Family: Fedora Local Security Checks --> Category: infos
Fedora Core 3 2005-812: ntp Vulnerability Scan
Vulnerability Scan Summary
Check for the version of the ntp package
Detailed Explanation for this Vulnerability Test
The remote host is missing the patch for the advisory FEDORA-2005-812 (ntp).
The Network Time Protocol (NTP) is used to synchronize a computer's
time with another reference time source. The ntp package contains
utilities and daemons that will synchronize your computer's time to
Coordinated Universal Time (UTC) via the NTP protocol and NTP servers.
The ntp package includes ntpdate (a program for retrieving the date
and time from remote machines via a network) and ntpd (a daemon which
continuously adjusts system time).
Install the ntp package if you need tools for keeping your system's
time synchronized via the NTP protocol.
When starting xntpd with the -u option and specifying the
group by using a string not a numeric gid the daemon uses
the gid of the user not the group. This problem is now fixed
by this update.
The Common Vulnerabilities and Exposures project assigned
the name CVE-2005-2496 to this issue.
Solution : Get the newest Fedora Updates
Threat Level: High
Click HERE for more information and discussions on this network vulnerability scan.