Log in to ask questions, share your expertise, or stay connected to content you value. Don’t have a login? Learn how to become a member.
Scan results showed a vulnerability (cve-2009-1252) in the ntpd 4.2.0 in all juniper equipenemtns we have which is resolved in other versions like 4.2.5,. this vulnerability can cause DoS when the autokey and openssl are enabled.after checking the kB section, I found that junos is not concerned with this vulnerability as described in kb21459, because the autokey security model is disable by default.All equipments are in the recommended release.
how can I prove this to the audit organisation? can I get the ntp.conf file inside the junos?
kb : https://kb.juniper.net/InfoCenter/index?page=content&id=KB21459&smlogin=true&actp=search
cve : http://cve.mitre.org/cgi-bin/cvename.cgi?name=cve-2009-1252
juniper products : srx650 , srx 240 , ex2200 , ex3300 and ex4200
For these types of audit providing a copy of the kb article you link to is typically sufficient as it demonstrates that the vulnerability has been remediated.
even if it is for PCI DSS ?
Yes, this scan is basically a false positive. The KB article describes how the remediation for the vulnerabillity has been applied and thus supports the response to the reported hit.