Lucene search
+L

60 matches found

Tenable Nessus
Tenable Nessus
added 2015/01/07 12:0 a.m.18 views

OracleVM 3.2 : ntp (OVMSA-2015-0001)

The remote OracleVM system is missing necessary patches to address critical security updates : - Remove default ntp servers in ntp.conf bug 14342986 - don't generate weak control key for resolver CVE-2014-9293 - don't generate weak MD5 keys in ntp-keygen CVE-2014-9294 - fix buffer overflows via...

7.5CVSS7.1AI score0.78717EPSS
Exploits8References8
OpenVAS
OpenVAS
added 2015/01/05 12:0 a.m.37 views

Fedora Update for ntp FEDORA-2014-17367

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.6AI score0.78717EPSS
Exploits4References2
Tenable Nessus
Tenable Nessus
added 2015/01/02 12:0 a.m.37 views

Fedora 19 : ntp-4.2.6p5-13.fc19 (2014-17395)

Security fix for CVE-2014-9294, CVE-2014-9295, CVE-2014-9293, CVE-2014-9296 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introduci...

7.5CVSS6.7AI score0.78717EPSS
Exploits4References9
OpenVAS
OpenVAS
added 2015/01/01 12:0 a.m.39 views

Fedora Update for ntp FEDORA-2014-17395

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.6AI score0.78717EPSS
Exploits4References2
Tenable Nessus
Tenable Nessus
added 2014/12/26 12:0 a.m.37 views

OracleVM 3.3 : ntp (OVMSA-2014-0085)

The remote OracleVM system is missing necessary patches to address critical security updates : - don't generate weak control key for resolver CVE-2014-9293 - don't generate weak MD5 keys in ntp-keygen CVE-2014-9294 - fix buffer overflows via specially-crafted packets CVE-2014-9295 - don't mobiliz...

7.5CVSS7AI score0.78717EPSS
Exploits4References5
Tenable Nessus
Tenable Nessus
added 2014/12/26 12:0 a.m.34 views

Fedora 21 : ntp-4.2.6p5-25.fc21 (2014-17367)

Security fix for CVE-2014-9294, CVE-2014-9295, CVE-2014-9293, CVE-2014-9296 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introduci...

7.5CVSS6.7AI score0.78717EPSS
Exploits4References9
Tenable Nessus
Tenable Nessus
added 2014/12/23 12:0 a.m.36 views

Slackware 13.0 / 13.1 / 13.37 / 14.0 / 14.1 / current : ntp (SSA:2014-356-01)

New ntp packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix security issues. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from Slackware Security Advisory 2014-356-01. The text itself...

7.5CVSS6.7AI score0.78717EPSS
Exploits4References5
ArchLinux
ArchLinux
added 2014/12/22 12:0 a.m.64 views

ntp: multiple issues

Keys explicitly generated by "ntp-keygen -M" should be regenerated. - CVE-2014-9293 weak key generation ntpd generated a weak key for its internal use, with full administrative privileges. Attackers could use this key to reconfigure ntpd or to exploit other vulnerabilities. - CVE-2014-9294 weak k...

7.5CVSS6.6AI score0.78717EPSS
Exploits4References8
Tenable Nessus
Tenable Nessus
added 2014/12/22 12:0 a.m.34 views

Scientific Linux Security Update : ntp on SL6.x, SL7.x i386/x86_64 (20141220)

Multiple buffer overflow flaws were discovered in ntpd's cryptorecv, ctlputdata, and configure functions. A remote attacker could use either of these flaws to send a specially crafted request packet that could crash ntpd or, potentially, execute arbitrary code with the privileges of the ntp user...

7.5CVSS7.1AI score0.78717EPSS
Exploits4References5
Tenable Nessus
Tenable Nessus
added 2014/12/22 12:0 a.m.48 views

Oracle Linux 5 : ntp (ELSA-2014-2025)

The remote Oracle Linux 5 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2014-2025 advisory. - don't generate weak control key for resolver CVE-2014-9293 - don't generate weak MD5 keys in ntp-keygen CVE-2014-9294 Tenable has extracted the...

7.5CVSS8AI score0.78717EPSS
Exploits3References4
Tenable Nessus
Tenable Nessus
added 2014/12/22 12:0 a.m.40 views

CentOS 5 : ntp (CESA-2014:2025)

Updated ntp packages that fix several security issues are now available for Red Hat Enterprise Linux 5. Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available...

7.5CVSS8AI score0.78717EPSS
Exploits3References4
OpenVAS
OpenVAS
added 2014/12/22 12:0 a.m.43 views

Fedora Update for ntp FEDORA-2014-17361

Check the version of ntp SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.868629";...

7.5CVSS6.5AI score0.78717EPSS
Exploits4References2
CheckPoint Security
CheckPoint Security
added 2014/12/20 10:0 p.m.40 views

Check Point response to NTP vulnerabilities (CVE-2014-9293, CVE-2014-9294, CVE-2014-9295, CVE-2014-9296)

...

7.5CVSS1.6AI score0.78717EPSS
Exploits4Affected Software1
Debian
Debian
added 2014/12/20 9:21 p.m.31 views

[SECURITY] [DLA 116-1] ntp security update

Package : ntp Version : 4.2.6.p2+dfsg-1+deb6u1 CVE ID : CVE-2014-9293 CVE-2014-9294 CVE-2014-9295 CVE-2014-9296 Debian Bug : 773576 Several vulnerabilities were discovered in the ntp package, an implementation of the Network Time Protocol. CVE-2014-9293 ntpd generated a weak key for its internal...

7.5CVSS7.3AI score0.78717EPSS
Exploits4
Debian
Debian
added 2014/12/20 8:37 p.m.44 views

[SECURITY] [DSA 3108-1] ntp security update

------------------------------------------------------------------------- Debian Security Advisory DSA-3108-1 [email protected] http://www.debian.org/security/ Florian Weimer December 20, 2014 http://www.debian.org/security/faq -...

7.5CVSS9.3AI score0.78717EPSS
Exploits4
CVE
CVE
added 2014/12/20 2:0 a.m.303 views

CVE-2014-9293

CVE-2014-9293 affects ntpd and is triggered when no authentication key is configured; ntpd may generate a cryptographically weak default key, enabling remote attackers to bypass cryptographic protections via brute-force. The IBM AIX advisory confirms weak default key handling for NTPv3/v4 and lis...

7.5CVSS7.4AI score0.12978EPSS
Exploits1References21Affected Software1
Oracle linux
Oracle linux
added 2014/12/20 12:0 a.m.61 views

ntp security update

4.2.2p1-18.el5 - don't generate weak control key for resolver CVE-2014-9293 - don't generate weak MD5 keys in ntp-keygen CVE-2014-9294 - fix buffer overflows via specially-crafted packets CVE-2014-9295...

7.5CVSS3.6AI score0.78717EPSS
Exploits3
OpenVAS
OpenVAS
added 2014/12/20 12:0 a.m.38 views

Debian Security Advisory DSA 3108-1 (ntp - security update)

Several vulnerabilities were discovered in the ntp package, an implementation of the Network Time Protocol. CVE-2014-9293 ntpd generated a weak key for its internal use, with full administrative privileges. Attackers could use this key to reconfigure ntpd or to exploit other vulnerabilities...

7.5CVSS0.7AI score0.78717EPSS
Exploits4References1
Oracle linux
Oracle linux
added 2014/12/20 12:0 a.m.62 views

ntp security update

4.2.6p5-2 - don't generate weak control key for resolver CVE-2014-9293 - don't generate weak MD5 keys in ntp-keygen CVE-2014-9294 - fix buffer overflows via specially-crafted packets CVE-2014-9295 - don't mobilize passive association when authentication fails CVE-2014-9296...

7.5CVSS4.4AI score0.78717EPSS
Exploits4
OpenVAS
OpenVAS
added 2014/12/19 12:0 a.m.36 views

Debian: Security Advisory (DSA-3108-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2014 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.6AI score0.78717EPSS
Exploits4References3
Rows per page
Query Builder