26 matches found
Security Bulletin: Multiple vulnerabilities in Network Time Protocol (NTP) affect IBM Virtualization Engine TS7700 (CVE-2016-7427, CVE-2016-7428, CVE-2016-9310, CVE-2016-9311)
Summary There are multiple vulnerabilities in the Network Time Protocol NTP implementation embedded within the IBM Virtualization Engine TS7700. Vulnerability Details CVEID: CVE-2016-7427 DESCRIPTION: NTP is vulnerable to a denial of service, caused by an error in broadcast mode replay prevention...
Slackware: Security Advisory (SSA:2016-326-01)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2016:3193-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for ntp (EulerOS-SA-2020-2225)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS Virtualization 3.0.2.2 : ntp (EulerOS-SA-2020-2225)
According to the versions of the ntp packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - The monlist feature in ntprequest.c in ntpd in NTP before 4.2.7p26 allows remote attackers to cause a denial of service traffic...
EulerOS 2.0 SP5 : ntp (EulerOS-SA-2020-1611)
According to the versions of the ntp packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - ntpd in NTP before 4.2.8p9 allows remote attackers to cause a denial of service reject broadcast mode packets via the poll interval in a broadcast...
EulerOS Virtualization for ARM 64 3.0.2.0 : ntp (EulerOS-SA-2020-1547)
According to the versions of the ntp packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - The monlist feature in ntprequest.c in ntpd in NTP before 4.2.7p26 allows remote attackers to cause a denial of service...
Huawei EulerOS: Security Advisory for ntp (EulerOS-SA-2020-1547)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Photon OS 1.0: Ntpstat PHSA-2017-0003
An update of the ntpstat package has been released. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2017-0003. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid121669;...
Security Bulletin: Vulnerabilities in NTP affect IBM Flex System Chassis Management Module (CMM)
Summary IBM Chassis Management Module CMM has addressed the following vulnerabilities in NTP. Vulnerability Details Summary IBM Chassis Management Module CMM has addressed the following vulnerabilities in NTP. Vulnerability Details: CVEID: CVE-2016-7426 Description: NTP is vulnerable to a denial ...
Network Time Protocol Broadcast Mode Replay Prevention Denial of Service Vulnerability(CVE-2016-7427)
Summary An exploitable denial of service vulnerability exists in the broadcast mode replay prevention functionality of ntpd. To prevent replay of broadcast mode packets, ntpd rejects broadcast mode packets with non-monotonically increasing transmit timestamps. Remote unauthenticated attackers can...
AIX NTP v3 Advisory : ntp_advisory8.asc (IV92194) (IV91803) (IV92193) (IV91951) (IV92192) (IV92067)
The version of NTP installed on the remote AIX host is affected by the following vulnerabilities : - A denial of service vulnerability exists in the broadcast mode replay prevention functionality. An unauthenticated, adjacent attacker can exploit this, via specially crafted broadcast mode NTP...
Ubuntu 14.04 LTS / 16.04 LTS : NTP vulnerabilities (USN-3349-1)
The remote Ubuntu 14.04 LTS / 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3349-1 advisory. Yihan Lian discovered that NTP incorrectly handled certain large request data values. A remote attacker could possibly use this issue to caus...
USN-3349-1: NTP vulnerabilities
Yihan Lian discovered that NTP incorrectly handled certain large request data values. A remote attacker could possibly use this issue to cause NTP to crash, resulting in a denial of service. This issue only affected Ubuntu 16.04 LTS. CVE-2016-2519 Miroslav Lichvar discovered that NTP incorrectly...
AIX NTP v4 Advisory : ntp_advisory8.asc (IV92126) (IV92287)
The version of NTP installed on the remote AIX host is affected by the following vulnerabilities : - A denial of service vulnerability exists in the broadcast mode replay prevention functionality. An unauthenticated, adjacent attacker can exploit this, via specially crafted broadcast mode NTP...
AIX 6.1 TL 9 : ntp (IV91803) (deprecated)
NTPv3 and NTPv4 are vulnerable to : https://vulners.com/cve/CVE-2016-7427 NTP is vulnerable to a denial of service, caused by an error in broadcast mode replay prevention functionality. By sending specially crafted NTP packets, a local attacker could exploit this vulnerability to cause a denial o...
There are multiple vulnerabilities in NTPv3 and NTPv4 that impact AIX.
IBM SECURITY ADVISORY First Issued: Mon Feb 13 15:32:47 CST 2017 |Updated: Mon Oct 2 10:47:12 CDT 2017 |Update 2: Removed bos.net.tcp.ntp from the impacted fileset list for | AIX 7200-01-02. Fileset bos.net.tcp.ntpd is still listed as impacted | for AIX 7200-01-02. The most recent version of this...
SUSE SLES11 Security Update : ntp (SUSE-SU-2017:0255-1)
This update for ntp fixes the following issues: ntp was updated to 4.2.8p9. Security issues fixed : - CVE-2016-9311, CVE-2016-9310, bsc1011377: Mode 6 unauthenticated trap information disclosure and DDoS vector. - CVE-2016-7427, bsc1011390: Broadcast Mode Replay Prevention DoS. - CVE-2016-7428,...
CVE-2016-7427
CVE-2016-7427 concerns ntpd’s broadcast mode replay prevention. A remote attacker can cause a denial-of-service by injecting specially crafted broadcast-mode packets into a trusted broadcast domain, leading ntpd to reject legitimate broadcast packets. The entry notes this affects ntpd in NTP vers...
openSUSE Security Update : ntp (openSUSE-2016-1525)
This update for ntp fixes the following issues : ntp was updated to 4.2.8p9. Security issues fixed : - CVE-2016-9311, CVE-2016-9310, bsc1011377: Mode 6 unauthenticated trap information disclosure and DDoS vector. - CVE-2016-7427, bsc1011390: Broadcast Mode Replay Prevention DoS. - CVE-2016-7428,...