n2. In case you must use the NTP server on an SIMA2, choose from the following options to reduce NTP-based risks:\n\n- Allow NTP traffic to/from trusted NTP clients only\n\n- Monitor the network for malicious NTP traffic going to/coming from the SIMA2\n\n- Filter malicious NTP traffic going to/coming from the SIMA2 Monitor NTP server operations on your SIMA2 (server availability, correctness of advertised time, NTP-related log entries, etc.)\n\n\n3. In case you must use the NTP client on an SIMA2, choose from the following options to reduce NTP-based risks:\n\n- Use trusted NTP servers only\n\n- Allow NTP traffic to/from trusted NTP servers only\n\n- Monitor the network for malicious NTP traffic targeting the SIMA2\n\n- Filter malicious NTP traffic targeting the SIMA2\n\n- Monitor NTP client operations on your SIMA2 (correctness of system time, NTP-related log entries, etc.)",
"product_ids": [
"CSAFPID-51001"
]
},
{
"category": "vendor_fix",
"details": "Upgrade your\u00a0SIMA2 to software version 2.6 or above. The NTP service of the\u00a0SIMA2 Master Station with software version V2.6 and above includes a current, supported version of ntpd.",
"product_ids": [
"CSAFPID-51001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"environmentalScore": 3.7,
"environmentalSeverity": "LOW",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 3.7,
"temporalSeverity": "LOW",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"CSAFPID-51001"
]
}
],
"title": "CVE-2016-7429"
},
{
"cve": "CVE-2016-7428",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "description",
"text": "ntpd in NTP before 4.2.8p9 allows remote attackers to cause a denial of service (reject broadcast mode packets) via the poll interval in a broadcast packet.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-52001"
],
"known_affected": [
"CSAFPID-51001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "1. If your SIMA2 does not need to provide time information to other systems or synchronize itself with an NTP server, disable the NTP client on those systems. Please note that the NTP client is disabled by default in SIMA2\n\n\n2. In case you must use the NTP server on an SIMA2, choose from the following options to reduce NTP-based risks:\n\n- Allow NTP traffic to/from trusted NTP clients only\n\n- Monitor the network for malicious NTP traffic going to/coming from the SIMA2\n\n- Filter malicious NTP traffic going to/coming from the SIMA2 Monitor NTP server operations on your SIMA2 (server availability, correctness of advertised time, NTP-related log entries, etc.)\n\n\n3. In case you must use the NTP client on an SIMA2, choose from the following options to reduce NTP-based risks:\n\n- Use trusted NTP servers only\n\n- Allow NTP traffic to/from trusted NTP servers only\n\n- Monitor the network for malicious NTP traffic targeting the SIMA2\n\n- Filter malicious NTP traffic targeting the SIMA2\n\n- Monitor NTP client operations on your SIMA2 (correctness of system time, NTP-related log entries, etc.)",
"product_ids": [
"CSAFPID-51001"
]
},
{
"category": "vendor_fix",
"details": "Upgrade your\u00a0SIMA2 to software version 2.6 or above. The NTP service of the\u00a0SIMA2 Master Station with software version V2.6 and above includes a current, supported version of ntpd.",
"product_ids": [
"CSAFPID-51001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "ADJACENT_NETWORK",
"availabilityImpact": "LOW",
"baseScore": 4.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"environmentalScore": 4.3,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 4.3,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:A/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.0"
},
"products": [
"CSAFPID-51001"
]
}
],
"title": "CVE-2016-7428"
},
{
"cve": "CVE-2016-7426",
"cwe": {
"id": "CWE-400",
"name": "Uncontrolled Resource Consumption"
},
"notes": [
{
"category": "description",
"text": "NTP before 4.2.8p9 rate limits responses received from the configured sources when rate limiting for all associations is enabled, which allows remote attackers to cause a denial of service (prevent responses from the sources) by sending responses with a spoofed source address.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-52001"
],
"known_affected": [
"CSAFPID-51001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "1. If your SIMA2 does not need to provide time information to other systems or synchronize itself with an NTP server, disable the NTP client on those systems. Please note that the NTP client is disabled by default in SIMA2\n\n\n2. In case you must use the NTP server on an SIMA2, choose from the following options to reduce NTP-based risks:\n\n- Allow NTP traffic to/from trusted NTP clients only\n\n- Monitor the network for malicious NTP traffic going to/coming from the SIMA2\n\n- Filter malicious NTP traffic going to/coming from the SIMA2 Monitor NTP server operations on your SIMA2 (server availability, correctness of advertised time, NTP-related log entries, etc.)\n\n\n3. In case you must use the NTP client on an SIMA2, choose from the following options to reduce NTP-based risks:\n\n- Use trusted NTP servers only\n\n- Allow NTP traffic to/from trusted NTP servers only\n\n- Monitor the network for malicious NTP traffic targeting the SIMA2\n\n- Filter malicious NTP traffic targeting the SIMA2\n\n- Monitor NTP client operations on your SIMA2 (correctness of system time, NTP-related log entries, etc.)",
"product_ids": [
"CSAFPID-51001"
]
},
{
"category": "vendor_fix",
"details": "Upgrade your\u00a0SIMA2 to software version 2.6 or above. The NTP service of the\u00a0SIMA2 Master Station with software version V2.6 and above includes a current, supported version of ntpd.",
"product_ids": [
"CSAFPID-51001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"environmentalScore": 7.5,
"environmentalSeverity": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.5,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-51001"
]
}
],
"title": "CVE-2016-7426"
},
{
"cve": "CVE-2016-4957",
"cwe": {
"id": "CWE-476",
"name": "NULL Pointer Dereference"
},
"notes": [
{
"category": "description",
"text": "ntpd in NTP before 4.2.8p8 allows remote attackers to cause a denial of service (daemon crash) via a crypto-NAK packet. NOTE: this vulnerability exists because of an incorrect fix for CVE-2016-1547.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-52001"
],
"known_affected": [
"CSAFPID-51001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "1. If your SIMA2 does not need to provide time information to other systems or synchronize itself with an NTP server, disable the NTP client on those systems. Please note that the NTP client is disabled by default in SIMA2\n\n\n2. In case you must use the NTP server on an SIMA2, choose from the following options to reduce NTP-based risks:\n\n- Allow NTP traffic to/from trusted NTP clients only\n\n- Monitor the network for malicious NTP traffic going to/coming from the SIMA2\n\n- Filter malicious NTP traffic going to/coming from the SIMA2 Monitor NTP server operations on your SIMA2 (server availability, correctness of advertised time, NTP-related log entries, etc.)\n\n\n3. In case you must use the NTP client on an SIMA2, choose from the following options to reduce NTP-based risks:\n\n- Use trusted NTP servers only\n\n- Allow NTP traffic to/from trusted NTP servers only\n\n- Monitor the network for malicious NTP traffic targeting the SIMA2\n\n- Filter malicious NTP traffic targeting the SIMA2\n\n- Monitor NTP client operations on your SIMA2 (correctness of system time, NTP-related log entries, etc.)",
"product_ids": [
"CSAFPID-51001"
]
},
{
"category": "vendor_fix",
"details": "Upgrade your\u00a0SIMA2 to software version 2.6 or above. The NTP service of the\u00a0SIMA2 Master Station with software version V2.6 and above includes a current, supported version of ntpd.",
"product_ids": [
"CSAFPID-51001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 7.5,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"environmentalScore": 7.5,
"environmentalSeverity": "HIGH",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 7.5,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.1"
},
"products": [
"CSAFPID-51001"
]
}
],
"title": "CVE-2016-4957"
},
{
"cve": "CVE-2016-4956",
"notes": [
{
"category": "description",
"text": "ntpd in NTP 4.x before 4.2.8p8 allows remote attackers to cause a denial of service (interleaved-mode transition and time change) via a spoofed broadcast packet. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-1548.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-52001"
],
"known_affected": [
"CSAFPID-51001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "1. If your SIMA2 does not need to provide time information to other systems or synchronize itself with an NTP server, disable the NTP client on those systems. Please note that the NTP client is disabled by default in SIMA2\n\n\n2. In case you must use the NTP server on an SIMA2, choose from the following options to reduce NTP-based risks:\n\n- Allow NTP traffic to/from trusted NTP clients only\n\n- Monitor the network for malicious NTP traffic going to/coming from the SIMA2\n\n- Filter malicious NTP traffic going to/coming from the SIMA2 Monitor NTP server operations on your SIMA2 (server availability, correctness of advertised time, NTP-related log entries, etc.)\n\n\n3. In case you must use the NTP client on an SIMA2, choose from the following options to reduce NTP-based risks:\n\n- Use trusted NTP servers only\n\n- Allow NTP traffic to/from trusted NTP servers only\n\n- Monitor the network for malicious NTP traffic targeting the SIMA2\n\n- Filter malicious NTP traffic targeting the SIMA2\n\n- Monitor NTP client operations on your SIMA2 (correctness of system time, NTP-related log entries, etc.)",
"product_ids": [
"CSAFPID-51001"
]
},
{
"category": "vendor_fix",
"details": "Upgrade your\u00a0SIMA2 to software version 2.6 or above. The NTP service of the\u00a0SIMA2 Master Station with software version V2.6 and above includes a current, supported version of ntpd.",
"product_ids": [
"CSAFPID-51001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"environmentalScore": 5.3,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 5.3,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
"version": "3.1"
},
"products": [
"CSAFPID-51001"
]
}
],
"title": "CVE-2016-4956"
},
{
"cve": "CVE-2016-2519",
"cwe": {
"id": "CWE-119",
"name": "Improper Restriction of Operations within the Bounds of a Memory Buffer"
},
"notes": [
{
"category": "description",
"text": "ntpd in NTP before 4.2.8p7 and 4.3.x before 4.3.92 allows remote attackers to cause a denial of service (ntpd abort) by a large request data value, which triggers the ctl_getitem function to return a NULL value.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-52001"
],
"known_affected": [
"CSAFPID-51001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "1. If your SIMA2 does not need to provide time information to other systems or synchronize itself with an NTP server, disable the NTP client on those systems. Please note that the NTP client is disabled by default in SIMA2\n\n\n2. In case you must use the NTP server on an SIMA2, choose from the following options to reduce NTP-based risks:\n\n- Allow NTP traffic to/from trusted NTP clients only\n\n- Monitor the network for malicious NTP traffic going to/coming from the SIMA2\n\n- Filter malicious NTP traffic going to/coming from the SIMA2 Monitor NTP server operations on your SIMA2 (server availability, correctness of advertised time, NTP-related log entries, etc.)\n\n\n3. In case you must use the NTP client on an SIMA2, choose from the following options to reduce NTP-based risks:\n\n- Use trusted NTP servers only\n\n- Allow NTP traffic to/from trusted NTP servers only\n\n- Monitor the network for malicious NTP traffic targeting the SIMA2\n\n- Filter malicious NTP traffic targeting the SIMA2\n\n- Monitor NTP client operations on your SIMA2 (correctness of system time, NTP-related log entries, etc.)",
"product_ids": [
"CSAFPID-51001"
]
},
{
"category": "vendor_fix",
"details": "Upgrade your\u00a0SIMA2 to software version 2.6 or above. The NTP service of the\u00a0SIMA2 Master Station with software version V2.6 and above includes a current, supported version of ntpd.",
"product_ids": [
"CSAFPID-51001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.9,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"environmentalScore": 5.9,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "NONE",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 5.9,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-51001"
]
}
],
"title": "CVE-2016-2519"
},
{
"cve": "CVE-2016-2516",
"cwe": {
"id": "CWE-20",
"name": "Improper Input Validation"
},
"notes": [
{
"category": "description",
"text": "NTP before 4.2.8p7 and 4.3.x before 4.3.92, when mode7 is enabled, allows remote attackers to cause a denial of service (ntpd abort) by using the same IP address multiple times in an unconfig directive.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-52001"
],
"known_affected": [
"CSAFPID-51001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "1. If your SIMA2 does not need to provide time information to other systems or synchronize itself with an NTP server, disable the NTP client on those systems. Please note that the NTP client is disabled by default in SIMA2\n\n\n2. In case you must use the NTP server on an SIMA2, choose from the following options to reduce NTP-based risks:\n\n- Allow NTP traffic to/from trusted NTP clients only\n\n- Monitor the network for malicious NTP traffic going to/coming from the SIMA2\n\n- Filter malicious NTP traffic going to/coming from the SIMA2 Monitor NTP server operations on your SIMA2 (server availability, correctness of advertised time, NTP-related log entries, etc.)\n\n\n3. In case you must use the NTP client on an SIMA2, choose from the following options to reduce NTP-based risks:\n\n- Use trusted NTP servers only\n\n- Allow NTP traffic to/from trusted NTP servers only\n\n- Monitor the network for malicious NTP traffic targeting the SIMA2\n\n- Filter malicious NTP traffic targeting the SIMA2\n\n- Monitor NTP client operations on your SIMA2 (correctness of system time, NTP-related log entries, etc.)",
"product_ids": [
"CSAFPID-51001"
]
},
{
"category": "vendor_fix",
"details": "Upgrade your\u00a0SIMA2 to software version 2.6 or above. The NTP service of the\u00a0SIMA2 Master Station with software version V2.6 and above includes a current, supported version of ntpd.",
"product_ids": [
"CSAFPID-51001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "HIGH",
"baseScore": 5.3,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"environmentalScore": 5.3,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "NONE",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"temporalScore": 5.3,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
"version": "3.0"
},
"products": [
"CSAFPID-51001"
]
}
],
"title": "CVE-2016-2516"
},
{
"cve": "CVE-2016-1551",
"notes": [
{
"category": "description",
"text": "ntpd in NTP 4.2.8p3 and NTPsec a5fb34b9cc89b92a8fef2f459004865c93bb7f92 relies on the underlying operating system to protect it from requests that impersonate reference clocks. Because reference clocks are treated like other peers and stored in the same structure, any packet with a source ip address of a reference clock (127.127.1.1 for example) that reaches the receive() function will match that reference clock\u0027s peer record and will be treated as a trusted peer. Any system that lacks the typical martian packet filtering which would block these packets is in danger of having its time controlled by an attacker.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-52001"
],
"known_affected": [
"CSAFPID-51001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "1. If your SIMA2 does not need to provide time information to other systems or synchronize itself with an NTP server, disable the NTP client on those systems. Please note that the NTP client is disabled by default in SIMA2\n\n\n2. In case you must use the NTP server on an SIMA2, choose from the following options to reduce NTP-based risks:\n\n- Allow NTP traffic to/from trusted NTP clients only\n\n- Monitor the network for malicious NTP traffic going to/coming from the SIMA2\n\n- Filter malicious NTP traffic going to/coming from the SIMA2 Monitor NTP server operations on your SIMA2 (server availability, correctness of advertised time, NTP-related log entries, etc.)\n\n\n3. In case you must use the NTP client on an SIMA2, choose from the following options to reduce NTP-based risks:\n\n- Use trusted NTP servers only\n\n- Allow NTP traffic to/from trusted NTP servers only\n\n- Monitor the network for malicious NTP traffic targeting the SIMA2\n\n- Filter malicious NTP traffic targeting the SIMA2\n\n- Monitor NTP client operations on your SIMA2 (correctness of system time, NTP-related log entries, etc.)",
"product_ids": [
"CSAFPID-51001"
]
},
{
"category": "vendor_fix",
"details": "Upgrade your\u00a0SIMA2 to software version 2.6 or above. The NTP service of the\u00a0SIMA2 Master Station with software version V2.6 and above includes a current, supported version of ntpd.",
"product_ids": [
"CSAFPID-51001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "HIGH",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 3.7,
"baseSeverity": "LOW",
"confidentialityImpact": "NONE",
"environmentalScore": 3.7,
"environmentalSeverity": "LOW",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "UNCHANGED",
"temporalScore": 3.7,
"temporalSeverity": "LOW",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:N",
"version": "3.0"
},
"products": [
"CSAFPID-51001"
]
}
],
"title": "CVE-2016-1551"
},
{
"cve": "CVE-2016-1549",
"notes": [
{
"category": "description",
"text": "A malicious authenticated peer can create arbitrarily-many ephemeral associations in order to win the clock selection algorithm in ntpd in NTP 4.2.8p4 and earlier and NTPsec 3e160db8dc248a0bcb053b56a80167dc742d2b74 and a5fb34b9cc89b92a8fef2f459004865c93bb7f92 and modify a victim\u0027s clock.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-52001"
],
"known_affected": [
"CSAFPID-51001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "1. If your SIMA2 does not need to provide time information to other systems or synchronize itself with an NTP server, disable the NTP client on those systems. Please note that the NTP client is disabled by default in SIMA2\n\n\n2. In case you must use the NTP server on an SIMA2, choose from the following options to reduce NTP-based risks:\n\n- Allow NTP traffic to/from trusted NTP clients only\n\n- Monitor the network for malicious NTP traffic going to/coming from the SIMA2\n\n- Filter malicious NTP traffic going to/coming from the SIMA2 Monitor NTP server operations on your SIMA2 (server availability, correctness of advertised time, NTP-related log entries, etc.)\n\n\n3. In case you must use the NTP client on an SIMA2, choose from the following options to reduce NTP-based risks:\n\n- Use trusted NTP servers only\n\n- Allow NTP traffic to/from trusted NTP servers only\n\n- Monitor the network for malicious NTP traffic targeting the SIMA2\n\n- Filter malicious NTP traffic targeting the SIMA2\n\n- Monitor NTP client operations on your SIMA2 (correctness of system time, NTP-related log entries, etc.)",
"product_ids": [
"CSAFPID-51001"
]
},
{
"category": "vendor_fix",
"details": "Upgrade your\u00a0SIMA2 to software version 2.6 or above. The NTP service of the\u00a0SIMA2 Master Station with software version V2.6 and above includes a current, supported version of ntpd.",
"product_ids": [
"CSAFPID-51001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "NONE",
"baseScore": 6.5,
"baseSeverity": "MEDIUM",
"confidentialityImpact": "NONE",
"environmentalScore": 6.5,
"environmentalSeverity": "MEDIUM",
"integrityImpact": "HIGH",
"privilegesRequired": "LOW",
"scope": "UNCHANGED",
"temporalScore": 6.5,
"temporalSeverity": "MEDIUM",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N",
"version": "3.0"
},
"products": [
"CSAFPID-51001"
]
}
],
"title": "CVE-2016-1549"
},
{
"cve": "CVE-2016-1548",
"notes": [
{
"category": "description",
"text": "An attacker can spoof a packet from a legitimate ntpd server with an origin timestamp that matches the peer-\u003edst timestamp recorded for that server. After making this switch, the client in NTP 4.2.8p4 and earlier and NTPSec aa48d001683e5b791a743ec9c575aaf7d867a2b0c will reject all future legitimate server responses. It is possible to force the victim client to move time after the mode has been changed. ntpq gives no indication that the mode has been switched.",
"title": "Vulnerability Description"
}
],
"product_status": {
"fixed": [
"CSAFPID-52001"
],
"known_affected": [
"CSAFPID-51001"
]
},
"remediations": [
{
"category": "mitigation",
"details": "1. If your SIMA2 does not need to provide time information to other systems or synchronize itself with an NTP server, disable the NTP client on those systems. Please note that the NTP client is disabled by default in SIMA2\n\n\n2. In case you must use the NTP server on an SIMA2, choose from the following options to reduce NTP-based risks:\n\n- Allow NTP traffic to/from trusted NTP clients only\n\n- Monitor the network for malicious NTP traffic going to/coming from the SIMA2\n\n- Filter malicious NTP traffic going to/coming from the SIMA2 Monitor NTP server operations on your SIMA2 (server availability, correctness of advertised time, NTP-related log entries, etc.)\n\n\n3. In case you must use the NTP client on an SIMA2, choose from the following options to reduce NTP-based risks:\n\n- Use trusted NTP servers only\n\n- Allow NTP traffic to/from trusted NTP servers only\n\n- Monitor the network for malicious NTP traffic targeting the SIMA2\n\n- Filter malicious NTP traffic targeting the SIMA2\n\n- Monitor NTP client operations on your SIMA2 (correctness of system time, NTP-related log entries, etc.)",
"product_ids": [
"CSAFPID-51001"
]
},
{
"category": "vendor_fix",
"details": "Upgrade your\u00a0SIMA2 to software version 2.6 or above. The NTP service of the\u00a0SIMA2 Master Station with software version V2.6 and above includes a current, supported version of ntpd.",
"product_ids": [
"CSAFPID-51001"
]
}
],
"scores": [
{
"cvss_v3": {
"attackComplexity": "LOW",
"attackVector": "NETWORK",
"availabilityImpact": "LOW",
"baseScore": 7.2,
"baseSeverity": "HIGH",
"confidentialityImpact": "NONE",
"environmentalScore": 7.2,
"environmentalSeverity": "HIGH",
"integrityImpact": "LOW",
"privilegesRequired": "NONE",
"scope": "CHANGED",
"temporalScore": 7.2,
"temporalSeverity": "HIGH",
"userInteraction": "NONE",
"vectorString": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:L",
"version": "3.0"
},
"products": [
"CSAFPID-51001"
]
}
],
"title": "CVE-2016-1548"
}
]
}
Loading…
Show additional events:
Loading…
Sightings
| Author | Source | Type | Date |
|---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or observed by the user.
- Confirmed: The vulnerability has been validated from an analyst's perspective.
- Published Proof of Concept: A public proof of concept is available for this vulnerability.
- Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
- Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
- Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
- Not confirmed: The user expressed doubt about the validity of the vulnerability.
- Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.
Loading…
Loading…