27 matches found
EUVD-2015-7603
Malware in sbrugna...
Linux Distros Unpatched Vulnerability : CVE-2014-9297
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2014-9750, CVE-2014-9751. Reason: this ID was intended for one issue, but was associated with...
Security Bulletin: Vulnerabilities in NTP affect IBM Flex System FC3171 8Gb SAN Switch & SAN Pass-thru Firmware, QLogic 8Gb Intelligent Pass-thru Module & SAN Switch Module and QLogic Virtual Fabric Extension Module for IBM BladeCenter
Summary The switch firmware deliverables listed below have addressed the applicable NTP CVEs. Vulnerability Details Summary The switch firmware deliverables listed below have addressed the applicable NTP CVEs. Vulnerability Details: CVE-ID: CVE-2014-9750 Description: NTP NTPd could allow a remote...
K16392: NTP vulnerability CVE-2014-9750
Security Advisory Description The vallen packet value is not validated in several code paths in ntpcrypto.c which can lead to information leakage or a possible crash of ntpd. CVE-2014-9750 Note : The original candidate number referenced in this article, CVE-2014-9297, was rejected because it was...
SUSE CVE-2015-7692
The cryptoxmit function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service crash. NOTE: This vulnerability exists due to an incomplete fix for CVE-2014-9750...
Denial Of Service (DoS)
ntp is vulnerable to denial of service. An incomplete fix for CVE-2014-9750 resulted in improper value length checks in ntpcrypto.c. A packet with particular autokey operations that contained malicious data was not always being completely validated. A remote attacker could use a specially crafted...
Denial Of Service (DoS)
ntp is vulnerable to denial of service. The fix for CVE-2014-9750 was incomplete which resulted in incorrect value length checks in ntpcrypto.c. A packet with particular autokey operations that contained malicious data was not always being completely validated. A remote attacker could use a...
Security Bulletin: Multiple vulnerabilities in Network Time Protocol (NTP) affect PowerKVM
Summary PowerKVM is affected by several vulnerabilities in Network Time Protocol NTP. These vulnerabilities are now fixed. Vulnerability Details CVEID: CVE-2014-9297 DESCRIPTION: Network Time Protocol NTP Project NTP daemon ntpd could allow a remote attacker to conduct spoofing attacks, caused by...
Security Bulletin: IBM Pure Power Integrated Manager (PPIM) is affected by vulnerabilities in ntp (CVE-2014-9750, CVE-2014-9751)
Summary Security vulnerabilities have been discovered in ntp embedded in the IBM PPIM. This bulletin addresses these issues. Vulnerability Details CVEID: CVE-2014-9750 DESCRIPTION: NTP NTPd could allow a remote attacker to obtain sensitive information, caused by an error in ntpcrypto.c when Autok...
Code injection
The cryptoxmit function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service crash. NOTE: This vulnerability exists due to an incomplete fix for CVE-2014-9750...
Code injection
The cryptoxmit function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service crash. NOTE: This vulnerability exists due to an incomplete fix for CVE-2014-9750...
Scientific Linux Security Update : ntp on SL7.x x86_64 (20161103)
Security Fixes : - It was found that the fix for CVE-2014-9750 was incomplete: three issues were found in the value length checks in NTP's ntpcrypto.c, where a packet with particular autokey operations that contained malicious data was not always being completely validated. A remote attacker coul...
Moderate: Red Hat Security Advisory: ntp security and bug fix update
An update for ntp is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CV...
Scientific Linux Security Update : ntp on SL6.x i386/x86_64 (20160510)
Security Fixes : - It was found that the fix for CVE-2014-9750 was incomplete: three issues were found in the value length checks in NTP's ntpcrypto.c, where a packet with particular autokey operations that contained malicious data was not always being completely validated. A remote attacker coul...
ntp, ntpdate security update
CentOS Errata and Security Advisory CESA-2016:0780 An update for ntp is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...
CentOS 7 : ntp (CESA-2015:2231)
Updated ntp packages that fix multiple security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give...
Oracle: Security Advisory (ELSA-2015-2231)
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
RedHat Update for ntp RHSA-2015:2231-04
The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Debian DSA-3388-1 : ntp - security update
Several vulnerabilities were discovered in the Network Time Protocol daemon and utility programs : - CVE-2015-5146 A flaw was found in the way ntpd processed certain remote configuration packets. An attacker could use a specially crafted package to cause ntpd to crash if : - ntpd enabled remote...
UBUNTU-CVE-2015-7692
The cryptoxmit function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service crash. NOTE: This vulnerability exists due to an incomplete fix for CVE-2014-9750...