Lucene search
OracleLinuxELSA-2016-0780HistoryMay 12, 2016 - 12:00 a.m.
ntp security and bug fix update
2016-05-1200:00:00
linux.oracle.com
35
0.899 High
EPSS
Percentile
98.5%
[4.2.6p5-10]
- don’t accept server/peer packets with zero origin timestamp (CVE-2015-8138)
- fix crash with reslist command (CVE-2015-7977, CVE-2015-7978)
[4.2.6p5-9] - fix crash with invalid logconfig command (CVE-2015-5194)
- fix crash when referencing disabled statistic type (CVE-2015-5195)
- don’t hang in sntp with crafted reply (CVE-2015-5219)
- don’t crash with crafted autokey packet (CVE-2015-7691, CVE-2015-7692,
CVE-2015-7702) - fix memory leak with autokey (CVE-2015-7701)
- don’t allow setting driftfile and pidfile remotely (CVE-2015-7703)
- don’t crash in ntpq with crafted packet (CVE-2015-7852)
- add option to set Differentiated Services Code Point (DSCP) (#1228314)
- extend rawstats log (#1242895)
- fix resetting of leap status (#1243034)
- report clock state changes related to leap seconds (#1242937)
- allow -4/-6 on restrict lines with mask (#1232146)
- retry joining multicast groups (#1288534)
- explain synchronised state in ntpstat man page (#1286969)
[4.2.6p5-7] - check origin timestamp before accepting KoD RATE packet (CVE-2015-7704)
- allow only one step larger than panic threshold with -g (CVE-2015-5300)
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| oracle linux | 6 | src | ntp | < 4.2.6p5-10.el6 | ntp-4.2.6p5-10.el6.src.rpm |
| oracle linux | 6 | i686 | ntp | < 4.2.6p5-10.el6 | ntp-4.2.6p5-10.el6.i686.rpm |
| oracle linux | 6 | noarch | ntp-doc | < 4.2.6p5-10.el6 | ntp-doc-4.2.6p5-10.el6.noarch.rpm |
| oracle linux | 6 | i686 | ntp-perl | < 4.2.6p5-10.el6 | ntp-perl-4.2.6p5-10.el6.i686.rpm |
| oracle linux | 6 | i686 | ntpdate | < 4.2.6p5-10.el6 | ntpdate-4.2.6p5-10.el6.i686.rpm |
| oracle linux | 6 | src | ntp | < 4.2.6p5-10.el6 | ntp-4.2.6p5-10.el6.src.rpm |
| oracle linux | 6 | x86_64 | ntp | < 4.2.6p5-10.el6 | ntp-4.2.6p5-10.el6.x86_64.rpm |
| oracle linux | 6 | noarch | ntp-doc | < 4.2.6p5-10.el6 | ntp-doc-4.2.6p5-10.el6.noarch.rpm |
| oracle linux | 6 | x86_64 | ntp-perl | < 4.2.6p5-10.el6 | ntp-perl-4.2.6p5-10.el6.x86_64.rpm |
| oracle linux | 6 | x86_64 | ntpdate | < 4.2.6p5-10.el6 | ntpdate-4.2.6p5-10.el6.x86_64.rpm |
Related
nessus
nessus
Oracle Linux 6 : ntp (ELSA-2016-0780)
2016-05-16 00:00:00
CentOS 6 : ntp (CESA-2016:0780)
2016-05-17 00:00:00
Scientific Linux Security Update : ntp on SL6.x i386/x86_64 (20160510)
2016-06-09 00:00:00
redhat
redhat
(RHSA-2016:0780) Moderate: ntp security and bug fix update
2016-05-10 06:42:20
(RHSA-2016:2583) Moderate: ntp security and bug fix update
2016-11-03 06:07:15
(RHSA-2015:1930) Important: ntp security update
2015-10-26 00:00:00
openvas
openvas
RedHat Update for ntp RHSA-2016:0780-01
2016-05-11 00:00:00
Mageia: Security Advisory (MGASA-2015-0413)
2015-10-26 00:00:00
Fedora Update for ntp FEDORA-2015-77
2015-11-05 00:00:00
centos
centos
ntp, ntpdate security update
2016-05-16 10:19:19
ntp, ntpdate, sntp security update
2016-11-25 16:00:55
ntp, ntpdate, sntp security update
2015-10-26 15:51:06
fedora
fedora
[SECURITY] Fedora 21 Update: ntp-4.2.6p5-34.fc21
2015-11-04 22:51:44
[SECURITY] Fedora 23 Update: ntp-4.2.6p5-34.fc23
2015-11-02 18:55:43
[SECURITY] Fedora 22 Update: ntp-4.2.6p5-36.fc22
2016-02-21 02:33:52
mageia
mageia
Updated ntp packages fixes security vulnerabilities
2015-10-26 00:50:36
Updated ntp packages fix security vulnerabilities
2015-09-08 20:55:59
ibm
ibm
amazon
amazon
osv
osv
ntp - security update
2015-11-01 00:00:00
ntp - security update
2015-10-28 00:00:00
securityvulns
securityvulns
ntp multiple security vulnerabilities
2015-11-01 00:00:00
[USN-2783-1] NTP vulnerabilities
2015-11-01 00:00:00
debian
debian
[SECURITY] [DLA 335-1] ntp security update
2015-10-28 20:45:05
[SECURITY] [DSA 3388-1] ntp security update
2015-11-01 22:20:55
ubuntu
ubuntu
NTP vulnerabilities
2015-10-27 00:00:00
oraclelinux
oraclelinux
ntp security and bug fix update
2016-11-09 00:00:00
ntp security update
2015-10-26 00:00:00
f5
f5
K17530 : NTP vulnerabilities CVE-2015-7691, CVE-2015-7692, and CVE-2015-7702
2015-11-05 00:00:00
K06288381 : NTP vulnerabilities CVE-2015-7977 and CVE-2015-7978
2016-02-22 00:00:00
aix
aix
Vulnerabilities in NTP affect AIX,Vulnerabilities in NTP affect VIOS
2016-01-21 09:13:20
suse
suse
Security update for ntp (important)
2016-05-17 15:09:17
Security update for ntp (important)
2016-05-06 13:07:50
Security update for ntp (important)
2016-05-12 21:07:47
ubuntucve
ubuntucve
archlinux
archlinux
ntp: multiple issues
2015-10-22 00:00:00
freebsd
freebsd
ntp -- 13 low- and medium-severity vulnerabilities
2015-10-21 00:00:00
arista
arista
Security Advisory 0016
2015-11-04 00:00:00
cisco
cisco
Multiple Vulnerabilities in ntpd Affecting Cisco Products - October 2015
2015-10-21 23:00:00
symantec
symantec
SA103 : October 2015 NTP Security Vulnerabilities
2015-11-24 08:00:00
SA113 : January 2016 NTP Security Vulnerabilities
2016-03-03 08:00:00
slackware
slackware
[slackware-security] ntp
2015-10-29 22:49:05
[slackware-security] ntp
2016-02-23 19:51:20
freebsd_advisory
freebsd_advisory
FreeBSD-SA-15:25.ntp
2015-10-26 00:00:00
ics
ics
Siemens RUGGEDCOM ROX-based Devices NTP Vulnerabilities
2018-08-27 12:00:00
veracode
veracode
Arbitrary File Write
2019-05-02 05:29:36
Denial Of Service (DoS)
2019-05-02 05:29:36
Denial Of Service (DoS)
2019-05-02 05:29:36
prion
prion
Code injection
2017-08-07 20:29:00
Command injection
2017-07-24 14:29:00
Type confusion
2017-07-21 14:29:00
talos
talos
Network Time Protocol ntpq atoascii Memory Corruption Vulnerability
2015-10-21 00:00:00
debiancve
debiancve
cve
cve
CVE-2015-7701
2017-08-07 20:29:00
CVE-2015-7852
2017-08-07 20:29:00
paloalto
paloalto
NTP Vulnerabilities
2016-08-15 00:00:00
gentoo
gentoo
NTP: Multiple vulnerabilities
2016-07-20 00:00:00