Lucene search
K

29 matches found

Tenable Nessus
Tenable Nessus
added 2023/11/15 12:0 a.m.27 views

Rockwell Automation Stratix NTP Authentication bypass (CVE-2015-1798)

A vulnerability in the message authentication code MAC validation routine of ntpd could allow an unauthenticated, remote attacker to bypass the NTP authentication feature. The vulnerability is due to incorrect validation of the MAC field. An attacker could exploit this vulnerability by sending...

1.8CVSS6.7AI score0.02219EPSS
Exploits0References4
OpenVAS
OpenVAS
added 2023/03/08 12:0 a.m.29 views

Debian: Security Advisory (DLA-192-1)

The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.7AI score0.05292EPSS
Exploits0References3
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.20 views

SUSE: Security Advisory (SUSE-SU-2016:2094-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.1AI score0.81762EPSS
Exploits20References2
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/18 1:30 a.m.23 views

Security Bulletin: Multiple vulnerabilities in Network Time Protocol (NTP) affect PowerKVM

Summary PowerKVM is affected by several vulnerabilities in Network Time Protocol NTP. These vulnerabilities are now fixed. Vulnerability Details CVEID: CVE-2014-9297 DESCRIPTION: Network Time Protocol NTP Project NTP daemon ntpd could allow a remote attacker to conduct spoofing attacks, caused by...

7.5CVSS0.8AI score0.06255EPSS
Exploits2Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/16 9:38 p.m.50 views

Security Bulletin: IBM Security Access Manager for Web is affected by multiple NTP vulnerabilities

Summary The Network Time Protocol NTP is used to synchronize a computer's time with another referenced time source. IBM Security Access Manager for Web uses NTP and is affected by multiple NTP vulnerabilities. Vulnerability Details CVEID: CVE-2014-9297 DESCRIPTION: Network Time Protocol NTP Proje...

7.5CVSS0.9AI score0.05292EPSS
Exploits0Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/16 9:30 p.m.63 views

Security Bulletin: Vulnerabilities in NTP affect IBM Security Network Protection (CVE-2015-1798, CVE-2015-1799, and CVE-2015-3405)

Summary Security vulnerabilities have been discovered in NTP used with IBM Security Network Protection. Vulnerability Details CVEID: CVE-2015-1798 DESCRIPTION: Network Time Protocol NTP Project NTP daemon ntpd could allow a remote attacker to bypass security restrictions, caused by the acceptance...

7.5CVSS0.5AI score0.05292EPSS
Exploits0Affected Software1
OpenVAS
OpenVAS
added 2016/05/10 12:0 a.m.44 views

Multiple Vulnerabilities in ntpd (April 2015) Affecting Cisco Products (cisco-sa-20150408-ntpd)

Multiple Cisco products incorporate a version of the ntpd package. Versions of this package are affected by one or more vulnerabilities that could allow an unauthenticated, remote attacker to bypass authentication controls or to create a denial of service DoS condition. On April 7, 2015, NTP.org...

4.3CVSS7.2AI score0.02219EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2015/12/02 12:0 a.m.51 views

CentOS 7 : ntp (CESA-2015:2231)

Updated ntp packages that fix multiple security issues, several bugs, and add various enhancements are now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give...

7.5CVSS6.7AI score0.06135EPSS
Exploits0References9
OpenVAS
OpenVAS
added 2015/11/24 12:0 a.m.37 views

Oracle: Security Advisory (ELSA-2015-2231)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.3AI score0.1095EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2015/11/20 12:0 a.m.59 views

RHEL 7 : ntp (RHSA-2015:2231)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2015:2231 advisory. The Network Time Protocol NTP is used to synchronize a computer's time with another referenced time source. These packages include the ntpd...

7.5CVSS6.9AI score0.06135EPSS
Exploits0References20
OpenVAS
OpenVAS
added 2015/11/20 12:0 a.m.31 views

RedHat Update for ntp RHSA-2015:2231-04

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.8AI score0.06135EPSS
Exploits0References2
OpenVAS
OpenVAS
added 2015/09/08 12:0 a.m.27 views

Amazon Linux: Security Advisory (ALAS-2015-520)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

4.3CVSS6.9AI score0.02219EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2015/07/28 12:0 a.m.52 views

CentOS 6 : ntp (CESA-2015:1459)

Updated ntp packages that fix multiple security issues, several bugs, and add two enhancements are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give...

7.5CVSS6.8AI score0.06135EPSS
Exploits0References9
Tenable Nessus
Tenable Nessus
added 2015/07/23 12:0 a.m.57 views

RHEL 6 : ntp (RHSA-2015:1459)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2015:1459 advisory. The Network Time Protocol NTP is used to synchronize a computer's time with another referenced time source. It was found that because NTP's...

7.5CVSS7AI score0.06135EPSS
Exploits0References23
OpenVAS
OpenVAS
added 2015/07/07 12:0 a.m.39 views

Fedora Update for ntp FEDORA-2015-5761

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

4.3CVSS6.8AI score0.02219EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2015/05/07 12:0 a.m.40 views

Amazon Linux AMI : ntp (ALAS-2015-520)

The symmetric-key feature in the receive function in ntpproto.c in ntpd in NTP 4.x before 4.2.8p2 requires a correct MAC only if the MAC field has a nonzero length, which makes it easier for man-in-the-middle attackers to spoof packets by omitting the MAC. CVE-2015-1798 The symmetric-key feature ...

4.3CVSS6.2AI score0.02219EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2015/04/29 12:0 a.m.37 views

Fedora 21 : ntp-4.2.6p5-30.fc21 (2015-5830)

Security fix for CVE-2015-1799, CVE-2015-1798, 1210324 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatically clean and format it as much as possible without introducing additional issues...

7.5CVSS6.3AI score0.05292EPSS
Exploits0References7
OpenVAS
OpenVAS
added 2015/04/29 12:0 a.m.241 views

Fedora Update for ntp FEDORA-2015-5830

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS6.9AI score0.7809EPSS
Exploits4References2
Tenable Nessus
Tenable Nessus
added 2015/04/28 12:0 a.m.61 views

openSUSE Security Update : ntp (openSUSE-2015-330)

NTP was updated to fix two security vulnerabilities : - ntpd could accept unauthenticated packets with symmetric key crypto. CVE-2015-1798 - ntpd authentication did not protect symmetric associations against DoS attacks CVE-2015-1799 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The...

4.3CVSS6.3AI score0.02219EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2015/04/24 12:0 a.m.43 views

F5 Networks BIG-IP : NTP vulnerability (K16505)

The symmetric-key feature in the receive function in ntpproto.c in ntpd in NTP 4.x before 4.2.8p2 requires a correct MAC only if the MAC field has a nonzero length, which makes it easier for man-in-the-middle attackers to spoof packets by omitting the MAC. CVE-2015-1798 C Tenable Network Security...

1.8CVSS6.3AI score0.02219EPSS
Exploits0References2
Rows per page
Query Builder