Test Kennung:	1.3.6.1.4.1.25623.1.0.882376
Kategorie:	CentOS Local Security Checks
Titel:	CentOS Update for ntp CESA-2016:0063 centos6
Zusammenfassung:	Check the version of ntp
Beschreibung:	Summary: Check the version of ntp Vulnerability Insight: The Network Time Protocol (NTP) is used to synchronize a computer's time with a referenced time source. It was discovered that ntpd as a client did not correctly check the originate timestamp in received packets. A remote attacker could use this flaw to send a crafted packet to an ntpd client that would effectively disable synchronization with the server, or push arbitrary offset/delay measurements to modify the time on the client. (CVE-2015-8138) All ntp users are advised to upgrade to these updated packages, which contain a backported patch to resolve this issue. After installing the update, the ntpd daemon will restart automatically. Affected Software/OS: ntp on CentOS 6 Solution: Please Install the Updated Packages. CVSS Score: 5.0 CVSS Vector: AV:N/AC:L/Au:N/C:N/I:P/A:N
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2015-8138 BugTraq ID: 81811 http://www.securityfocus.com/bid/81811 CERT/CC vulnerability note: VU#718152 https://www.kb.cert.org/vuls/id/718152 Cisco Security Advisory: 20160120 Multiple Vulnerabilities in Network Time Protocol Daemon Affecting Cisco Products - January 2016 http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160127-ntpd Cisco Security Advisory: 20160428 Multiple Vulnerabilities in Network Time Protocol Daemon Affecting Cisco Products: April 2016 http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160428-ntpd Cisco Security Advisory: 20161123 Multiple Vulnerabilities in Network Time Protocol Daemon Affecting Cisco Products: November 2016 https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161123-ntpd Debian Security Information: DSA-3629 (Google Search) http://www.debian.org/security/2016/dsa-3629 http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177507.html http://lists.fedoraproject.org/pipermail/package-announce/2016-January/176434.html FreeBSD Security Advisory: FreeBSD-SA-16:09 https://security.FreeBSD.org/advisories/FreeBSD-SA-16:09.ntp.asc https://security.gentoo.org/glsa/201607-15 https://us-cert.cisa.gov/ics/advisories/icsa-21-103-11 https://www.arista.com/en/support/advisories-notices/security-advisories/1332-security-advisory-19 RedHat Security Advisories: RHSA-2016:0063 http://rhn.redhat.com/errata/RHSA-2016-0063.html http://www.securitytracker.com/id/1034782 SuSE Security Announcement: SUSE-SU-2016:1175 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00059.html SuSE Security Announcement: SUSE-SU-2016:1177 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00060.html SuSE Security Announcement: SUSE-SU-2016:1247 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00020.html SuSE Security Announcement: SUSE-SU-2016:1311 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00048.html SuSE Security Announcement: SUSE-SU-2016:1912 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00026.html SuSE Security Announcement: SUSE-SU-2016:2094 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00042.html SuSE Security Announcement: openSUSE-SU-2016:1292 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00038.html SuSE Security Announcement: openSUSE-SU-2016:1423 (Google Search) http://lists.opensuse.org/opensuse-updates/2016-05/msg00114.html http://www.ubuntu.com/usn/USN-3096-1
Copyright	Copyright (C) 2016 Greenbone AG

Dies ist nur einer von 146377 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.