46 matches found
MiracleLinux 7 : ntp-4.2.6p5-22.1.0.1.el7.AXS7 (AXSA:2016-043:01)
The remote MiracleLinux 7 host has packages installed that are affected by a vulnerability as referenced in the AXSA:2016-043:01 advisory. The Network Time Protocol NTP is used to synchronize a computer's time with another reference time source. This package includes ntpd a daemon which...
Security Bulletin: Vulnerabilities in NTP affect IBM Flex System FC3171 8Gb SAN Switch & SAN Pass-thru Firmware, QLogic 8Gb Intelligent Pass-thru Module & SAN Switch Module and QLogic Virtual Fabric Extension Module for IBM BladeCenter
Summary The switch firmware deliverables listed below have addressed the applicable NTP CVEs. Vulnerability Details Summary The switch firmware deliverables listed below have addressed the applicable NTP CVEs. Vulnerability Details: CVE-ID: CVE-2014-9750 Description: NTP NTPd could allow a remote...
Debian: Security Advisory (DLA-559-1)
The remote host is missing an update for the Debian SPDX-FileCopyrightText: 2023 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
K71245322: NTP vulnerability CVE-2015-8138
Security Advisory Description NTP before 4.2.8p6 and 4.3.x before 4.3.90 allows remote attackers to bypass the origin timestamp validation via a packet with an origin timestamp set to zero. CVE-2015-8138 Impact An attacker may be able to disable time synchronization with the server or push...
SUSE: Security Advisory (SUSE-SU-2016:1175-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2016:1311-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2016:2094-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2016:1247-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Security Bulletin: Multiple Vulnerabilities in NTP and OpenSSL affect IBM Netezza Firmware Diagnostics Tools
Summary NTP and OpenSSL is used by IBM Netezza Firmware Diagnostics Tools. OpenSSL vulnerabilities were disclosed on May 3, 2016 by the OpenSSL Project. IBM Netezza Firmware Diagnostics Tools has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2015-8138 DESCRIPTION: NTP could allo...
Security Bulletin: Vulnerability in NTP affects IBM Flex System EN6131 40Gb Ethernet / IB6131 40Gb Infiniband Switch firmware (CVE-2015-8138)
Summary IBM Flex System EN6131 40Gb Ethernet / IB6131 40Gb Infiniband Switch firmware has addressed the following vulnerability in NTP. Vulnerability Details Summary IBM Flex System EN6131 40Gb Ethernet / IB6131 40Gb Infiniband Switch firmware has addressed the following vulnerability in NTP...
Security Bulletin: IBM Pure Power Integrated Manager (PPIM) is affected by multiple ntp vulnerabilities
Summary Multiple security vulnerabilities have been discovered in ntp embedded in the IBM PPIM. This bulletin addresses these issues. Vulnerability Details CVEID: CVE-2015-8138 DESCRIPTION: NTP could allow a remote attacker to bypass security restrictions. By sending a specially crafted packet wi...
Security Bulletin: IBM Security Access Manager for Web is affected by NTP vulnerabilities (CVE-2015-5300, CVE-2015-7704, CVE-2015-8138)
Summary The Network Time Protocol NTP is used to synchronize a computer's time with a referenced time source. Vulnerabilities that have been identified in NTP affect IBM Security Access Manager for Web. Vulnerability Details CVEID: CVE-2015-5300 DESCRIPTION: Network Time Protocol NTP could allow ...
Security Bulletin: IBM Security Access Manager for Mobile is affected by NTP vulnerabilities (CVE-2015-5300, CVE-2015-7704, CVE-2015-8138)
Summary The Network Time Protocol NTP is used to synchronize a computer's time with a referenced time source. Vulnerabilities that have been identified in NTP affect IBM Security Access Manager for Mobile. Vulnerability Details CVEID: CVE-2015-5300 DESCRIPTION: Network Time Protocol NTP could all...
Security Bulletin: Vulnerabilities in Network Time Protocol (NTP) affect IBM Security Identity Governance Appliance (CVE-2015-5300 CVE-2015-7704 CVE-2015-8138 )
Summary Vulnerabilities in Network Time Protocol NTP that is used by IBM Security Identity Governance Vulnerability Details CVEID: CVE-2015-5300 DESCRIPTION: Network Time Protocol NTP could allow a remote attacker to bypass security restrictions, caused by the failure to correctly implement the...
Security Bulletin: Vulnerabilities in NTP affect IBM Security Network Protection (CVE-2015-5300, CVE-2015-7704, and CVE-2015-8138)
Summary Security vulnerabilities have been discovered in NTP used with IBM Security Network Protection. Vulnerability Details CVEID: CVE-2015-5300 DESCRIPTION: Network Time Protocol NTP could allow a remote attacker to bypass security restrictions, caused by the failure to correctly implement the...
Network Time Protocol Origin Timestamp Check Denial of Service Vulnerability
Summary An exploitable denial of service vulnerability exists in the origin timestamp check functionality of ntpd 4.2.8p9. A specially crafted unauthenticated network packet can be used to reset the expected origin timestamp for target peers. Legitimate replies from targeted peers will fail the...
CVE-2015-8138
NTP before 4.2.8p6 and 4.3.x before 4.3.90 allows remote attackers to bypass the origin timestamp validation via a packet with an origin timestamp set to zero...
CVE-2015-8138
CVE-2015-8138 relates to ntpd, where versions prior to 4.2.8p6 and 4.3.x prior to 4.3.90 allow a remote attacker to bypass origin timestamp validation by sending a packet with origin timestamp set to zero. Connected advisories confirm this is a real issue in ntpd and note it can enable spoofing o...
CVE-2016-7431
NTP before 4.2.8p9 allows remote attackers to bypass the origin timestamp protection mechanism via an origin timestamp of zero. NOTE: this vulnerability exists because of a CVE-2015-8138 regression...
Design/Logic Flaw
NTP before 4.2.8p9 allows remote attackers to bypass the origin timestamp protection mechanism via an origin timestamp of zero. NOTE: this vulnerability exists because of a CVE-2015-8138 regression...