3891 matches found
CVE-2020-11868
ntpd in ntp before 4.2.8p14 and 4.3.x before 4.3.100 allows an off-path attacker to block unauthenticated synchronization via a server mode packet with a spoofed source IP address, because transmissions are rescheduled even when a packet lacks a valid origin timestamp...
CVE-2020-11868
ntpd in ntp before 4.2.8p14 and 4.3.x before 4.3.100 allows an off-path attacker to block unauthenticated synchronization via a server mode packet with a spoofed source IP address, because transmissions are rescheduled even when a packet lacks a valid origin timestamp...
Design/Logic Flaw
ntpd in ntp before 4.2.8p14 and 4.3.x before 4.3.100 allows an off-path attacker to block unauthenticated synchronization via a server mode packet with a spoofed source IP address, because transmissions are rescheduled even when a packet lacks a valid origin timestamp...
UBUNTU-CVE-2020-11868
ntpd in ntp before 4.2.8p14 and 4.3.x before 4.3.100 allows an off-path attacker to block unauthenticated synchronization via a server mode packet with a spoofed source IP address, because transmissions are rescheduled even when a packet lacks a valid origin timestamp...
CVE-2020-11868
ntpd in ntp before 4.2.8p14 and 4.3.x before 4.3.100 allows an off-path attacker to block unauthenticated synchronization via a server mode packet with a spoofed source IP address, because transmissions are rescheduled even when a packet lacks a valid origin timestamp...
CVE-2020-11868
ntpd in ntp before 4.2.8p14 and 4.3.x before 4.3.100 allows an off-path attacker to block unauthenticated synchronization via a server mode packet with a spoofed source IP address, because transmissions are rescheduled even when a packet lacks a valid origin timestamp...
CVE-2020-11868
ntpd in ntp before 4.2.8p14 and 4.3.x before 4.3.100 allows an off-path attacker to block unauthenticated synchronization via a server mode packet with a spoofed source IP address, because transmissions are rescheduled even when a packet lacks a valid origin timestamp...
CVE-2020-11868
NTOP vulnerability CVE-2020-11868 affects ntp in ntp (before 4.2.8p14 and 4.3.x before 4.3.100). An off-path attacker can block unauthenticated synchronization by sending a server-mode packet with a spoofed source IP, because transmissions can be rescheduled even when the origin timestamp is inva...
CVE-2020-11868
ntpd in ntp before 4.2.8p14 and 4.3.x before 4.3.100 allows an off-path attacker to block unauthenticated synchronization via a server mode packet with a spoofed source IP address, because transmissions are rescheduled even when a packet lacks a valid origin timestamp...
The vulnerability of the ~/.apport-ignore.xml file, which is part of the apport error reporting service, allows a hacker to read arbitrary files.
The vulnerability of the /.apport-ignore.xml file of the apport error reporting service arises due to synchronization errors when using a shared resource. Exploiting this vulnerability allows an attacker to read arbitrary files...
Low: Red Hat Security Advisory: ntp security update
An update for ntp is now available for Red Hat Enterprise Linux 7.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
Kernel: KVM: export MSR_IA32_TSX_CTRL to guest - incomplete fix for TAA (CVE-2019-11135)
A flaw was found in the fix for CVE-2019-11135, the way Intel CPUs handle speculative execution of instructions when a TSX Asynchronous Abort TAA error occurs. When a guest is running on a host CPU affected by the TAA flaw TAANO=0, but is not affected by the MDS issue MDSNO=1, the guest was to...
The vulnerability of Xen hypervisors arises from the simultaneous execution using a shared resource with incorrect synchronization. This allows attackers to gain access to confidential data, compromise its integrity, and cause service failures.
The vulnerability of Xen hypervisors is related to an error in the restart operations for volume change operations. Exploiting this vulnerability can allow a remote attacker to gain access to confidential data, compromise its integrity, and cause service failures...
The vulnerability of Xen hypervisors arises from synchronization errors when using shared resources, allowing a malicious actor to cause service failures or increase their privileges.
The vulnerability of Xen hypervisors arises due to synchronization errors when using a shared resource. Exploiting this vulnerability can allow an attacker to cause service failures or increase their privileges by adding a device with persistent communication capabilities...
Issues that are fixed in System Center 2012 R2 Operations Manager Update Rollup 1
Issues that are fixed in System Center 2012 R2 Operations Manager Update Rollup 1 Introduction This article describes the issues that are fixed in Update Rollup 1 for Microsoft System Center 2012 R2 Operations Manager. Additionally, this article contains the installation instructions for Update...
Update Rollup 4 for System Center 2012 R2 Operations Manager
Update Rollup 4 for System Center 2012 R2 Operations Manager This article describes the issues that are fixed in Update Rollup 4 for Microsoft System Center 2012 R2 Operations Manager. Additionally, this article contains the installation instructions for Update Rollup 4 for System Center 2012 R2...
Update Rollup 3 for System Center 2012 R2 Operations Manager
Update Rollup 3 for System Center 2012 R2 Operations Manager Introduction This article describes the issues that are fixed in Update Rollup 3 for Microsoft System Center 2012 R2 Operations Manager. Additionally, this article contains the installation instructions for Update Rollup 3 for System...
The vulnerability of the apport operating system’s error registration service, related to synchronization errors when using a shared resource, allows a malicious actor to create a publicly accessible report of the software bug for privileged processes.
The vulnerability of the apport operating system’s error registration service is related to synchronization errors when using a shared resource. Exploiting this vulnerability can allow an attacker to create a publicly accessible report of the software bug for privileged processes...
The vulnerability of Broadcom’s Wi-Fi chip drivers allows intruders to gain unauthorized access to protected information.
The vulnerability of Broadcom’s Wi-Fi chip drivers is related to synchronization errors when using a shared resource. Exploiting this vulnerability can allow an attacker operating remotely to gain unauthorized access to protected information...
Unspecified Vulnerability in LINBIT csync2
LINBIT csync2 is a cluster synchronization tool from the Austrian company LINBIT, which is mainly used to keep files on multiple hosts in a cluster synchronized. A security vulnerability exists in the ''csyncdaemonsession''function in the daemon.c file in LINBIT csync2 2.0 and earlier versions,...