FreeBSD Security Advisory (FreeBSD-SA-09:11.ntpd.asc) Network Vulnerability

Summary

The remote host is missing an update to the system as announced in the referenced advisory FreeBSD-SA-09:11.ntpd.asc

Solution

Upgrade your system to the appropriate stable release or security branch dated after the correction date https://secure1.securityspace.com/smysecure/catid.html?in=FreeBSD-SA-09:11.ntpd.asc

Insight

The ntpd(8) daemon is an implementation of the Network Time Protocol (NTP) used to synchronize the time of a computer system to a reference time source. Autokey is a security model for authenticating Network Time Protocol (NTP) servers to clients, using public key cryptography. The ntpd(8) daemon is prone to a stack-based buffer-overflow when it is configured to use the 'autokey' security model.

Severity

Classification

CVE CVE-2009-1252
CVSS Base Score: 6.8
AV:N/AC:M/Au:N/C:P/I:P/A:P

Related Vulnerabilities

FreeBSD Ports: apache+ssl
FreeBSD Ports: asterisk14
FreeBSD Ports: bugzilla
FreeBSD Ports: apache
django -- multiple vulnerabilities

Take action and discover your vulnerabilities