ntp, ntpdate, sntp security update

🗓️ 06 Feb 2017 11:25:17Reported by CentOS ProjectType

centos

centos🔗 lists.centos.org👁 359 Views

NTP, NTPdate, SNTP security update for CentO

Reporter	Title	Published	Views	Family All 219
IBM Security Bulletins	Security Bulletin: Vulnerabilities in ntp affect PowerKVM	18 Jun 201801:35	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple Security vulnerabilities fixed in IBM Security Privileged Identity Manager	16 Jun 201821:59	–	ibm
IBM Security Bulletins	Security Bulletin: Network Time Protocol (NTP) vulnerability in AIX which is used by IBM OS Images in IBM PureApplication Systems (CVE-2016-9310)	15 Jun 201807:08	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Security Guardium is affected by Using Components with Known Vulnerabilities	16 Jun 201822:03	–	ibm
IBM Security Bulletins	Security Bulletin: Fixes for Multiple Security Vulnerabilities in IBM Security Identity Manager Virtual Appliance available	16 Jun 201821:59	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple vulnerabilities in ntp affect IBM Flex System Manager (FSM)	18 Jun 201801:36	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerabilities in NTP affect IBM Flex System Chassis Management Module (CMM)	31 Jan 201902:25	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple Vulnerabilities in NTP affect Power Hardware Management Console	23 Sep 202101:31	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerabilities in NTP affect IBM Flex System FC3171 8Gb SAN Switch and SAN Pass-thru, QLogic 8Gb Intelligent Pass-thru Module & SAN Switch Module for BladeCenter and QLogic Virtual Fabric Extension Module for IBM BladeCenter	31 Jan 201902:25	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple security vulnerabilities have been fixed in products bundled with IBM Security Directory Suite 8.0.1	16 Jun 201822:03	–	ibm

OS	OS Version	Architecture	Package	Package Version	Filename
CentOS	6	i686	ntp	4.2.6p5-10.el6.centos.2	ntp-4.2.6p5-10.el6.centos.2.i686.rpm
CentOS	6	i686	ntpdate	4.2.6p5-10.el6.centos.2	ntpdate-4.2.6p5-10.el6.centos.2.i686.rpm
CentOS	6	noarch	ntp-doc	4.2.6p5-10.el6.centos.2	ntp-doc-4.2.6p5-10.el6.centos.2.noarch.rpm
CentOS	6	i686	ntp-perl	4.2.6p5-10.el6.centos.2	ntp-perl-4.2.6p5-10.el6.centos.2.i686.rpm
CentOS	6	x86_64	ntp	4.2.6p5-10.el6.centos.2	ntp-4.2.6p5-10.el6.centos.2.x86_64.rpm
CentOS	6	x86_64	ntpdate	4.2.6p5-10.el6.centos.2	ntpdate-4.2.6p5-10.el6.centos.2.x86_64.rpm
CentOS	6	noarch	ntp-doc	4.2.6p5-10.el6.centos.2	ntp-doc-4.2.6p5-10.el6.centos.2.noarch.rpm
CentOS	6	x86_64	ntp-perl	4.2.6p5-10.el6.centos.2	ntp-perl-4.2.6p5-10.el6.centos.2.x86_64.rpm
CentOS	7	x86_64	ntp	4.2.6p5-25.el7.centos.1	ntp-4.2.6p5-25.el7.centos.1.x86_64.rpm
CentOS	7	x86_64	ntpdate	4.2.6p5-25.el7.centos.1	ntpdate-4.2.6p5-25.el7.centos.1.x86_64.rpm

Source	Link
twitter	www.twitter.com/centos
steadfast	www.steadfast.net/
linkedin	www.linkedin.com/groups/22405
youtube	www.youtube.com/TheCentOSProject
facebook	www.facebook.com/groups/centosproject/
reddit	www.reddit.com/r/CentOS/
rhn	www.rhn.redhat.com/errata/RHSA-2017-0252.html

06 Feb 2017 12:22Current

6.5Medium risk

Vulners AI Score6.5

CVSS 27.1

CVSS 3.17.5

CVSS 36.5

EPSS0.11683

network time protocol ntpd service security fix rate limiting ddos denial of service information disclosure null pointer dereference root delay