49 matches found
openSUSE Security Update : ntp (openSUSE-2016-599)
This update for ntp to 4.2.8p7 fixes the following issues : - CVE-2016-1547, bsc977459: Validate crypto-NAKs, AKA: CRYPTO-NAK DoS. - CVE-2016-1548, bsc977461: Interleave-pivot - CVE-2016-1549, bsc977451: Sybil vulnerability: ephemeral association attack. - CVE-2016-1550, bsc977464: Improve NTP...
SUSE-SU-2016:1291-1 Security update for ntp
This update for ntp to 4.2.8p7 fixes the following issues: CVE-2016-1547, bsc977459: Validate crypto-NAKs, AKA: CRYPTO-NAK DoS. CVE-2016-1548, bsc977461: Interleave-pivot CVE-2016-1549, bsc977451: Sybil vulnerability: ephemeral association attack. CVE-2016-1550, bsc977464: Improve NTP security...
SUSE-SU-2016:1278-1 Security update for ntp
This update for ntp to 4.2.8p7 fixes the following issues: CVE-2016-1547, bsc977459: Validate crypto-NAKs, AKA: CRYPTO-NAK DoS. CVE-2016-1548, bsc977461: Interleave-pivot CVE-2016-1549, bsc977451: Sybil vulnerability: ephemeral association attack. CVE-2016-1550, bsc977464: Improve NTP security...
kernel: net: sctp: NULL pointer dereference in af->from_addr_param on malformed packet
A flaw was found in the way the Linux kernel's SCTP implementation validated INIT chunks when performing Address Configuration Change ASCONF. A remote attacker could use this flaw to crash the system by sending a specially crafted SCTP packet to trigger a NULL pointer dereference on the system...
CVE-2013-6012
Juniper Junos 12.1X44 before 12.1.X44-D20 and 12.1X45 before 12.1X45-D15, when the no-validate option is enabled, does not properly handle configuration validation errors during the config commit phase of the boot-up sequence, which allows remote attackers to bypass authentication via unspecified...
Authentication flaw
Juniper Junos 12.1X44 before 12.1.X44-D20 and 12.1X45 before 12.1X45-D15, when the no-validate option is enabled, does not properly handle configuration validation errors during the config commit phase of the boot-up sequence, which allows remote attackers to bypass authentication via unspecified...
CVE-2013-6012
CVE-2013-6012 – Juniper Junos system affected by an authentication bypass when the no-validate option is enabled. The affected products are Juniper Junos 12.1X44 before 12.1.X44-D20 and 12.1X45 before 12.1X45-D15. The root cause is improper handling of configuration validation errors during the c...
CVE-2013-6012
Juniper Junos 12.1X44 before 12.1.X44-D20 and 12.1X45 before 12.1X45-D15, when the no-validate option is enabled, does not properly handle configuration validation errors during the config commit phase of the boot-up sequence, which allows remote attackers to bypass authentication via unspecified...
Juniper Junos SRX Series Unauthenticated Access (JSA10593)
According to its self-reported version number, the remote Juniper Junos SRX series device may be affected by an unauthenticated access vulnerability. A configuration validation error may exist when upgrading that leaves the device with a partial configuration when the 'no-validate' option is used...