Lucene search
K

34 matches found

Tenable Nessus
Tenable Nessus
added 2023/11/15 12:0 a.m.24 views

Rockwell Automation Stratix Denial of Service CRYPTO_ASSOC Memory Leak (CVE-2015-7701)

Multiple Cisco products incorporate a version of the ntpd package. Versions of this package are affected by one or more vulnerabilities that could allow an unauthenticated, remote attacker to create a denial of service DoS condition or modify the time being advertised by a device acting as a...

7.5CVSS7.2AI score0.06519EPSS
Exploits0References4
F5 Networks
F5 Networks
added 2023/02/21 8:0 p.m.38 views

K17517: NTP vulnerability CVE-2015-7701

Security Advisory Description Memory leak in the CRYPTOASSOC function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service memory consumption. CVE-2015-7701 Impact An attacker could send packets tontpd that may, after several days of...

7.5CVSS7.8AI score0.06519EPSS
Exploits0Affected Software22
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.20 views

SUSE: Security Advisory (SUSE-SU-2016:2094-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.1AI score0.81762EPSS
Exploits20References2
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/16 9:45 p.m.55 views

Security Bulletin: IBM Security Access Manager for Mobile is affected by vulnerabilities in NTP

Summary The Network Time Protocol NTP is used to synchronize a computer's time with another referenced time source. These packages include the ntpd service which continuously adjusts system time and utilities used to query and configure the ntpd service. IBM Security Access Manager for Mobile is...

7.5CVSS1.1AI score0.15081EPSS
Exploits6Affected Software1
IBM Security Bulletins
IBM Security Bulletins
added 2018/06/16 9:45 p.m.55 views

Security Bulletin: Multiple Security Vulnerabilities fixed in IBM Security Privileged Identity Manager

Summary There were multiple security vulnerabilities fixed in the IBM Security Privileged Identity Manager Product Vulnerability Details CVEID: CVE-2016-2996 DESCRIPTION: IBM Security Privileged Identity Manager Virtual Appliance could allow an authenticated user to append lines to any file on th...

8.2CVSS0.9AI score0.25737EPSS
Exploits8Affected Software1
Tenable Nessus
Tenable Nessus
added 2017/08/09 12:0 a.m.65 views

AIX NTP v4 Advisory : ntp_advisory4.asc (IV79954) (IV79954)

The remote AIX host has a version of Network Time Protocol NTP installed that is affected by the following vulnerabilities : - A divide-by-zero error exists in file include/ntp.h when handling LOGTOD and ULOGTOD macros in a crafted NTP packet. An unauthenticated, remote attacker can exploit this,...

9.8CVSS6.3AI score0.31068EPSS
Exploits4References9
Tenable Nessus
Tenable Nessus
added 2017/08/09 12:0 a.m.66 views

AIX NTP v3 Advisory : ntp_advisory4.asc (IV79942) (IV79943) (IV79944) (IV79945) (IV79946)

The remote AIX host has a version of Network Time Protocol NTP installed that is affected by the following vulnerabilities : - A divide-by-zero error exists in file include/ntp.h when handling LOGTOD and ULOGTOD macros in a crafted NTP packet. An unauthenticated, remote attacker can exploit this,...

9.8CVSS6.3AI score0.31068EPSS
Exploits4References9
CVE
CVE
added 2017/08/07 8:0 p.m.196 views

CVE-2015-7701

CVE-2015-7701 involves a memory leak in ntpd’s CRYPTO_ASSOC when autokey is enabled. Affected: ntpd in NTP 4.2.x before 4.2.8p4 and 4.3.x before 4.3.77. Impact: potential denial of service due to memory exhaustion. Remediation: upgrade to fixed ntp releases (e.g., 4.2.8p4+ or 4.3.77+); or disable...

7.5CVSS8.2AI score0.06519EPSS
Exploits0References10Affected Software1
Cvelist
Cvelist
added 2017/08/07 8:0 p.m.24 views

CVE-2015-7701

Memory leak in the CRYPTOASSOC function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service memory consumption...

8.3AI score0.06519EPSS
Exploits0References10
Tenable Nessus
Tenable Nessus
added 2016/12/15 12:0 a.m.62 views

Scientific Linux Security Update : ntp on SL7.x x86_64 (20161103)

Security Fixes : - It was found that the fix for CVE-2014-9750 was incomplete: three issues were found in the value length checks in NTP's ntpcrypto.c, where a packet with particular autokey operations that contained malicious data was not always being completely validated. A remote attacker coul...

7.7CVSS7.3AI score0.12282EPSS
Exploits1References18
Oracle linux
Oracle linux
added 2016/11/09 12:0 a.m.64 views

ntp security and bug fix update

4.2.6p5-25.0.1 - add disable monitor to default ntp.conf CVE-2013-5211 4.2.6p5-25 - don't allow spoofed packet to enable symmetric interleaved mode CVE-2016-1548 - check mode of new source in config command CVE-2016-2518 - make MAC check resilient against timing attack CVE-2016-1550 4.2.6p5-24 -...

7.7CVSS1.7AI score0.97549EPSS
Exploits31
Tenable Nessus
Tenable Nessus
added 2016/06/09 12:0 a.m.47 views

Scientific Linux Security Update : ntp on SL6.x i386/x86_64 (20160510)

Security Fixes : - It was found that the fix for CVE-2014-9750 was incomplete: three issues were found in the value length checks in NTP's ntpcrypto.c, where a packet with particular autokey operations that contained malicious data was not always being completely validated. A remote attacker coul...

7.5CVSS7.3AI score0.12282EPSS
Exploits0References14
Tenable Nessus
Tenable Nessus
added 2016/05/25 12:0 a.m.26 views

F5 Networks BIG-IP : NTP vulnerability (K17517)

Memory leak in the CRYPTOASSOC function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service memory consumption. CVE-2015-7701 Impact An attacker could send packets to ntpd that may, after several days of ongoing attack, cause it to run...

7.5CVSS7.5AI score0.06519EPSS
Exploits0References3
Tenable Nessus
Tenable Nessus
added 2016/05/19 12:0 a.m.45 views

SUSE SLES11 Security Update : ntp (SUSE-SU-2016:1311-1)

This network time protocol server ntp was updated to 4.2.8p6 to fix the following issues : Also yast2-ntp-client was updated to match some sntp syntax changes. bsc937837 Major functional changes : - The 'sntp' commandline tool changed its option handling in a major way. - 'controlkey 1' is added...

9.8CVSS6.9AI score0.81762EPSS
Exploits13References98
Tenable Nessus
Tenable Nessus
added 2016/05/17 12:0 a.m.51 views

CentOS 6 : ntp (CESA-2016:0780)

An update for ntp is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CV...

7.5CVSS7.2AI score0.12282EPSS
Exploits0References13
Cent OS
Cent OS
added 2016/05/16 10:19 a.m.89 views

ntp, ntpdate security update

CentOS Errata and Security Advisory CESA-2016:0780 An update for ntp is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity...

7.5CVSS7.2AI score0.12282EPSS
Exploits0References7
Tenable Nessus
Tenable Nessus
added 2016/05/16 12:0 a.m.51 views

Oracle Linux 6 : ntp (ELSA-2016-0780)

The remote Oracle Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2016-0780 advisory. - don't accept server/peer packets with zero origin timestamp CVE-2015-8138 - fix crash with reslist command CVE-2015-7977, CVE-2015-7978 - fix crash...

7.5CVSS6.7AI score0.12282EPSS
Exploits2References12
Tenable Nessus
Tenable Nessus
added 2016/05/12 12:0 a.m.49 views

RHEL 6 : ntp (RHSA-2016:0780)

The remote Redhat Enterprise Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the RHSA-2016:0780 advisory. The Network Time Protocol NTP is used to synchronize a computer's time with another referenced time source. These packages include the ntpd...

7.5CVSS7.4AI score0.12282EPSS
Exploits0References26
OpenVAS
OpenVAS
added 2016/05/11 12:0 a.m.60 views

RedHat Update for ntp RHSA-2016:0780-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

7.5CVSS7.3AI score0.12282EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2016/05/10 6:35 p.m.94 views

Moderate: Red Hat Security Advisory: ntp security and bug fix update

An update for ntp is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CV...

7.5CVSS7.2AI score0.12282EPSS
Exploits0References13
Rows per page
Query Builder