Lucene search
OracleLinuxELSA-2015-2231HistoryNov 23, 2015 - 12:00 a.m.
ntp security, bug fix, and enhancement update
2015-11-2300:00:00
linux.oracle.com
42
0.895 High
EPSS
Percentile
98.5%
[4.2.6p5-22]
- check origin timestamp before accepting KoD RATE packet (CVE-2015-7704)
- allow only one step larger than panic threshold with -g (CVE-2015-5300)
[4.2.6p5-20] - validate lengths of values in extension fields (CVE-2014-9297)
- drop packets with spoofed source address ::1 (CVE-2014-9298)
- reject packets without MAC when authentication is enabled (CVE-2015-1798)
- protect symmetric associations with symmetric key against DoS attack (CVE-2015-1799)
- fix generation of MD5 keys with ntp-keygen on big-endian systems (CVE-2015-3405)
- add option to set Differentiated Services Code Point (DSCP) (#1202828)
- add nanosecond support to SHM refclock (#1117702)
- allow creating all SHM segments with owner-only access (#1122012)
- allow different thresholds for forward and backward step (#1193154)
- allow symmetric keys up to 32 bytes again (#1191111)
- don’t step clock for leap second with -x option (#1191122)
- don’t drop packets with source port below 123 (#1171640)
- retry joining multicast groups (#1207014)
- increase memlock limit again (#1053569)
- warn when monitor can’t be disabled due to limited restrict (#1191108)
- use larger RSA exponent in ntp-keygen (#1191116)
- fix crash in ntpq mreadvar command (#1180721)
- move sntp kod database to allow SELinux labeling (#1082934)
- fix typos in ntpd man page (#1195211)
- improve documentation of restrict command (#1213953)
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| oracle linux | 7 | src | ntp | < 4.2.6p5-22.el7 | ntp-4.2.6p5-22.el7.src.rpm |
| oracle linux | 7 | x86_64 | ntp | < 4.2.6p5-22.el7 | ntp-4.2.6p5-22.el7.x86_64.rpm |
| oracle linux | 7 | noarch | ntp-doc | < 4.2.6p5-22.el7 | ntp-doc-4.2.6p5-22.el7.noarch.rpm |
| oracle linux | 7 | noarch | ntp-perl | < 4.2.6p5-22.el7 | ntp-perl-4.2.6p5-22.el7.noarch.rpm |
| oracle linux | 7 | x86_64 | ntpdate | < 4.2.6p5-22.el7 | ntpdate-4.2.6p5-22.el7.x86_64.rpm |
| oracle linux | 7 | x86_64 | sntp | < 4.2.6p5-22.el7 | sntp-4.2.6p5-22.el7.x86_64.rpm |
Related
redhat
redhat
(RHSA-2015:1459) Moderate: ntp security, bug fix, and enhancement update
2015-07-22 00:00:00
(RHSA-2015:2231) Moderate: ntp security, bug fix, and enhancement update
2015-11-19 14:42:12
(RHSA-2015:1930) Important: ntp security update
2015-10-26 00:00:00
nessus
nessus
Oracle Linux 7 : ntp (ELSA-2015-2231)
2015-11-24 00:00:00
Oracle Linux 6 : ntp (ELSA-2015-1459)
2015-07-30 00:00:00
CentOS 6 : ntp (CESA-2015:1459)
2015-07-28 00:00:00
openvas
openvas
RedHat Update for ntp RHSA-2015:2231-04
2015-11-20 00:00:00
Oracle Linux Local Check: ELSA-2015-2231
2015-11-24 00:00:00
RedHat Update for ntp RHSA-2015:1459-01
2015-07-23 00:00:00
centos
centos
ntp, ntpdate, sntp security update
2015-11-30 19:45:44
ntp, ntpdate security update
2015-07-26 14:13:05
ntp, ntpdate, sntp security update
2015-10-26 15:51:06
veracode
veracode
Denial Of Service (DoS)
2019-05-02 05:41:07
Man-In-The-Middle (MitM)
2019-05-02 05:41:08
Man-in-the-Middle (MitM)
2019-05-02 05:41:08
ibm
ibm
oraclelinux
oraclelinux
ntp security, bug fix, and enhancement update
2015-07-28 00:00:00
ntp security update
2015-10-26 00:00:00
cve
cve
prion
prion
Design/Logic Flaw
2015-10-06 01:59:00
Design/Logic Flaw
2015-10-06 01:59:00
Authentication flaw
2015-10-06 01:59:00
osv
osv
ntp - security update
2015-04-10 00:00:00
ntp - security update
2015-04-12 00:00:00
ntp - incomplete fix
2015-02-05 00:00:00
securityvulns
securityvulns
FreeBSD Security Advisory FreeBSD-SA-15:07.ntp
2015-04-08 00:00:00
[USN-2497-1] NTP vulnerabilities
2015-02-11 00:00:00
ntpd restrictions bypass
2015-04-08 00:00:00
freebsd_advisory
freebsd_advisory
FreeBSD-SA-15:07.ntp
2015-04-07 00:00:00
fedora
fedora
[SECURITY] Fedora 21 Update: ntp-4.2.6p5-30.fc21
2015-04-28 13:01:04
[SECURITY] Fedora 20 Update: ntp-4.2.6p5-22.fc20
2015-04-22 22:55:51
[SECURITY] Fedora 22 Update: ntp-4.2.6p5-30.fc22
2015-04-22 22:56:05
mageia
mageia
Updated ntp packages fix security vulnerabilities
2015-02-11 23:47:51
Updated ntp packages fix security vulnerabilities
2015-04-15 12:01:28
debian
debian
[SECURITY] [DLA 149-1] ntp security update
2015-02-07 15:26:18
[SECURITY] [DSA 3154-1] ntp security update
2015-02-05 21:13:52
[SECURITY] [DSA 3154-1] ntp security update
2015-02-05 21:13:52
f5
f5
K16393 : NTP vulnerability CVE-2014-9751
2015-11-07 00:00:00
SOL16392 - NTP vulnerability CVE-2014-9750
2015-04-09 00:00:00
K16392 : NTP vulnerability CVE-2014-9750
2015-11-07 00:00:00
ubuntucve
ubuntucve
ubuntu
ubuntu
NTP vulnerabilities
2015-02-09 00:00:00
NTP vulnerabilities
2015-04-13 00:00:00
archlinux
archlinux
ntp: multiple issues
2015-02-06 00:00:00
ntp: multiple issues
2015-04-08 00:00:00
amazon
amazon
aix
aix
Vulnerabilities in NTPv4 affect AIX,Vulnerabilities in NTPv4 affect VIOS
2015-06-29 10:00:16
freebsd
freebsd
ntp -- multiple vulnerabilities
2015-04-07 00:00:00
suse
suse
Security update for ntp (important)
2015-07-02 17:05:24
Security update for ntp (important)
2015-02-12 03:06:04
Security update for ntp (important)
2015-02-12 21:04:54
cisco
cisco
slackware
slackware
[slackware-security] ntp
2015-04-22 01:21:55
cert
cert
NTP Project ntpd reference implementation contains multiple vulnerabilities
2015-04-07 00:00:00
gentoo
gentoo
NTP: Multiple vulnerablities
2015-09-24 00:00:00
ics
ics
Siemens RUGGEDCOM ROX-based Devices NTP Vulnerabilities
2018-08-27 12:00:00
debiancve
debiancve
checkpoint_advisories
checkpoint_advisories
NTP Kiss-o-Death Packet Denial of Service - Ver2 (CVE-2015-7704)
2018-06-25 00:00:00
citrix
citrix
Citrix XenServer Multiple Security Updates
2017-01-25 05:00:00