NTP: Multiple vulnerabilities

Background NTP is a protocol designed to synchronize the clocks of computers over a network. The net-misc/ntp package contains the official reference implementation by the NTP Project. Description Multiple vulnerabilities have been discovered in NTP. Please review the CVE identifiers referenced...

[SECURITY] Fedora 21 Update: ntp-4.2.6p5-25.fc21

The Network Time Protocol NTP is used to synchronize a computer's time with another reference time source. This package includes ntpd a daemon which continuously adjusts system time and utilities used to query and configure the ntpd daemon. Perl scripts ntp-wait and ntptrace are in the ntp-perl...

[SECURITY] Fedora 20 Update: ntp-4.2.6p5-19.fc20

The Network Time Protocol NTP is used to synchronize a computer's time with another reference time source. This package includes ntpd a daemon which continuously adjusts system time and utilities used to query and configure the ntpd daemon. Perl scripts ntp-wait and ntptrace are in the ntp-perl...

RHEL 5 : ntp (RHSA-2014:2025)

Updated ntp packages that fix several security issues are now available for Red Hat Enterprise Linux 5. Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available...

ntp: Multiple buffer overflows via specially-crafted packets

Multiple buffer overflow flaws were discovered in ntpd's cryptorecv, ctlputdata, and configure functions. A remote attacker could use either of these flaws to send a specially crafted request packet that could crash ntpd or, potentially, execute arbitrary code with the privileges of the ntp user...

[SECURITY] Fedora 19 Update: lsyncd-2.1.4-4.fc19.1

Lsyncd watches a local directory trees event monitor interface inotify. It aggregates and combines events for a few seconds and then spawns one or more processes to synchronize the changes. By default this is rsync. Lsyncd is thus a light-weight live mirror solution that is comparatively easy to...

SUSE-SU-2015:0259-1 Recommended update for ntp

This update for ntp provides the following fixes: Respect NTPDFORCESYNCONSTARTUP also for dynamic peers. bnc887957 Fix orphan mode. bnc883859...

Apple Rolls Out iOS 8 with Bucket of Security Fixes

Apple has finally released iOS 8, the latest version of its operating system, for free to iPhone, iPad and iPod touch users. The company has assured that the latest iOS 8 update is a significant step away up from iOS 7. You can grab the new update through an over-the-air update accessible by goin...

UBUNTU-CVE-2014-3176

Google Chrome before 37.0.2062.94 does not properly handle the interaction of extensions, IPC, the sync API, and Google V8, which allows remote attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-3177...

UBUNTU-CVE-2014-3177

Google Chrome before 37.0.2062.94 does not properly handle the interaction of extensions, IPC, the sync API, and Google V8, which allows remote attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2014-3176...

[SECURITY] Fedora 20 Update: sks-1.1.5-2.fc20

SKS is a OpenPGP keyserver whose goal is to provide easy to deploy, decentralized, and highly reliable synchronization...

[SECURITY] Fedora 19 Update: sks-1.1.5-2.fc19

SKS is a OpenPGP keyserver whose goal is to provide easy to deploy, decentralized, and highly reliable synchronization...

CVE-2014-3309

The NTP implementation in Cisco IOS and IOS XE does not properly support use of the access-group command for a "deny all" configuration, which allows remote attackers to bypass intended restrictions on time synchronization via a standard query, aka Bug ID CSCuj66318...

Use after free

The NTP implementation in Cisco IOS and IOS XE does not properly support use of the access-group command for a "deny all" configuration, which allows remote attackers to bypass intended restrictions on time synchronization via a standard query, aka Bug ID CSCuj66318...

CVE-2014-3309

The NTP implementation in Cisco IOS and IOS XE does not properly support use of the access-group command for a "deny all" configuration, which allows remote attackers to bypass intended restrictions on time synchronization via a standard query, aka Bug ID CSCuj66318...

CVE-2014-3309

Summary of CVE-2014-3309 (Cisco) : The NTP implementation in Cisco IOS and IOS XE is vulnerable due to improper handling of the ntp access-group command in a deny-all configuration, potentially allowing a remote attacker to bypass NTP access restrictions and query the NTP server configured to den...

Linux Kernel 2.6.29 - ptrace_attach() Local Root Race Condition Exploit

No description provided by source. / GNU/Linux kernel 2.6.29 ptraceattach local root race condition exploit. ========================================================================== This is a local root exploit for the 2.6.29 ptraceattach race condition that allows a process to gain elevated...

[SECURITY] Fedora 20 Update: nspr-4.10.6-1.fc20

NSPR provides platform independence for non-GUI operating system facilities. These facilities include threads, thread synchronization, normal file and network I/O, interval timing and calendar time, basic memory management malloc and free and shared library linking...

SAP Sybase SQL Anywhere OpenSSL TLS心跳信息泄漏漏洞

CVE ID:CVE-2014-0160 SAP Sybase SQL Anywhere是一套全面的解决方案,它提供了数据管理、同步和数据交换技术,可快速在远程和移动环境中开发并配置数据库驱动的应用程序。 SAP Sybase SQL Anywhere所绑定的OpenSSL存在安全漏洞，OpenSSL处理TLS”心跳“扩展存在一个边界错误，允许攻击者利用漏洞获取64k大小的已链接客户端或服务器的内存内容。内存信息可包括私钥，用户名密码等。 0 SAP Sybase SQL Anywhere 12.x SAP Sybase SQL Anywhere 16.x SAP Sybase SQL...

Ubuntu Update for linux-ti-omap4 USN-2134-1

Check for the Version of linux-ti-omap4 OpenVAS Vulnerability Test $Id: gbubuntuUSN21341.nasl 7957 2017-12-01 06:40:08Z santu $ Ubuntu Update for linux-ti-omap4 USN-2134-1 Authors: System Generated Check Copyright: Copyright C 2014 Greenbone Networks GmbH, http://www.greenbone.net This program is...