Executive Summary

Summary
Title HP-UX Running XNTP, Remote Denial of Service (DoS) and Execution of Arbitrary Code
Informations
Name HPSBUX02859 SSRT101144 First vendor Publication 2013-03-27
Vendor HP Last vendor Modification 2013-05-14
Severity (Vendor) N/A Revision N/A

Security-Database Scoring CVSS v3

Cvss vector : N/A
Overall CVSS Score NA
Base Score NA Environmental Score NA
impact SubScore NA Temporal Score NA
Exploitabality Sub Score NA
 
Calculate full CVSS 3.0 Vectors scores

Security-Database Scoring CVSS v2

Cvss vector : (AV:N/AC:M/Au:N/C:P/I:P/A:P)
Cvss Base Score 6.8 Attack Range Network
Cvss Impact Score 6.4 Attack Complexity Medium
Cvss Expoit Score 8.6 Authentication None Required
Calculate full CVSS 2.0 Vectors scores

Detail

A potential security vulnerability has been identified with HP-UX running XNTP. The vulnerability could be exploited remotely to create a Denial of Service (DoS) or execute arbitrary code.

Original Source

Url : http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c03714526

CWE : Common Weakness Enumeration

% Id Name
100 % CWE-119 Failure to Constrain Operations within the Bounds of a Memory Buffer

OVAL Definitions

Definition Id: oval:org.mitre.oval:def:11225
 
Oval ID: oval:org.mitre.oval:def:11225
Title: ntp_request.c in ntpd in NTP before 4.2.4p8, and 4.2.5, allows remote attackers to cause a denial of service (CPU and bandwidth consumption) by using MODE_PRIVATE to send a spoofed (1) request or (2) response packet that triggers a continuous exchange of MODE_PRIVATE error responses between two NTP daemons.
Description: ntp_request.c in ntpd in NTP before 4.2.4p8, and 4.2.5, allows remote attackers to cause a denial of service (CPU and bandwidth consumption) by using MODE_PRIVATE to send a spoofed (1) request or (2) response packet that triggers a continuous exchange of MODE_PRIVATE error responses between two NTP daemons.
Family: unix Class: vulnerability
Reference(s): CVE-2009-3563
Version: 5
Platform(s): Red Hat Enterprise Linux 3
CentOS Linux 3
Red Hat Enterprise Linux 4
CentOS Linux 4
Oracle Linux 4
Red Hat Enterprise Linux 5
CentOS Linux 5
Oracle Linux 5
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:12141
 
Oval ID: oval:org.mitre.oval:def:12141
Title: AIX xntpd denial-of-service vulnerability
Description: ntp_request.c in ntpd in NTP before 4.2.4p8, and 4.2.5, allows remote attackers to cause a denial of service (CPU and bandwidth consumption) by using MODE_PRIVATE to send a spoofed (1) request or (2) response packet that triggers a continuous exchange of MODE_PRIVATE error responses between two NTP daemons.
Family: unix Class: vulnerability
Reference(s): CVE-2009-3563
Version: 3
Platform(s): IBM AIX 5.3
IBM AIX 6.1
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:12783
 
Oval ID: oval:org.mitre.oval:def:12783
Title: DSA-1992-1 chrony -- several
Description: Several vulnerabilities have been discovered in chrony, a pair of programs which are used to maintain the accuracy of the system clock on a computer. This issues are similar to the NTP security flaw CVE-2009-3563. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2010-0292 chronyd replies to all cmdmon packets with NOHOSTACCESS messages even for unauthorised hosts. An attacker can abuse this behaviour to force two chronyd instances to play packet ping-pong by sending such a packet with spoofed source address and port. This results in high CPU and network usage and thus denial of service conditions. CVE-2010-0293 The client logging facility of chronyd doesn't limit memory that is used to store client information. An attacker can cause chronyd to allocate large amounts of memory by sending NTP or cmdmon packets with spoofed source addresses resulting in memory exhaustion. CVE-2010-0294 chronyd lacks of a rate limit control to the syslog facility when logging received packets from unauthorised hosts. This allows an attacker to cause denial of service conditions via filling up the logs and thus disk space by repeatedly sending invalid cmdmon packets. For the oldstable distribution, this problem has been fixed in version 1.21z-5+etch1. For the stable distribution, this problem has been fixed in version 1.23-6+lenny1. For the testing and unstable distribution, this problem will be fixed soon. We recommend that you upgrade your chrony packages.
Family: unix Class: patch
Reference(s): DSA-1992-1
CVE-2010-0292
CVE-2010-0293
CVE-2010-0294
CVE-2009-3563
Version: 5
Platform(s): Debian GNU/Linux 5.0
Debian GNU/Linux 4.0
Product(s): chrony
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:13488
 
Oval ID: oval:org.mitre.oval:def:13488
Title: USN-867-1 -- ntp vulnerability
Description: Robin Park and Dmitri Vinokurov discovered a logic error in ntpd. A remote attacker could send a crafted NTP mode 7 packet with a spoofed IP address of an affected server and cause a denial of service via CPU and disk resource consumption.
Family: unix Class: patch
Reference(s): USN-867-1
CVE-2009-3563
Version: 5
Platform(s): Ubuntu 8.04
Ubuntu 8.10
Ubuntu 9.10
Ubuntu 6.06
Ubuntu 9.04
Product(s): ntp
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:17673
 
Oval ID: oval:org.mitre.oval:def:17673
Title: DSA-1948-1 ntp - denial of service
Description: Robin Park and Dmitri Vinokurov discovered that the daemon component of the ntp package, a reference implementation of the NTP protocol, is not properly reacting to certain incoming packets.
Family: unix Class: patch
Reference(s): DSA-1948-1
CVE-2009-3563
Version: 5
Platform(s): Debian GNU/Linux 4.0
Debian GNU/Linux 5.0
Product(s): ntp
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:19376
 
Oval ID: oval:org.mitre.oval:def:19376
Title: HP-UX Running XNTP, Remote Denial of Service (DoS) and Execution of Arbitrary Code
Description: ntp_request.c in ntpd in NTP before 4.2.4p8, and 4.2.5, allows remote attackers to cause a denial of service (CPU and bandwidth consumption) by using MODE_PRIVATE to send a spoofed (1) request or (2) response packet that triggers a continuous exchange of MODE_PRIVATE error responses between two NTP daemons.
Family: unix Class: vulnerability
Reference(s): CVE-2009-3563
Version: 9
Platform(s): HP-UX 11
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:19392
 
Oval ID: oval:org.mitre.oval:def:19392
Title: HP-UX Running XNTP, Remote Denial of Service (DoS) and Execution of Arbitrary Code
Description: Stack-based buffer overflow in the cookedprint function in ntpq/ntpq.c in ntpq in NTP before 4.2.4p7-RC2 allows remote NTP servers to execute arbitrary code via a crafted response.
Family: unix Class: vulnerability
Reference(s): CVE-2009-0159
Version: 9
Platform(s): HP-UX 11
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:23033
 
Oval ID: oval:org.mitre.oval:def:23033
Title: ELSA-2009:1648: ntp security update (Moderate)
Description: ntp_request.c in ntpd in NTP before 4.2.4p8, and 4.2.5, allows remote attackers to cause a denial of service (CPU and bandwidth consumption) by using MODE_PRIVATE to send a spoofed (1) request or (2) response packet that triggers a continuous exchange of MODE_PRIVATE error responses between two NTP daemons.
Family: unix Class: patch
Reference(s): ELSA-2009:1648-01
CVE-2009-3563
Version: 6
Platform(s): Oracle Linux 5
Product(s): ntp
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:29266
 
Oval ID: oval:org.mitre.oval:def:29266
Title: RHSA-2009:1648 -- ntp security update (Moderate)
Description: An updated ntp package that fixes a security issue is now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team.
Family: unix Class: patch
Reference(s): RHSA-2009:1648
CESA-2009:1648-CentOS 5
CVE-2009-3563
Version: 3
Platform(s): Red Hat Enterprise Linux 4
Red Hat Enterprise Linux 5
CentOS Linux 5
Product(s): ntp
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:5411
 
Oval ID: oval:org.mitre.oval:def:5411
Title: HP-UX Running XNTP, Remote Execution of Arbitrary Code
Description: Stack-based buffer overflow in the cookedprint function in ntpq/ntpq.c in ntpq in NTP before 4.2.4p7-RC2 allows remote NTP servers to execute arbitrary code via a crafted response.
Family: unix Class: vulnerability
Reference(s): CVE-2009-0159
Version: 11
Platform(s): HP-UX 11
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:7076
 
Oval ID: oval:org.mitre.oval:def:7076
Title: NTP mode 7 MODE_PRIVATE Packet Remote Denial of Service Vulnerability
Description: ntp_request.c in ntpd in NTP before 4.2.4p8, and 4.2.5, allows remote attackers to cause a denial of service (CPU and bandwidth consumption) by using MODE_PRIVATE to send a spoofed (1) request or (2) response packet that triggers a continuous exchange of MODE_PRIVATE error responses between two NTP daemons.
Family: unix Class: vulnerability
Reference(s): CVE-2009-3563
Version: 5
Platform(s): VMWare ESX Server 4.0
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:7310
 
Oval ID: oval:org.mitre.oval:def:7310
Title: DSA-1992 chrony -- several vulnerabilities
Description: Several vulnerabilities have been discovered in chrony, a pair of programs which are used to maintain the accuracy of the system clock on a computer. This issues are similar to the NTP security flaw CVE-2009-3563. The Common Vulnerabilities and Exposures project identifies the following problems: chronyd replies to all cmdmon packets with NOHOSTACCESS messages even for unauthorised hosts. An attacker can abuse this behaviour to force two chronyd instances to play packet ping-pong by sending such a packet with spoofed source address and port. This results in high CPU and network usage and thus denial of service conditions. The client logging facility of chronyd doesn’t limit memory that is used to store client information. An attacker can cause chronyd to allocate large amounts of memory by sending NTP or cmdmon packets with spoofed source addresses resulting in memory exhaustion. chronyd lacks of a rate limit control to the syslog facility when logging received packets from unauthorised hosts. This allows an attacker to cause denial of service conditions via filling up the logs and thus disk space by repeatedly sending invalid cmdmon packets.
Family: unix Class: patch
Reference(s): DSA-1992
CVE-2010-0292
CVE-2010-0293
CVE-2010-0294
CVE-2009-3563
Version: 5
Platform(s): Debian GNU/Linux 5.0
Debian GNU/Linux 4.0
Product(s): chrony
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:7379
 
Oval ID: oval:org.mitre.oval:def:7379
Title: DSA-1948 ntp -- denial of service
Description: Robin Park and Dmitri Vinokurov discovered that the daemon component of the ntp package, a reference implementation of the NTP protocol, is not properly reacting to certain incoming packets. An unexpected NTP mode 7 packet with spoofed IP data can lead ntpd to reply with a mode 7 response to the spoofed address. This may result in the service playing packet ping-pong with other ntp servers or even itself which causes CPU usage and excessive disk use due to logging. An attacker can use this to conduct denial of service attacks.
Family: unix Class: patch
Reference(s): DSA-1948
CVE-2009-3563
Version: 7
Platform(s): Debian GNU/Linux 5.0
Debian GNU/Linux 4.0
Product(s): ntp
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:8386
 
Oval ID: oval:org.mitre.oval:def:8386
Title: VMware ntpq stack-based buffer overflow vulnerability
Description: Stack-based buffer overflow in the cookedprint function in ntpq/ntpq.c in ntpq in NTP before 4.2.4p7-RC2 allows remote NTP servers to execute arbitrary code via a crafted response.
Family: unix Class: vulnerability
Reference(s): CVE-2009-0159
Version: 4
Platform(s): VMWare ESX Server 4.0
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:8665
 
Oval ID: oval:org.mitre.oval:def:8665
Title: VMware ntpd stack-based buffer overflow vulnerability
Description: Stack-based buffer overflow in the cookedprint function in ntpq/ntpq.c in ntpq in NTP before 4.2.4p7-RC2 allows remote NTP servers to execute arbitrary code via a crafted response.
Family: unix Class: vulnerability
Reference(s): CVE-2009-0159
Version: 4
Platform(s): VMWare ESX Server 4.0
Product(s):
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:9634
 
Oval ID: oval:org.mitre.oval:def:9634
Title: Stack-based buffer overflow in the cookedprint function in ntpq/ntpq.c in ntpq in NTP before 4.2.4p7-RC2 allows remote NTP servers to execute arbitrary code via a crafted response.
Description: Stack-based buffer overflow in the cookedprint function in ntpq/ntpq.c in ntpq in NTP before 4.2.4p7-RC2 allows remote NTP servers to execute arbitrary code via a crafted response.
Family: unix Class: vulnerability
Reference(s): CVE-2009-0159
Version: 5
Platform(s): Red Hat Enterprise Linux 3
CentOS Linux 3
Red Hat Enterprise Linux 4
CentOS Linux 4
Oracle Linux 4
Red Hat Enterprise Linux 5
CentOS Linux 5
Oracle Linux 5
Product(s):
Definition Synopsis:

CPE : Common Platform Enumeration

TypeDescriptionCount
Application 52

OpenVAS Exploits

Date Description
2012-04-16 Name : VMSA-2010-0009: ESXi utilities and ESX Service Console third party updates
File : nvt/gb_VMSA-2010-0009.nasl
2011-08-09 Name : CentOS Update for ntp CESA-2009:1651 centos3 i386
File : nvt/gb_CESA-2009_1651_ntp_centos3_i386.nasl
2011-08-09 Name : CentOS Update for ntp CESA-2009:1648 centos5 i386
File : nvt/gb_CESA-2009_1648_ntp_centos5_i386.nasl
2011-08-09 Name : CentOS Update for ntp CESA-2009:1648 centos4 i386
File : nvt/gb_CESA-2009_1648_ntp_centos4_i386.nasl
2011-08-09 Name : CentOS Update for ntp CESA-2009:1039 centos5 i386
File : nvt/gb_CESA-2009_1039_ntp_centos5_i386.nasl
2011-06-06 Name : HP-UX Update for XNTP HPSBUX02639
File : nvt/gb_hp_ux_HPSBUX02639.nasl
2010-05-12 Name : Mac OS X 10.5.7 Update / Mac OS X Security Update 2009-002
File : nvt/macosx_upd_10_5_7_secupd_2009-002.nasl
2010-02-10 Name : Debian Security Advisory DSA 1992-1 (chrony)
File : nvt/deb_1992_1.nasl
2010-01-11 Name : FreeBSD Security Advisory (FreeBSD-SA-10:02.ntpd.asc)
File : nvt/freebsdsa_ntpd2.nasl
2010-01-07 Name : Gentoo Security Advisory GLSA 201001-01 (ntp)
File : nvt/glsa_201001_01.nasl
2009-12-15 Name : NTP mode 7 MODE_PRIVATE Packet Remote Denial of Service Vulnerability
File : nvt/ntp_37255.nasl
2009-12-14 Name : Fedora Core 11 FEDORA-2009-13090 (ntp)
File : nvt/fcore_2009_13090.nasl
2009-12-14 Name : Fedora Core 10 FEDORA-2009-13121 (ntp)
File : nvt/fcore_2009_13121.nasl
2009-12-14 Name : CentOS Security Advisory CESA-2009:1648 (ntp)
File : nvt/ovcesa2009_1648.nasl
2009-12-14 Name : CentOS Security Advisory CESA-2009:1651 (ntp)
File : nvt/ovcesa2009_1651.nasl
2009-12-14 Name : Debian Security Advisory DSA 1948-1 (ntp)
File : nvt/deb_1948_1.nasl
2009-12-14 Name : Fedora Core 12 FEDORA-2009-13046 (ntp)
File : nvt/fcore_2009_13046.nasl
2009-12-14 Name : RedHat Security Advisory RHSA-2009:1651
File : nvt/RHSA_2009_1651.nasl
2009-12-14 Name : RedHat Security Advisory RHSA-2009:1648
File : nvt/RHSA_2009_1648.nasl
2009-12-10 Name : Mandriva Security Advisory MDVSA-2009:309 (ntp)
File : nvt/mdksa_2009_309.nasl
2009-11-17 Name : Mac OS X Version
File : nvt/macosx_version.nasl
2009-10-13 Name : SLES10: Security update for xntp
File : nvt/sles10_xntp.nasl
2009-10-13 Name : Solaris Update for usr/sbin/ntpq 141396-01
File : nvt/gb_solaris_141396_01.nasl
2009-10-11 Name : SLES11: Security update for ntp
File : nvt/sles11_ntp.nasl
2009-10-10 Name : SLES9: Security update for xntp
File : nvt/sles9p5049935.nasl
2009-09-23 Name : Solaris Update for usr/sbin/ntpq 141397-01
File : nvt/gb_solaris_141397_01.nasl
2009-09-23 Name : Solaris Update for ntpq 141910-01
File : nvt/gb_solaris_141910_01.nasl
2009-09-23 Name : Solaris Update for ntpq 141911-01
File : nvt/gb_solaris_141911_01.nasl
2009-08-03 Name : HP-UX Update for XNTP HPSBUX02437
File : nvt/gb_hp_ux_HPSBUX02437.nasl
2009-07-29 Name : Ubuntu USN-805-1 (ruby1.9)
File : nvt/ubuntu_805_1.nasl
2009-06-15 Name : SuSE Security Summary SUSE-SR:2009:011
File : nvt/suse_sr_2009_011.nasl
2009-06-05 Name : Gentoo Security Advisory GLSA 200905-08 (ntp)
File : nvt/glsa_200905_08.nasl
2009-06-05 Name : Fedora Core 9 FEDORA-2009-5275 (ntp)
File : nvt/fcore_2009_5275.nasl
2009-06-05 Name : Fedora Core 10 FEDORA-2009-5273 (ntp)
File : nvt/fcore_2009_5273.nasl
2009-06-05 Name : Ubuntu USN-776-2 (kvm)
File : nvt/ubuntu_776_2.nasl
2009-06-05 Name : Ubuntu USN-777-1 (ntp)
File : nvt/ubuntu_777_1.nasl
2009-05-25 Name : FreeBSD Ports: ntp
File : nvt/freebsd_ntp.nasl
2009-05-25 Name : CentOS Security Advisory CESA-2009:1039 (ntp)
File : nvt/ovcesa2009_1039.nasl
2009-05-25 Name : Debian Security Advisory DSA 1801-1 (ntp)
File : nvt/deb_1801_1.nasl
2009-05-20 Name : RedHat Security Advisory RHSA-2009:1040
File : nvt/RHSA_2009_1040.nasl
2009-05-20 Name : RedHat Security Advisory RHSA-2009:1039
File : nvt/RHSA_2009_1039.nasl
2009-04-30 Name : NTP Stack Buffer Overflow Vulnerability
File : nvt/secpod_ntp_bof_vuln.nasl
2009-04-15 Name : Mandrake Security Advisory MDVSA-2009:092 (ntp)
File : nvt/mdksa_2009_092.nasl
0000-00-00 Name : Slackware Advisory SSA:2009-343-01 ntp
File : nvt/esoft_slk_ssa_2009_343_01.nasl
0000-00-00 Name : Slackware Advisory SSA:2009-154-01 ntp
File : nvt/esoft_slk_ssa_2009_154_01.nasl

Open Source Vulnerability Database (OSVDB)

Id Description
60847 NTP ntpd Mode 7 Request Crafted Packet Reply Loop Remote DoS

NTP contains a flaw that may allow a remote denial of service. The issue is triggered when ntpd processes specially crafted MODE_PRIVATE packets, and will result in loss of availability for the service.
53593 NTP ntpq/ntpq.c cookedprint() Function Remote Overflow

Information Assurance Vulnerability Management (IAVM)

Date Description
2015-07-16 IAVM : 2015-A-0150 - Multiple Security Vulnerabilities in Juniper Networks CTPView
Severity : Category I - VMSKEY : V0061073
2015-05-21 IAVM : 2015-A-0113 - Multiple Vulnerabilities in Juniper Networks CTPOS
Severity : Category I - VMSKEY : V0060737

Snort® IPS/IDS

Date Description
2014-01-10 ntp mode 7 denial of service attempt
RuleID : 16350 - Revision : 7 - Type : SERVER-OTHER

Nessus® Vulnerability Scanner

Date Description
2016-03-08 Name : The remote VMware ESX / ESXi host is missing a security-related patch.
File : vmware_VMSA-2010-0009_remote.nasl - Type : ACT_GATHER_INFO
2016-03-08 Name : The remote VMware ESX host is missing a security-related patch.
File : vmware_VMSA-2010-0004_remote.nasl - Type : ACT_GATHER_INFO
2016-03-03 Name : The remote host is missing a security-related patch.
File : vmware_VMSA-2009-0016_remote.nasl - Type : ACT_GATHER_INFO
2016-01-28 Name : The remote device is missing a vendor-supplied security patch.
File : f5_bigip_SOL10905.nasl - Type : ACT_GATHER_INFO
2015-01-07 Name : The remote OracleVM host is missing a security update.
File : oraclevm_OVMSA-2015-0001.nasl - Type : ACT_GATHER_INFO
2015-01-07 Name : The remote OracleVM host is missing a security update.
File : oraclevm_OVMSA-2015-0002.nasl - Type : ACT_GATHER_INFO
2014-11-26 Name : The remote OracleVM host is missing a security update.
File : oraclevm_OVMSA-2009-0011.nasl - Type : ACT_GATHER_INFO
2014-11-26 Name : The remote OracleVM host is missing a security update.
File : oraclevm_OVMSA-2009-0036.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing a security update.
File : oraclelinux_ELSA-2009-1651.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing a security update.
File : oraclelinux_ELSA-2009-1648.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing a security update.
File : oraclelinux_ELSA-2009-1040.nasl - Type : ACT_GATHER_INFO
2013-07-12 Name : The remote Oracle Linux host is missing a security update.
File : oraclelinux_ELSA-2009-1039.nasl - Type : ACT_GATHER_INFO
2013-06-29 Name : The remote CentOS host is missing a security update.
File : centos_RHSA-2009-1040.nasl - Type : ACT_GATHER_INFO
2013-05-19 Name : The remote HP-UX host is missing a security-related patch.
File : hpux_PHNE_42470.nasl - Type : ACT_GATHER_INFO
2013-01-24 Name : The remote AIX host is missing a security patch.
File : aix_IZ71614.nasl - Type : ACT_GATHER_INFO
2013-01-24 Name : The remote AIX host is missing a security patch.
File : aix_IZ68659.nasl - Type : ACT_GATHER_INFO
2013-01-24 Name : The remote AIX host is missing a security patch.
File : aix_IZ71071.nasl - Type : ACT_GATHER_INFO
2013-01-24 Name : The remote AIX host is missing a security patch.
File : aix_IZ71093.nasl - Type : ACT_GATHER_INFO
2013-01-24 Name : The remote AIX host is missing a security patch.
File : aix_IZ71613.nasl - Type : ACT_GATHER_INFO
2013-01-24 Name : The remote AIX host is missing a security patch.
File : aix_IZ71608.nasl - Type : ACT_GATHER_INFO
2013-01-24 Name : The remote AIX host is missing a security patch.
File : aix_IZ71611.nasl - Type : ACT_GATHER_INFO
2013-01-24 Name : The remote AIX host is missing a security patch.
File : aix_IZ71610.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing a security update.
File : sl_20090518_ntp_on_SL4_x.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing a security update.
File : sl_20090518_ntp_on_SL5_x.nasl - Type : ACT_GATHER_INFO
2012-08-01 Name : The remote Scientific Linux host is missing a security update.
File : sl_20091208_ntp_on_SL3_x.nasl - Type : ACT_GATHER_INFO
2011-04-04 Name : The remote HP-UX host is missing a security-related patch.
File : hpux_PHNE_41907.nasl - Type : ACT_GATHER_INFO
2011-04-04 Name : The remote HP-UX host is missing a security-related patch.
File : hpux_PHNE_41908.nasl - Type : ACT_GATHER_INFO
2011-04-04 Name : The remote HP-UX host is missing a security-related patch.
File : hpux_PHNE_41177.nasl - Type : ACT_GATHER_INFO
2010-10-11 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_xntp-6718.nasl - Type : ACT_GATHER_INFO
2010-06-01 Name : The remote VMware ESXi / ESX host is missing one or more security-related pat...
File : vmware_VMSA-2010-0009.nasl - Type : ACT_GATHER_INFO
2010-05-19 Name : The remote AIX host is missing a vendor-supplied security patch.
File : aix_U832257.nasl - Type : ACT_GATHER_INFO
2010-03-05 Name : The remote VMware ESX host is missing one or more security-related patches.
File : vmware_VMSA-2010-0004.nasl - Type : ACT_GATHER_INFO
2010-02-25 Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-201001-01.nasl - Type : ACT_GATHER_INFO
2010-02-24 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-1992.nasl - Type : ACT_GATHER_INFO
2010-02-24 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-1948.nasl - Type : ACT_GATHER_INFO
2010-01-13 Name : The remote openSUSE host is missing a security update.
File : suse_11_2_ntp-091215.nasl - Type : ACT_GATHER_INFO
2010-01-13 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_ntp-091211.nasl - Type : ACT_GATHER_INFO
2010-01-13 Name : The remote openSUSE host is missing a security update.
File : suse_11_1_ntp-091221.nasl - Type : ACT_GATHER_INFO
2010-01-13 Name : The remote openSUSE host is missing a security update.
File : suse_11_0_ntp-091211.nasl - Type : ACT_GATHER_INFO
2010-01-06 Name : The remote CentOS host is missing a security update.
File : centos_RHSA-2009-1039.nasl - Type : ACT_GATHER_INFO
2009-12-21 Name : The remote SuSE 9 host is missing a security-related patch.
File : suse9_12559.nasl - Type : ACT_GATHER_INFO
2009-12-21 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_xntp-6719.nasl - Type : ACT_GATHER_INFO
2009-12-14 Name : The remote network time service has a denial of service vulnerability.
File : ntpd_mode7_ping_pong_dos.nasl - Type : ACT_GATHER_INFO
2009-12-14 Name : The remote Fedora host is missing a security update.
File : fedora_2009-13121.nasl - Type : ACT_GATHER_INFO
2009-12-14 Name : The remote Fedora host is missing a security update.
File : fedora_2009-13090.nasl - Type : ACT_GATHER_INFO
2009-12-14 Name : The remote Fedora host is missing a security update.
File : fedora_2009-13046.nasl - Type : ACT_GATHER_INFO
2009-12-11 Name : The remote Slackware host is missing a security update.
File : Slackware_SSA_2009-343-01.nasl - Type : ACT_GATHER_INFO
2009-12-09 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2009-328.nasl - Type : ACT_GATHER_INFO
2009-12-09 Name : The remote CentOS host is missing a security update.
File : centos_RHSA-2009-1648.nasl - Type : ACT_GATHER_INFO
2009-12-09 Name : The remote CentOS host is missing a security update.
File : centos_RHSA-2009-1651.nasl - Type : ACT_GATHER_INFO
2009-12-09 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-867-1.nasl - Type : ACT_GATHER_INFO
2009-12-09 Name : The remote Red Hat host is missing a security update.
File : redhat-RHSA-2009-1648.nasl - Type : ACT_GATHER_INFO
2009-12-09 Name : The remote Red Hat host is missing a security update.
File : redhat-RHSA-2009-1651.nasl - Type : ACT_GATHER_INFO
2009-12-04 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2009-309.nasl - Type : ACT_GATHER_INFO
2009-11-23 Name : The remote VMware ESXi / ESX host is missing one or more security-related pat...
File : vmware_VMSA-2009-0016.nasl - Type : ACT_GATHER_INFO
2009-09-24 Name : The remote SuSE 9 host is missing a security-related patch.
File : suse9_12415.nasl - Type : ACT_GATHER_INFO
2009-09-24 Name : The remote SuSE 11 host is missing one or more security updates.
File : suse_11_ntp-090508.nasl - Type : ACT_GATHER_INFO
2009-09-24 Name : The remote SuSE 10 host is missing a security-related patch.
File : suse_xntp-6232.nasl - Type : ACT_GATHER_INFO
2009-07-27 Name : The remote HP-UX host is missing a security-related patch.
File : hpux_PHNE_39872.nasl - Type : ACT_GATHER_INFO
2009-07-27 Name : The remote HP-UX host is missing a security-related patch.
File : hpux_PHNE_39871.nasl - Type : ACT_GATHER_INFO
2009-07-27 Name : The remote HP-UX host is missing a security-related patch.
File : hpux_PHNE_39873.nasl - Type : ACT_GATHER_INFO
2009-07-21 Name : The remote openSUSE host is missing a security update.
File : suse_11_1_ntp-090508.nasl - Type : ACT_GATHER_INFO
2009-07-21 Name : The remote openSUSE host is missing a security update.
File : suse_11_0_ntp-090508.nasl - Type : ACT_GATHER_INFO
2009-06-04 Name : The remote Slackware host is missing a security update.
File : Slackware_SSA_2009-154-01.nasl - Type : ACT_GATHER_INFO
2009-06-01 Name : The remote Fedora host is missing a security update.
File : fedora_2009-5275.nasl - Type : ACT_GATHER_INFO
2009-06-01 Name : The remote Fedora host is missing a security update.
File : fedora_2009-5273.nasl - Type : ACT_GATHER_INFO
2009-05-27 Name : The remote Gentoo host is missing one or more security-related patches.
File : gentoo_GLSA-200905-08.nasl - Type : ACT_GATHER_INFO
2009-05-26 Name : The remote FreeBSD host is missing a security-related update.
File : freebsd_pkg_4175c811f690489887c5755b3cf1bac6.nasl - Type : ACT_GATHER_INFO
2009-05-20 Name : The remote Debian host is missing a security-related update.
File : debian_DSA-1801.nasl - Type : ACT_GATHER_INFO
2009-05-20 Name : The remote openSUSE host is missing a security update.
File : suse_xntp-6231.nasl - Type : ACT_GATHER_INFO
2009-05-20 Name : The remote Ubuntu host is missing one or more security-related patches.
File : ubuntu_USN-777-1.nasl - Type : ACT_GATHER_INFO
2009-05-19 Name : The remote Red Hat host is missing a security update.
File : redhat-RHSA-2009-1039.nasl - Type : ACT_GATHER_INFO
2009-05-19 Name : The remote Red Hat host is missing a security update.
File : redhat-RHSA-2009-1040.nasl - Type : ACT_GATHER_INFO
2009-05-13 Name : The remote host is missing a Mac OS X update that fixes various security issues.
File : macosx_10_5_7.nasl - Type : ACT_GATHER_INFO
2009-05-13 Name : The remote host is missing a Mac OS X update that fixes various security issues.
File : macosx_SecUpd2009-002.nasl - Type : ACT_GATHER_INFO
2009-04-23 Name : The remote Mandriva Linux host is missing one or more security updates.
File : mandriva_MDVSA-2009-092.nasl - Type : ACT_GATHER_INFO

Alert History

If you want to see full details history, please login or register.
0
1
2
3
Date Informations
2013-05-15 21:20:35
  • Multiple Updates
2013-04-11 21:20:35
  • Multiple Updates
2013-04-11 21:18:53
  • Multiple Updates
2013-04-01 17:17:24
  • First insertion