Package: ntp Version: 1:4.2.6.p5+dfsg-2 Severity: normal Tags: security Remotely exploitable, ntp user account only:
http://www.kb.cert.org/vuls/id/852879 Debian listed as unknown here, but the versions checks out as vulnerable: http://www.kb.cert.org/vuls/byvendor?searchview&Query=FIELD+Reference=852879&SearchOrder=4 http://support.ntp.org/bin/view/Main/SecurityNotice -- System Information: Debian Release: 7.7 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'stable'), (5, 'testing'), (2, 'unstable'), (1, 'experimental') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 3.17.0-trunk-amd64 (SMP w/8 CPU cores) Locale: LANG=en_AU.UTF-8, LC_CTYPE=en_AU.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages ntp depends on: ii adduser 3.113+nmu3 ii dpkg 1.17.13 ii libc6 2.19-12 ii libcap2 1:2.22-1.2 ii libedit2 2.11-20080614-5 ii libopts25 1:5.12-0.1 ii libssl1.0.0 1.0.1e-2+deb7u13 ii lsb-base 4.1+Debian8+deb7u1 ii netbase 5.0 Versions of packages ntp recommends: ii perl 5.20.1-2 Versions of packages ntp suggests: pn ntp-doc <none> -- Configuration Files: /etc/ntp.conf changed [not included] -- no debconf information -- debsums errors found: sh: 1: /usr/sbin/dpkg-divert: not found _______________________________________________ Secure-testing-team mailing list [email protected] http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-team
