keycloak: X509 Direct Grant Auth does not verify certificate timestamp validity

A flaw was found in keycloak. An expired certificate would be accepted by the direct-grant authenticator because of missing time stamp validations. The highest threat from this vulnerability is to data confidentiality and integrity...

keycloak: X509 Direct Grant Auth does not verify certificate timestamp validity

A flaw was found in keycloak. An expired certificate would be accepted by the direct-grant authenticator because of missing time stamp validations. The highest threat from this vulnerability is to data confidentiality and integrity...

Should check return data from Chainlink aggregators

Handle shw Vulnerability details Impact The getEtherPrice function in the contract FSDNetwork fetches the ETH price from a Chainlink aggregator using the latestRoundData function. However, there are no checks on roundID nor timeStamp, resulting in stale prices. Proof of Concept Referenced code:...

Red Hat Keycloak Trust Management Issues Vulnerability

Red Hat Keycloak is a suite of software from Red Hat, Inc. that provides authentication and management capabilities for modern applications and services. A trust management issue vulnerability exists in Red Hat Keycloak that does not validate the timestamp validity of certificates...

DEBIAN-CVE-2019-16411

An issue was discovered in Suricata 4.1.4. By sending multiple IPv4 packets that have invalid IPv4Options, the function IPV4OptValidateTimestamp in decode-ipv4.c tries to access a memory region that is not allocated. There is a check for o-len data + 3" places one beyond the 3 bytes, because the...

Security Bulletin: Vulnerabilities in Network Time Protocol (NTP) affect IBM Security Identity Governance Appliance (CVE-2015-5300 CVE-2015-7704 CVE-2015-8138 )

Summary Vulnerabilities in Network Time Protocol NTP that is used by IBM Security Identity Governance Vulnerability Details CVEID: CVE-2015-5300 DESCRIPTION: Network Time Protocol NTP could allow a remote attacker to bypass security restrictions, caused by the failure to correctly implement the...

Denial of Service in timestamp validation function

More info at https://simplesamlphp.org/security/201801-01...

Design/Logic Flaw

NTP before 4.2.8p6 and 4.3.x before 4.3.90 allows remote attackers to bypass the origin timestamp validation via a packet with an origin timestamp set to zero...

[ASA-201611-28] ntp: multiple issues

Arch Linux Security Advisory ASA-201611-28 ========================================== Severity: High Date : 2016-11-26 CVE-ID : CVE-2016-7426 CVE-2016-7427 CVE-2016-7428 CVE-2016-7429 CVE-2016-7431 CVE-2016-7433 CVE-2016-7434 CVE-2016-9310 CVE-2016-9311 Package : ntp Type : multiple issues Remote...

F5 Networks BIG-IP : NTP vulnerability (K71245322)

NTP before 4.2.8p6 and 4.3.x before 4.3.90 allows remote attackers to bypass the origin timestamp validation via a packet with an origin timestamp set to zero. CVE-2015-8138 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from F5 Networks...

Important: Red Hat Security Advisory: ntp security update

Updated ntp packages that fix one security issue are now available for Red Hat Enterprise Linux 6 and 7. Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available...

CVE-2015-8138

NTP before 4.2.8p6 and 4.3.x before 4.3.90 allows remote attackers to bypass the origin timestamp validation via a packet with an origin timestamp set to zero...

Oracle: Security Advisory (ELSA-2015-2231)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

NTP Denial of Service Vulnerability (CNVD-2015-07020)

NTP Network Time Protocol is a network protocol that synchronizes the clocks of two computers by exchanging packets. A security vulnerability exists in NTP versions prior to 4.2.8p4 and 4.3.x prior to 4.3.77. due to the client failing to properly validate the timestamp field in a Kiss-of-Death...

TCP TIMESTAMPS - Denial of Service

TCP TIMESTAMPS - Denial of Service / TCP does not adequately validate segments before updating timestamp value http://www.kb.cert.org/vuls/id/637934 RFC-1323 TCP Extensions for High Performance 4.2.1 defines how the PAWS algorithm should drop packets with invalid timestamp options: R1 If there is...