7 matches found
SuSE 11.3 Security Update : ntp (SAT Patch Number 10293)
ntp has been updated to fix four security issues : - ntp-keygen used a weak RNG seed, which made it easier for remote attackers to defeat cryptographic protection mechanisms via a brute-force attack. bsc910764. CVE-2014-9294 - The configauth function, when an auth key is not configured, improperl...
CVE-2014-9293
The configauth function in ntpd in NTP before 4.2.7p11, when an auth key is not configured, improperly generates a key, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via a brute-force attack...
Design/Logic Flaw
The configauth function in ntpd in NTP before 4.2.7p11, when an auth key is not configured, improperly generates a key, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via a brute-force attack...
DEBIAN-CVE-2014-9293
The configauth function in ntpd in NTP before 4.2.7p11, when an auth key is not configured, improperly generates a key, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via a brute-force attack...
CVE-2014-9293
CVE-2014-9293 affects ntpd and is triggered when no authentication key is configured; ntpd may generate a cryptographically weak default key, enabling remote attackers to bypass cryptographic protections via brute-force. The IBM AIX advisory confirms weak default key handling for NTPv3/v4 and lis...
CVE-2014-9293
The configauth function in ntpd in NTP before 4.2.7p11, when an auth key is not configured, improperly generates a key, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via a brute-force attack...
CVE-2014-9293
The configauth function in ntpd in NTP before 4.2.7p11, when an auth key is not configured, improperly generates a key, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via a brute-force attack...