ntp: config command can be used to set the pidfile and drift file paths

It was found that NTP's :config command could be used to set the pidfile and driftfile paths without any restrictions. A remote attacker could use this flaw to overwrite a file on the file system with a file containing the pid of the ntpd process immediately or the current estimated drift of the...

Scientific Linux Security Update : ntp on SL6.x i386/x86_64 (20160510)

Security Fixes : - It was found that the fix for CVE-2014-9750 was incomplete: three issues were found in the value length checks in NTP's ntpcrypto.c, where a packet with particular autokey operations that contained malicious data was not always being completely validated. A remote attacker coul...

ntp: config command can be used to set the pidfile and drift file paths

It was found that NTP's :config command could be used to set the pidfile and driftfile paths without any restrictions. A remote attacker could use this flaw to overwrite a file on the file system with a file containing the pid of the ntpd process immediately or the current estimated drift of the...

The vulnerability of the Debian GNU/Linux operating system allows a perpetrator to read arbitrary files in the configuration directory.

The vulnerability in the xymond component of the Debian GNU/Linux operating system is related to the lack of protection for configuration data. Exploiting this vulnerability allows a malicious actor to read arbitrary files from the configuration directory using the “config” command...

DEBIAN-CVE-2016-2055

xymond/xymond.c in xymond in Xymon 4.1.x, 4.2.x, and 4.3.x before 4.3.25 allow remote attackers to read arbitrary files in the configuration directory via a "config" command...

DEBIAN-CVE-2016-2054

Multiple buffer overflows in xymond/xymond.c in xymond in Xymon 4.1.x, 4.2.x, and 4.3.x before 4.3.25 allow remote attackers to execute arbitrary code or cause a denial of service daemon crash via a long filename, involving handling a "config" command...

UBUNTU-CVE-2016-2055

xymond/xymond.c in xymond in Xymon 4.1.x, 4.2.x, and 4.3.x before 4.3.25 allow remote attackers to read arbitrary files in the configuration directory via a "config" command...

CVE-2016-2054

Multiple buffer overflows in xymond/xymond.c in xymond in Xymon 4.1.x, 4.2.x, and 4.3.x before 4.3.25 allow remote attackers to execute arbitrary code or cause a denial of service daemon crash via a long filename, involving handling a "config" command...

DLA-335-1 ntp - security update

Bulletin has no description...

Network Time Protocol Daemon (ntpd) 3.x / 4.x < 4.2.8p4 Multiple Vulnerabilities

The version of the remote NTP server is 3.x or 4.x prior to 4.2.8p4. It is, therefore, affected by the following vulnerabilities : - A flaw exists in the ntpcrypto.c file due to improper validation of the 'vallen' value in extension fields. An unauthenticated, remote attacker can exploit this, vi...

UBUNTU-CVE-2015-7703

The "pidfile" or "driftfile" directives in NTP ntpd 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77, when ntpd is configured to allow remote configuration, allows remote attackers with an IP address that is allowed to send configuration requests, and with knowledge of the remote configuration...

Multiple Arbitrary File Overwrite Vulnerabilities in NTP

Network Time Protocol is a protocol used to synchronize a computer's time to its server or clock source e.g., quartz clock, GPS, etc.. The NTP :config command can set the pidfile and driftfile paths without restriction, allowing remote attackers to exploit this vulnerability to overwrite files on...

Flowplayer Cross Site Scripting

Flowplayer js & swf XSS Vulnerability Date: 15/5/14 Vulnerablity Risk : High Vulnerable Sofware: http://flowplayer.org/ Dork : inurl:flowplayer/flowplayer.swf Author: Muhammad Adeel aka Innoxent Stoker Founder | Urdusecurity.blogspot.com Vulnerability xss is Cross Site Scripting vuln Which actual...

Hobbit Monitor config Method Traversal Arbitrary File Access

The version of the Hobbit Monitor daemon installed on the remote host does not properly filter the argument to the 'config' command of directory traversal sequences. An unauthenticated attacker can leverage this flaw to retrieve arbitrary files from the affected host subject to the privileges of...