oval:org.mitre.oval:def:28264

Definition Id: oval:org.mitre.oval:def:28264
 
Oval ID: oval:org.mitre.oval:def:28264
Title: USN-2449-1 -- NTP vulnerabilities
Description: Neel Mehta discovered that NTP generated weak authentication keys. A remote attacker could possibly use this issue to brute force the authentication key and send requests if permitted by IP restrictions. (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-9293">CVE-2014-9293</a>) Stephen Roettger discovered that NTP generated weak MD5 keys. A remote attacker could possibly use this issue to brute force the MD5 key and spoof a client or server. (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-9294">CVE-2014-9294</a>) Stephen Roettger discovered that NTP contained buffer overflows in the crypto_recv(), ctl_putdata() and configure() functions. In non-default configurations, a remote attacker could use these issues to cause NTP to crash, resulting in a denial of service, or possibly execute arbitrary code. The default compiler options for affected releases should reduce the vulnerability to a denial of service. In addition, attackers would be isolated by the NTP AppArmor profile. (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-9295">CVE-2014-9295</a>) Stephen Roettger discovered that NTP incorrectly continued processing when handling certain errors. (<a href="http://people.ubuntu.com/~ubuntu-security/cve/CVE-2014-9296">CVE-2014-9296</a>)
Family: unix Class: patch
Reference(s): USN-2449-1
CVE-2014-9293
CVE-2014-9294
CVE-2014-9295
CVE-2014-9296
Version: 3
Platform(s): Ubuntu 14.10
Ubuntu 14.04
Ubuntu 12.04
Ubuntu 10.04
Product(s): ntp
Definition Synopsis:
Definition Id: oval:org.mitre.oval:def:13089
 
Oval ID: oval:org.mitre.oval:def:13089
Title: Ubuntu 10.04 is installed
Description: Ubuntu 10.04 is installed
Family: unix Class: inventory
Reference(s): cpe:/o:canonical:ubuntu_linux:10.04
Version: 5
Platform(s): Ubuntu 10.04
Product(s):
Definition Synopsis:
Referenced By:
oval:org.mitre.oval:def:28264
Definition Id: oval:org.mitre.oval:def:27174
 
Oval ID: oval:org.mitre.oval:def:27174
Title: Ubuntu 14.10 is installed
Description: Ubuntu 14.10 is installed
Family: unix Class: inventory
Reference(s): cpe:/o:canonical:ubuntu_linux:14.10
Version: 5
Platform(s): Ubuntu 14.10
Product(s):
Definition Synopsis:
Referenced By:
oval:org.mitre.oval:def:28264
Definition Id: oval:org.mitre.oval:def:24421
 
Oval ID: oval:org.mitre.oval:def:24421
Title: Ubuntu 14.04 is installed
Description: Ubuntu 14.04 is installed
Family: unix Class: inventory
Reference(s): cpe:/o:canonical:ubuntu_linux:14.04
Version: 5
Platform(s): Ubuntu 14.04
Product(s):
Definition Synopsis:
Referenced By:
oval:org.mitre.oval:def:28264
Definition Id: oval:org.mitre.oval:def:15824
 
Oval ID: oval:org.mitre.oval:def:15824
Title: Ubuntu 12.04 is installed
Description: Ubuntu 12.04 is installed
Family: unix Class: inventory
Reference(s): cpe:/o:canonical:ubuntu_linux:12.04
Version: 5
Platform(s): Ubuntu 12.04
Product(s):
Definition Synopsis:
Referenced By:
oval:org.mitre.oval:def:28264