38 matches found
Linux Distros Unpatched Vulnerability : CVE-2015-5219
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The ULOGTOD function in ntp.d in SNTP before 4.2.7p366 does not properly perform type conversions from a precision value to a double, which allows remote...
Security Bulletin: Vulnerability in ntp affects IBM Integrated Management Module II (IMM2) for System x, Flex and BladeCenter systems (CVE-2015-5219)
Summary A vulnerability in ntp affects IBM Integrated Management Module II IMM2 for System x, Flex and BladeCenter systems. Vulnerability Details Summary A vulnerability in ntp affects IBM Integrated Management Module II IMM2 for System x, Flex and BladeCenter systems. Vulnerability Details:...
Debian: Security Advisory (DLA-335-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
K60352002: SNTP vulnerability CVE-2015-5219
Security Advisory Description SNTP processing would enter into an infinite loop when a crafted NTP packet was received. CVE-2015-5219 Impact An attacker may be able to cause a denial-of-service DoS to the system by crafting a special NTP packet. Security Advisory Status F5 Product Development has...
SUSE: Security Advisory (SUSE-SU-2016:3193-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2016:1311-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security Bulletin: IBM Security Access Manager for Mobile is affected by vulnerabilities in NTP
Summary The Network Time Protocol NTP is used to synchronize a computer's time with another referenced time source. These packages include the ntpd service which continuously adjusts system time and utilities used to query and configure the ntpd service. IBM Security Access Manager for Mobile is...
Security Bulletin: Multiple Security Vulnerabilities fixed in IBM Security Privileged Identity Manager
Summary There were multiple security vulnerabilities fixed in the IBM Security Privileged Identity Manager Product Vulnerability Details CVEID: CVE-2016-2996 DESCRIPTION: IBM Security Privileged Identity Manager Virtual Appliance could allow an authenticated user to append lines to any file on th...
AIX NTP v3 Advisory : ntp_advisory4.asc (IV79942) (IV79943) (IV79944) (IV79945) (IV79946)
The remote AIX host has a version of Network Time Protocol NTP installed that is affected by the following vulnerabilities : - A divide-by-zero error exists in file include/ntp.h when handling LOGTOD and ULOGTOD macros in a crafted NTP packet. An unauthenticated, remote attacker can exploit this,...
AIX NTP v4 Advisory : ntp_advisory4.asc (IV79954) (IV79954)
The remote AIX host has a version of Network Time Protocol NTP installed that is affected by the following vulnerabilities : - A divide-by-zero error exists in file include/ntp.h when handling LOGTOD and ULOGTOD macros in a crafted NTP packet. An unauthenticated, remote attacker can exploit this,...
CVE-2015-5219
The ULOGTOD function in ntp.d in SNTP before 4.2.7p366 does not properly perform type conversions from a precision value to a double, which allows remote attackers to cause a denial of service infinite loop via a crafted NTP packet...
CVE-2015-5219
CVE-2015-5219 affects the Network Time Protocol (NTP) SNTP components, specifically the sntp utility, prior to version 4.2.7p366. The root cause is an incorrect type conversion in the ULOGTOD function (precision → double) which can cause a crafted NTP packet to trigger an infinite loop in sntp, l...
SUSE SLES11 Security Update : ntp (SUSE-SU-2017:0255-1)
This update for ntp fixes the following issues: ntp was updated to 4.2.8p9. Security issues fixed : - CVE-2016-9311, CVE-2016-9310, bsc1011377: Mode 6 unauthenticated trap information disclosure and DDoS vector. - CVE-2016-7427, bsc1011390: Broadcast Mode Replay Prevention DoS. - CVE-2016-7428,...
openSUSE Security Update : ntp (openSUSE-2016-1525)
This update for ntp fixes the following issues : ntp was updated to 4.2.8p9. Security issues fixed : - CVE-2016-9311, CVE-2016-9310, bsc1011377: Mode 6 unauthenticated trap information disclosure and DDoS vector. - CVE-2016-7427, bsc1011390: Broadcast Mode Replay Prevention DoS. - CVE-2016-7428,...
SUSE SLED12 / SLES12 Security Update : ntp (SUSE-SU-2016:3195-1)
This update for ntp fixes the following issues: ntp was updated to 4.2.8p9. Security issues fixed : - CVE-2016-9311, CVE-2016-9310, bsc1011377: Mode 6 unauthenticated trap information disclosure and DDoS vector. - CVE-2016-7427, bsc1011390: Broadcast Mode Replay Prevention DoS. - CVE-2016-7428,...
SUSE SLES12 Security Update : ntp (SUSE-SU-2016:3196-1)
This update for ntp fixes the following issues: ntp was updated to 4.2.8p9. Security issues fixed : - CVE-2016-9311, CVE-2016-9310, bsc1011377: Mode 6 unauthenticated trap information disclosure and DDoS vector. - CVE-2016-7427, bsc1011390: Broadcast Mode Replay Prevention DoS. - CVE-2016-7428,...
SUSE SLES11 Security Update : ntp (SUSE-SU-2016:3193-1)
This update for ntp fixes the following issues : - Simplify ntpd's search for its own executable to prevent AppArmor warnings bsc956365. Security issues fixed update to 4.2.8p9 : - CVE-2016-9311, CVE-2016-9310, bsc1011377: Mode 6 unauthenticated trap information disclosure and DDoS vector. -...
Scientific Linux Security Update : ntp on SL7.x x86_64 (20161103)
Security Fixes : - It was found that the fix for CVE-2014-9750 was incomplete: three issues were found in the value length checks in NTP's ntpcrypto.c, where a packet with particular autokey operations that contained malicious data was not always being completely validated. A remote attacker coul...
ntp security and bug fix update
4.2.6p5-25.0.1 - add disable monitor to default ntp.conf CVE-2013-5211 4.2.6p5-25 - don't allow spoofed packet to enable symmetric interleaved mode CVE-2016-1548 - check mode of new source in config command CVE-2016-2518 - make MAC check resilient against timing attack CVE-2016-1550 4.2.6p5-24 -...
Scientific Linux Security Update : ntp on SL6.x i386/x86_64 (20160510)
Security Fixes : - It was found that the fix for CVE-2014-9750 was incomplete: three issues were found in the value length checks in NTP's ntpcrypto.c, where a packet with particular autokey operations that contained malicious data was not always being completely validated. A remote attacker coul...