Slackware Advisory SSA:2009-343-01 Ntp Network Vulnerability

Summary

The remote host is missing an update as announced via advisory SSA:2009-343-01.

Solution

https://secure1.securityspace.com/smysecure/catid.html?in=SSA:2009-343-01

Insight

New ntp packages are available for Slackware 8.1, 9.0, 9.1, 10.0, 10.1, 10.2, 11.0, 12.0, 12.1, 12.2, 13.0, and -current to fix a security issue. If a spoofed mode 7 packet is sent to a vulnerable NTP daemon it may cause CPU and/or disk space exhaustion, resulting in a denial of service. More details about this issue may be found in the Common Vulnerabilities and Exposures (CVE) database: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3563

Severity

Classification

CVE CVE-2009-3563
CVSS Base Score: 6.4
AV:N/AC:L/Au:N/C:N/I:P/A:P

Related Vulnerabilities

Slackware Advisory SSA:2006-207-03 gimp
Slackware Advisory SSA:2005-311-01 elm mailer
Slackware Advisory SSA:2006-257-01 bind DoS
Slackware Advisory SSA:2003-141-01 EPIC4 security fixes
Slackware Advisory SSA:2003-141-06a REVISED quotacheck security fix in rc.M

Slackware Advisory SSA:2009-343-01 ntp

Take action and discover your vulnerabilities