Gentoo Security Advisory GLSA 201001-01 (ntp) Network Vulnerability

Summary

The remote host is missing updates announced in advisory GLSA 201001-01.

Solution

All NTP users should upgrade to the latest version: # emerge --sync # emerge --ask --oneshot --verbose '>=net-misc/ntp-4.2.4_p7-r1' http://www.securityspace.com/smysecure/catid.html?in=GLSA%20201001-01 http://bugs.gentoo.org/show_bug.cgi?id=290881

Insight

A Denial of Service condition in ntpd can cause excessive CPU or bandwidth consumption.

Severity

Classification

CVE CVE-2009-3563
CVSS Base Score: 6.4
AV:N/AC:L/Au:N/C:N/I:P/A:P

Related Vulnerabilities

Gentoo Security Advisory GLSA 200402-07 (clamav)
Gentoo Security Advisory GLSA 200408-18 (xine-lib)
Gentoo Security Advisory GLSA 200502-15 (PowerDNS)
Gentoo Security Advisory GLSA 200402-05 (phpmyadmin)
Gentoo Security Advisory GLSA 200403-08 (oftpd)

Take action and discover your vulnerabilities