12 matches found
Rockwell Automation Stratix NTP Authentication bypass (CVE-2015-1798)
A vulnerability in the message authentication code MAC validation routine of ntpd could allow an unauthenticated, remote attacker to bypass the NTP authentication feature. The vulnerability is due to incorrect validation of the MAC field. An attacker could exploit this vulnerability by sending...
Security Bulletin: Multiple vulnerabilities in NTP, OpenSSL and GNU glibc affect IBM Netezza Host Management
Summary NTP, OpenSSL, GNU glibc and Libreswan are used by IBM Netezza Host Management. IBM Netezza Host Management has addressed the applicable CVEs Vulnerability Details CVEID: CVE-2015-1799 DESCRIPTION: Network Time Protocol NTP Project NTP daemon ntpd is vulnerable to a denial of service, caus...
EulerOS Virtualization 3.0.1.0 : ntp (EulerOS-SA-2019-1556)
According to the versions of the ntp packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - A vulnerability was discovered in the NTP server's parsing of configuration directives. A remote, authenticated attacker could cause...
ntp: missing key check allows impersonation between authenticated peers (VU#357792)
A flaw was found in the way NTP verified trusted keys during symmetric key authentication. An authenticated client A could use this flaw to modify a packet sent between a server B and a client C using a key that is different from the one known to the client A...
Moderate: Red Hat Security Advisory: ntp security and bug fix update
An update for ntp is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CV...
AIX 6.1 TL 9 : ntp (IV73783)
Network Time Protocol NTP Project NTP daemon ntpd is vulnerable to a denial of service, caused by an error when using symmetric key authentication. By sending specially-crafted packets to both peering hosts, an attacker could exploit this vulnerability to prevent synchronization. %NASLMINLEVEL...
AIX 7.1 TL 2 : ntp (IV74262)
Network Time Protocol NTP Project NTP daemon ntpd is vulnerable to a denial of service, caused by an error when using symmetric key authentication. By sending specially-crafted packets to both peering hosts, an attacker could exploit this vulnerability to prevent synchronization. %NASLMINLEVEL...
AIX 6.1 TL 6 : ntp4 (IV71094)
https://vulners.com/cve/CVE-2014-9297 Network Time Protocol NTP Project NTP daemon ntpd could allow a remote attacker to conduct spoofing attacks, caused by insufficient entropy in PRNG. An attacker could exploit this vulnerability to spoof the IPv6 address ::1 to bypass ACLs and launch further...
AIX 7.1 TL 0 : ntp4 (IV71096)
https://vulners.com/cve/CVE-2014-9297 Network Time Protocol NTP Project NTP daemon ntpd could allow a remote attacker to conduct spoofing attacks, caused by insufficient entropy in PRNG. An attacker could exploit this vulnerability to spoof the IPv6 address ::1 to bypass ACLs and launch further...
Vulnerabilities in NTPv4 affect AIX,Vulnerabilities in NTPv4 affect VIOS
IBM SECURITY ADVISORY First Issued: Mon Jun 29 10:00:16 CDT 2015 The most recent version of this document is available here: http://aix.software.ibm.com/aix/efixes/security/ntp4advisory.asc https://aix.software.ibm.com/aix/efixes/security/ntp4advisory.asc...
NTP ntpd Denial of Service Vulnerability
NTP Network Time Protocol is a protocol used by clients to synchronize the date and time with a time server. A denial of service vulnerability exists in NTP ntpd due to inconsistencies in packets received by NTP4 installations using symmetric key authentication. An attacker is allowed to exploit...
NTP MAC Spoofing Vulnerability
NTP Network Time Protocol is a protocol used by clients to synchronize the date and time with a time server. A MAC spoofing vulnerability exists in NTP. Due to NTP4 installation using symmetric key authentication when the unauthenticated code MAC is received. Allows an attacker to exploit the...