Oracle Linux Local Security Checks : Oracle: Security Advisory (ELSA-2014-2025)

Búsqueda de Vulnerabilidad		Buscar 324607 Descripciones CVE y 146377 Descripciones de Pruebas, accesos 10,000+ referencias cruzadas.
	Pruebas CVE Todos

ID de Prueba: 1.3.6.1.4.1.25623.1.0.123209

Categoría: Oracle Linux Local Security Checks

Título: Oracle: Security Advisory (ELSA-2014-2025)

Resumen: The remote host is missing an update for the 'ntp' package(s) announced via the ELSA-2014-2025 advisory.

Descripción: Summary:
The remote host is missing an update for the 'ntp' package(s) announced via the ELSA-2014-2025 advisory.

Vulnerability Insight:
[4.2.2p1-18.el5]
- don't generate weak control key for resolver (CVE-2014-9293)
- don't generate weak MD5 keys in ntp-keygen (CVE-2014-9294)
- fix buffer overflows via specially-crafted packets (CVE-2014-9295)

Affected Software/OS:
'ntp' package(s) on Oracle Linux 5.

Solution:
Please install the updated package(s).

CVSS Score:
7.5

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P

Referencia Cruzada: Common Vulnerability Exposure (CVE) ID: CVE-2014-9293
BugTraq ID: 71757
http://www.securityfocus.com/bid/71757
CERT/CC vulnerability note: VU#852879
http://www.kb.cert.org/vuls/id/852879
Cisco Security Advisory: 20141222 Multiple Vulnerabilities in ntpd Affecting Cisco Products
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20141222-ntpd
HPdes Security Advisory: HPSBGN03277
http://marc.info/?l=bugtraq&m=142590659431171&w=2
HPdes Security Advisory: HPSBOV03505
http://marc.info/?l=bugtraq&m=144182594518755&w=2
HPdes Security Advisory: HPSBPV03266
http://marc.info/?l=bugtraq&m=142469153211996&w=2
HPdes Security Advisory: HPSBUX03240
http://marc.info/?l=bugtraq&m=142853370924302&w=2
HPdes Security Advisory: SSRT101872
http://www.mandriva.com/security/advisories?name=MDVSA-2015:003
https://www.arista.com/en/support/advisories-notices/security-advisories/1047-security-advisory-8
RedHat Security Advisories: RHSA-2014:2025
http://rhn.redhat.com/errata/RHSA-2014-2025.html
RedHat Security Advisories: RHSA-2015:0104
http://rhn.redhat.com/errata/RHSA-2015-0104.html
http://secunia.com/advisories/62209
Common Vulnerability Exposure (CVE) ID: CVE-2014-9294
BugTraq ID: 71762
http://www.securityfocus.com/bid/71762
Common Vulnerability Exposure (CVE) ID: CVE-2014-9295
BugTraq ID: 71761
http://www.securityfocus.com/bid/71761
SuSE Security Announcement: openSUSE-SU-2014:1670 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00020.html

Copyright Copyright (C) 2015 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa.
Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.

ID de Prueba:	1.3.6.1.4.1.25623.1.0.123209
Categoría:	Oracle Linux Local Security Checks
Título:	Oracle: Security Advisory (ELSA-2014-2025)
Resumen:	The remote host is missing an update for the 'ntp' package(s) announced via the ELSA-2014-2025 advisory.
Descripción:	Summary: The remote host is missing an update for the 'ntp' package(s) announced via the ELSA-2014-2025 advisory. Vulnerability Insight: [4.2.2p1-18.el5] - don't generate weak control key for resolver (CVE-2014-9293) - don't generate weak MD5 keys in ntp-keygen (CVE-2014-9294) - fix buffer overflows via specially-crafted packets (CVE-2014-9295) Affected Software/OS: 'ntp' package(s) on Oracle Linux 5. Solution: Please install the updated package(s). CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2014-9293 BugTraq ID: 71757 http://www.securityfocus.com/bid/71757 CERT/CC vulnerability note: VU#852879 http://www.kb.cert.org/vuls/id/852879 Cisco Security Advisory: 20141222 Multiple Vulnerabilities in ntpd Affecting Cisco Products https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20141222-ntpd HPdes Security Advisory: HPSBGN03277 http://marc.info/?l=bugtraq&m=142590659431171&w=2 HPdes Security Advisory: HPSBOV03505 http://marc.info/?l=bugtraq&m=144182594518755&w=2 HPdes Security Advisory: HPSBPV03266 http://marc.info/?l=bugtraq&m=142469153211996&w=2 HPdes Security Advisory: HPSBUX03240 http://marc.info/?l=bugtraq&m=142853370924302&w=2 HPdes Security Advisory: SSRT101872 http://www.mandriva.com/security/advisories?name=MDVSA-2015:003 https://www.arista.com/en/support/advisories-notices/security-advisories/1047-security-advisory-8 RedHat Security Advisories: RHSA-2014:2025 http://rhn.redhat.com/errata/RHSA-2014-2025.html RedHat Security Advisories: RHSA-2015:0104 http://rhn.redhat.com/errata/RHSA-2015-0104.html http://secunia.com/advisories/62209 Common Vulnerability Exposure (CVE) ID: CVE-2014-9294 BugTraq ID: 71762 http://www.securityfocus.com/bid/71762 Common Vulnerability Exposure (CVE) ID: CVE-2014-9295 BugTraq ID: 71761 http://www.securityfocus.com/bid/71761 SuSE Security Announcement: openSUSE-SU-2014:1670 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2014-12/msg00020.html
Copyright	Copyright (C) 2015 Greenbone AG