Lucene search
Gentoo FoundationMGASA-2014-0052HistoryFeb 12, 2014 - 2:13 a.m.
Updated chrony package fixes security vulnerability
2014-02-1202:13:17
Gentoo Foundation
advisories.mageia.org
10
0.024 Low
EPSS
Percentile
89.8%
Updated chrony package fixes security vulnerability: In the chrony control protocol some replies are significantly larger than their requests, which allows an attacker to use it in an amplification attack (CVE-2014-0021). Note: in the default configuration, cmdallow is restricted to localhost, so significant amplification is only possible if the configuration has been changed to allow cmdallow from other hosts. Even from hosts whose access is denied, minor amplification is still possible.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| Mageia | 4 | noarch | chrony | < 1.29.1-1 | chrony-1.29.1-1.mga4 |
Related
ubuntucve
ubuntucve
CVE-2014-0021
2019-11-15 00:00:00
nessus
nessus
Amazon Linux AMI : chrony (ALAS-2014-366)
2014-10-12 00:00:00
Fedora 19 : chrony-1.29.1-1.fc19 (2014-1916)
2014-02-20 00:00:00
Fedora 20 : chrony-1.29.1-1.fc20 (2014-1943)
2014-02-06 00:00:00
prion
prion
Information disclosure
2019-11-15 15:15:00
cvelist
cvelist
CVE-2014-0021
2019-11-15 14:35:31
cve
cve
CVE-2014-0021
2019-11-15 15:15:00
openvas
openvas
Amazon Linux: Security Advisory (ALAS-2014-366)
2015-09-08 00:00:00
Mageia: Security Advisory (MGASA-2014-0052)
2022-01-28 00:00:00
Fedora Update for chrony FEDORA-2014-1916
2014-02-20 00:00:00
fedora
fedora
[SECURITY] Fedora 20 Update: chrony-1.29.1-1.fc20
2014-02-06 03:50:47
[SECURITY] Fedora 19 Update: chrony-1.29.1-1.fc19
2014-02-20 00:47:04
[SECURITY] Fedora 20 Update: chrony-1.31.1-1.fc20
2015-04-24 22:50:08
amazon
amazon
Low: chrony
2014-07-09 16:20:00
debiancve
debiancve
CVE-2014-0021
2019-11-15 15:15:00