Lucene search
K

7 matches found

Tenable Nessus
Tenable Nessus
added 2025/03/04 12:0 a.m.8 views

Linux Distros Unpatched Vulnerability : CVE-2014-0021

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Chrony before 1.29.1 has traffic amplification in cmdmon protocol CVE-2014-0021 Note that Nessus relies on the presence of the package as reported by the vendor...

7.5CVSS7.4AI score0.03801EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2020/05/27 12:0 a.m.25 views

NewStart CGSL CORE 5.04 / MAIN 5.04 : chrony Multiple Vulnerabilities (NS-SA-2020-0027)

The remote NewStart CGSL host, running version CORE 5.04 / MAIN 5.04, has chrony packages installed that are affected by multiple vulnerabilities: - Multiple integer overflows in pktlength.c in Chrony before 1.29 allow remote attackers to cause a denial of service crash via a crafted 1...

7.5CVSS7.8AI score0.03801EPSS
Exploits0References4
CVE
CVE
added 2019/11/15 2:35 p.m.84 views

CVE-2014-0021

Chrony before 1.29.1 is vulnerable to a traffic amplification issue in the cmdmon protocol (CVE-2014-0021). The flaw allows an attacker to exploit chronyd over the network, potentially abusing the protocol’s cmdmon handling. Public records across OSV and Nessus references affirm this CVE affectin...

7.5CVSS7.3AI score0.03801EPSS
Exploits0References11Affected Software1
OpenVAS
OpenVAS
added 2015/04/25 12:0 a.m.20 views

Fedora Update for chrony FEDORA-2015-5809

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.8AI score0.03801EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2014/02/20 12:0 a.m.29 views

Fedora 19 : chrony-1.29.1-1.fc19 (2014-1916)

This update fixes the following security vulnerability : - Modify chronyc protocol to prevent amplification attacks CVE-2014-0021 incompatible with previous protocol version, chronyc supports both Note that Tenable Network Security has extracted the preceding description block directly from the...

7.5CVSS7.4AI score0.03801EPSS
Exploits0References3
OSV
OSV
added 2014/02/11 10:13 p.m.9 views

MGASA-2014-0052 Updated chrony package fixes security vulnerability

Updated chrony package fixes security vulnerability: In the chrony control protocol some replies are significantly larger than their requests, which allows an attacker to use it in an amplification attack CVE-2014-0021. Note: in the default configuration, cmdallow is restricted to localhost, so...

7.5CVSS7.5AI score0.03801EPSS
Exploits0References3
Mageia
Mageia
added 2014/02/11 10:13 p.m.38 views

Updated chrony package fixes security vulnerability

Updated chrony package fixes security vulnerability: In the chrony control protocol some replies are significantly larger than their requests, which allows an attacker to use it in an amplification attack CVE-2014-0021. Note: in the default configuration, cmdallow is restricted to localhost, so...

7.5CVSS7.6AI score0.03801EPSS
Exploits0References2
Rows per page
Query Builder