drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Pufferüberlauf in ntp
Name: |
Pufferüberlauf in ntp |
|
ID: |
TLSA-2009-17 |
|
Distribution: |
TurboLinux |
|
Plattformen: |
Turbolinux Client 2008, Turbolinux FUJI, Turbolinux 10 Server, Turbolinux 10 Server x64 Edition, Turbolinux Appliance Server 2.0, Turbolinux 11 Server x64 Edition, Turbolinux 11 Server, Turbolinux Appliance Server 3.0, Turbolinux Appliance Server 3.0 x64 Edition |
|
Datum: |
Di, 9. Juni 2009, 03:50 |
|
Referenzen: |
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0159 |
|
Applikationen: |
NTP |
|
Originalnachricht |
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
-------------------------------------------------------------------------- Turbolinux Security Advisory TLSA-2009-17 http://www.turbolinux.co.jp/security/ security-team@turbolinux.co.jp --------------------------------------------------------------------------
Original released date: 08 Jun 2009 Last revised: 08 Jun 2009
Package: ntp
Summary: Stack-based buffer overflow in ntp
More information: The Network Time Protocol (NTP) is used to synchronize the time of a computer client or server to another server or reference time source, such as a radio or satellite receiver or modem.
Stack-based buffer overflow in the cookedprint function in ntpq/ntpq.c in ntpq in NTP before 4.2.4p7-RC2 allows remote NTP servers to execute arbitrary code via a crafted response. (CVE-2009-0159)
Affected Products: - Turbolinux Client 2008 - Turbolinux Appliance Server 3.0 x64 Edition - Turbolinux Appliance Server 3.0 - Turbolinux 11 Server x64 Edition - Turbolinux 11 Server - Turbolinux Appliance Server 2.0 - Turbolinux FUJI - Turbolinux 10 Server x64 Edition - Turbolinux 10 Server
<Turbolinux Client 2008>
Source Packages Size: MD5
ntp-4.2.4p3-6.src.rpm 3440367 311a060a5e0b7e75b6e9f85019d41f6c
Binary Packages Size: MD5
ntp-4.2.4p3-6.i586.rpm 1204985 d537853b4af887a3b755931f61dff64a
<Turbolinux Appliance Server 3.0 x64 Edition>
Source Packages Size: MD5
ntp-4.2.4p3-4.src.rpm 3447067 f5c809425cbc78c4a392e239f8828c4a
Binary Packages Size: MD5
ntp-4.2.4p3-4.x86_64.rpm 1228879 a23f3b53a6c23b7b5d18bd7d70a5d7d2 ntp-server-4.2.4p3-4.x86_64.rpm 245711 cf7a6ec4cfc2359878ebc78b9906fc1e
<Turbolinux Appliance Server 3.0>
Source Packages Size: MD5
ntp-4.2.4p3-4.src.rpm 3447067 f5c809425cbc78c4a392e239f8828c4a
Binary Packages Size: MD5
ntp-4.2.4p3-4.i686.rpm 1208884 a6b16af92fe895fc1cc97ee72f4e1713 ntp-server-4.2.4p3-4.i686.rpm 240866 b1e8bf630137d136e34d065d85ab4b87
<Turbolinux 11 Server x64 Edition>
Source Packages Size: MD5
ntp-4.2.4p3-4.src.rpm 3439312 567a351192efa1c2710d4ed50fe3b45f
Binary Packages Size: MD5
ntp-4.2.4p3-4.x86_64.rpm 1228879 a23f3b53a6c23b7b5d18bd7d70a5d7d2 ntp-server-4.2.4p3-4.x86_64.rpm 245711 cf7a6ec4cfc2359878ebc78b9906fc1e
<Turbolinux 11 Server>
Source Packages Size: MD5
ntp-4.2.4p3-4.src.rpm 3447067 f5c809425cbc78c4a392e239f8828c4a
Binary Packages Size: MD5
ntp-4.2.4p3-4.i686.rpm 1208884 a6b16af92fe895fc1cc97ee72f4e1713 ntp-server-4.2.4p3-4.i686.rpm 240866 b1e8bf630137d136e34d065d85ab4b87
<Turbolinux Appliance Server 2.0>
Source Packages Size: MD5
ntp-4.2.0-11.src.rpm 2540976 acd1a94ba2acefcfa5b609c2c6daac9d
Binary Packages Size: MD5
ntp-4.2.0-11.i586.rpm 1017267 a1b5846126bc11a697a378a8948673ea ntp-server-4.2.0-11.i586.rpm 190192 7f349b62d74576317baacd2ec61d4440
<Turbolinux FUJI>
Source Packages Size: MD5
ntp-4.2.0-11.src.rpm 2531382 a3b626a52b426eea7c0046efb2b4eda5
Binary Packages Size: MD5
ntp-4.2.0-11.i686.rpm 1131445 459121f758a616a604930ed561d79415
<Turbolinux 10 Server x64 Edition>
Source Packages Size: MD5
ntp-4.2.0-11.src.rpm 2525333 2d224db5ba308c82e35e62acd60afded
Binary Packages Size: MD5
ntp-4.2.0-11.x86_64.rpm 1032000 19645afd1a7a12da84f80f00edb5da0e ntp-debug-4.2.0-11.x86_64.rpm 1310017 5e83e2d8a0625228455e38d6fd1ecf7a ntp-server-4.2.0-11.x86_64.rpm 211991 5a6390ec2a74c36ae7a945804bc6bf4b
<Turbolinux Appliance Server 1.0 Workgroup Edition>
Source Packages Size: MD5
xntp3-5.93-20.src.rpm 1975993 8e20c830c52f8448e97ff7490df13577
Binary Packages Size: MD5
xntp3-5.93-20.i586.rpm 256797 c3eba171ffdef32771cece24418a757f xntp3-server-5.93-20.i586.rpm 90743 e2444d170c11061b76c71afcdc3bc5f2
<Turbolinux 10 Server>
Source Packages Size: MD5
ntp-4.2.0-11.src.rpm 2540976 acd1a94ba2acefcfa5b609c2c6daac9d
Binary Packages Size: MD5
ntp-4.2.0-11.i586.rpm 1017267 a1b5846126bc11a697a378a8948673ea ntp-debug-4.2.0-11.i586.rpm 1296626 d9441215c3b7e1faa82b7c4b233a1f4f ntp-server-4.2.0-11.i586.rpm 190192 7f349b62d74576317baacd2ec61d4440
References:
CVE [CVE-2009-0159] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0159
-------------------------------------------------------------------------- Revision History 08 Jun 2009 Initial release --------------------------------------------------------------------------
Copyright(C) 2009 Turbolinux, Inc. All rights reserved.
-----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.11 (GNU/Linux)
iEYEARECAAYFAkosmU4ACgkQK0LzjOqIJMyoIQCfVF7qHpmQgVB7BxosJZFaJq0F s2YAn2/JPQU7hfwfhuR0PNjVzckXm5p1 =UZxV -----END PGP SIGNATURE-----
|
|
|
|