38 matches found
EUVD-2018-18926
Malware in sbrugna...
Rockwell Automation Stratix Denial of Service by Spoofed Kiss-o'-Death (CVE-2015-7704)
Multiple Cisco products incorporate a version of the ntpd package. Versions of this package are affected by one or more vulnerabilities that could allow an unauthenticated, remote attacker to create a denial of service DoS condition or modify the time being advertised by a device acting as a...
SUSE: Security Advisory (SUSE-SU-2016:2094-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2016:1278-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
NTP Kiss-o-Death Packet Denial of Service - Ver2 (CVE-2015-7704)
A denial-of-service vulnerability exists in NTP Patch. Successful exploitation of this vulnerability could allow an attacker to create a denial of service condition on the affected system...
Security Bulletin: IBM Security Access Manager for Web is affected by NTP vulnerabilities (CVE-2015-5300, CVE-2015-7704, CVE-2015-8138)
Summary The Network Time Protocol NTP is used to synchronize a computer's time with a referenced time source. Vulnerabilities that have been identified in NTP affect IBM Security Access Manager for Web. Vulnerability Details CVEID: CVE-2015-5300 DESCRIPTION: Network Time Protocol NTP could allow ...
Security Bulletin: IBM Security Access Manager for Mobile is affected by NTP vulnerabilities (CVE-2015-5300, CVE-2015-7704, CVE-2015-8138)
Summary The Network Time Protocol NTP is used to synchronize a computer's time with a referenced time source. Vulnerabilities that have been identified in NTP affect IBM Security Access Manager for Mobile. Vulnerability Details CVEID: CVE-2015-5300 DESCRIPTION: Network Time Protocol NTP could all...
Security Bulletin: Vulnerabilities in Network Time Protocol (NTP) affect IBM Security Identity Governance Appliance (CVE-2015-5300 CVE-2015-7704 CVE-2015-8138 )
Summary Vulnerabilities in Network Time Protocol NTP that is used by IBM Security Identity Governance Vulnerability Details CVEID: CVE-2015-5300 DESCRIPTION: Network Time Protocol NTP could allow a remote attacker to bypass security restrictions, caused by the failure to correctly implement the...
Security Bulletin: Vulnerabilities in NTP affect IBM Security Network Protection (CVE-2015-5300, CVE-2015-7704, and CVE-2015-8138)
Summary Security vulnerabilities have been discovered in NTP used with IBM Security Network Protection. Vulnerability Details CVEID: CVE-2015-5300 DESCRIPTION: Network Time Protocol NTP could allow a remote attacker to bypass security restrictions, caused by the failure to correctly implement the...
CVE-2015-7704
CVE-2015-7704 describes a denial-of-service in ntpd caused by handling of Kiss-of-Death (KoD) messages. The issue arises from KoD processing that could delay or stop querying time sources. Affected software: ntpd in NTP 4.x prior to 4.2.8p4 and 4.3.x prior to 4.3.77. Impact: unauthenticated remot...
Citrix XenServer Multiple Security Updates (CTX220112)
Several security issues have been identified within Citrix XenServer. SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE =...
openSUSE: Security Advisory for ntp (openSUSE-SU-2016:1329-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLES11 Security Update : ntp (SUSE-SU-2016:1311-1)
This network time protocol server ntp was updated to 4.2.8p6 to fix the following issues : Also yast2-ntp-client was updated to match some sntp syntax changes. bsc937837 Major functional changes : - The 'sntp' commandline tool changed its option handling in a major way. - 'controlkey 1' is added...
SUSE SLED12 / SLES12 Security Update : ntp (SUSE-SU-2016:1291-1)
This update for ntp to 4.2.8p7 fixes the following issues : - CVE-2016-1547, bsc977459: Validate crypto-NAKs, AKA: CRYPTO-NAK DoS. - CVE-2016-1548, bsc977461: Interleave-pivot - CVE-2016-1549, bsc977451: Sybil vulnerability: ephemeral association attack. - CVE-2016-1550, bsc977464: Improve NTP...
Oracle Linux 6 : ntp (ELSA-2016-0780)
The remote Oracle Linux 6 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2016-0780 advisory. - don't accept server/peer packets with zero origin timestamp CVE-2015-8138 - fix crash with reslist command CVE-2015-7977, CVE-2015-7978 - fix crash...
SUSE SLED12 / SLES12 Security Update : ntp (SUSE-SU-2016:1247-1)
ntp was updated to version 4.2.8p6 to fix 28 security issues. Major functional changes : - The 'sntp' commandline tool changed its option handling in a major way, some options have been renamed or dropped. - 'controlkey 1' is added during update to ntp.conf to allow sntp to work. - The local cloc...
ntp -- multiple vulnerabilities
Network Time Foundation reports: NTF's NTP Project has been notified of the following low- and medium-severity vulnerabilities that are fixed in ntp-4.2.8p7, released on Tuesday, 26 April 2016: Bug 3020 / CVE-2016-1551: Refclock impersonation vulnerability, AKA: refclock-peering. Reported by Matt...
Fedora 21 : ntp (2015-77bfbc1bcd)
The remote Fedora 21 host has a package installed that is affected by multiple vulnerabilities as referenced in the FEDORA-2015-77bfbc1bcd advisory. Security fix for CVE-2015-7704, CVE-2015-5300, CVE-2015-7692, CVE-2015-7871, CVE-2015-7702, CVE-2015-7691, CVE-2015-7852, CVE-2015-7701 ---- Securit...
Fedora 23 : ntp-4.2.6p5-34.fc23 (2015-f5f5ec7b6b)
Security fix for CVE-2015-7704, CVE-2015-5300, CVE-2015-7692, CVE-2015-7871, CVE-2015-7702, CVE-2015-7691, CVE-2015-7852, CVE-2015-7701 Note that Tenable Network Security has extracted the preceding description block directly from the Fedora security advisory. Tenable has attempted to automatical...
Fedora 22 : ntp-4.2.6p5-36.fc22 (2016-34bc10a2c8)
Security fix for CVE-2015-7974, CVE-2015-8138, CVE-2015-7977, CVE-2015-7978, CVE-2015-7979, CVE-2015-8158 ---- Security fix for CVE-2015-7704, CVE-2015-5300, CVE-2015-7692, CVE-2015-7871, CVE-2015-7702, CVE-2015-7691, CVE-2015-7852, CVE-2015-7701 Note that Tenable Network Security has extracted t...