17 matches found
Linux Distros Unpatched Vulnerability : CVE-2015-7976
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - The ntpq saveconfig command in NTP 4.1.2, 4.2.x before 4.2.8p6, 4.3, 4.3.25, 4.3.70, and 4.3.77 does not properly filter special characters, which allows...
K21230183: NTP vulnerability CVE-2015-7976
Security Advisory Description The ntpq saveconfig command in NTP 4.1.2, 4.2.x before 4.2.8p6, 4.3, 4.3.25, 4.3.70, and 4.3.77 does not properly filter special characters, which allows attackers to cause unspecified impact via a crafted filename. CVE-2015-7976 Impact A remote user who uses the ntp...
SUSE: Security Advisory (SUSE-SU-2016:1175-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2016:2094-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2016:1247-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for ntp (EulerOS-SA-2019-1719)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for ntp (EulerOS-SA-2019-1323)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for ntp (EulerOS-SA-2019-1230)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for ntp (EulerOS-SA-2019-2066)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
DEBIAN-CVE-2015-7976
The ntpq saveconfig command in NTP 4.1.2, 4.2.x before 4.2.8p6, 4.3, 4.3.25, 4.3.70, and 4.3.77 does not properly filter special characters, which allows attackers to cause unspecified impact via a crafted filename...
CVE-2015-7976
CVE-2015-7976 affects the ntpq saveconfig command in the NTP reference implementation (ntpd/ntpq) across multiple 4.x branches (e.g., 4.1.2, 4.2.x prior to 4.2.8p6, and 4.3.x). The underlying flaw is that saveconfig does not properly filter special characters in filenames, enabling an attacker to...
SUSE SLES11 Security Update : ntp (SUSE-SU-2016:1311-1)
This network time protocol server ntp was updated to 4.2.8p6 to fix the following issues : Also yast2-ntp-client was updated to match some sntp syntax changes. bsc937837 Major functional changes : - The 'sntp' commandline tool changed its option handling in a major way. - 'controlkey 1' is added...
openSUSE: Security Advisory for ntp (openSUSE-SU-2016:1292-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security update for ntp (important)
ntp was updated to version 4.2.8p6 to fix 12 security issues. Also yast2-ntp-client was updated to match some sntp syntax changes. bsc937837 These security issues were fixed: - CVE-2015-8158: Fixed potential infinite loop in ntpq bsc962966. - CVE-2015-8138: Zero Origin Timestamp Bypass bsc963002....
SUSE SLED12 / SLES12 Security Update : ntp (SUSE-SU-2016:1247-1)
ntp was updated to version 4.2.8p6 to fix 28 security issues. Major functional changes : - The 'sntp' commandline tool changed its option handling in a major way, some options have been renamed or dropped. - 'controlkey 1' is added during update to ntp.conf to allow sntp to work. - The local cloc...
ntp -- multiple vulnerabilities
Network Time Foundation reports: NTF's NTP Project has been notified of the following low- and medium-severity vulnerabilities that are fixed in ntp-4.2.8p6, released on Tuesday, 19 January 2016: Bug 2948 / CVE-2015-8158: Potential Infinite Loop in ntpq. Reported by Cisco ASIG. Bug 2945 /...
CVE-2015-7976
The ntpq saveconfig command in NTP 4.1.2, 4.2.x before 4.2.8p6, 4.3, 4.3.25, 4.3.70, and 4.3.77 does not properly filter special characters, which allows attackers to cause unspecified impact via a crafted filename...