Linux Distros Unpatched Vulnerability : CVE-2016-7429

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - NTP before 4.2.8p9 changes the peer structure to the interface it receives the response from a source, which allows remote attackers to cause a denial of servic...

Slackware: Security Advisory (SSA:2016-326-01)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2016:3193-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security Bulletin: Multiple vulnerabilities in Open Source NTP and ISC BIND affect IBM Netezza Host Management

Summary Open Source NTP and ISC BIND are used by IBM Netezza Host Management. IBM Netezza Host Management has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2016-9310 DESCRIPTION: NTP is vulnerable to a denial of service, caused by an error in the control mode mode 6 functionalit...

NewStart CGSL MAIN 4.05 : ntp Multiple Vulnerabilities (NS-SA-2019-0114)

The remote NewStart CGSL host, running version MAIN 4.05, has ntp packages installed that are affected by multiple vulnerabilities: - It was found that when ntp is configured with rate limiting for all associations the limits are also applied to responses received from its configured sources. A...

Photon OS 1.0: Ntpstat PHSA-2017-0003

An update of the ntpstat package has been released. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2017-0003. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid121669;...

Security Bulletin: Vulnerabilities in NTP affect IBM Flex System Chassis Management Module (CMM)

Summary IBM Chassis Management Module CMM has addressed the following vulnerabilities in NTP. Vulnerability Details Summary IBM Chassis Management Module CMM has addressed the following vulnerabilities in NTP. Vulnerability Details: CVEID: CVE-2016-7426 Description: NTP is vulnerable to a denial ...

Security Bulletin: IBM Security Access Manager appliances are affected by multiple Network Time Protocol (NTP) vulnerabilities

Summary IBM Security Access Manager has addressed the following vulnerabilities that have been identified in Network Time Protocol NTP. Vulnerability Details CVEID: CVE-2016-7426 DESCRIPTION: NTP is vulnerable to a denial of service, caused by the improper handling of invalid server responses. By...

Security Bulletin: Multiple vulnerabilities in NTP affect IBM Security Network Protection

Summary There are multiple vulnerabilities in NTP that is used by IBM Security Network Protection. These vulnerabilities include CVE-2016-7426, CVE-2016-7433, CVE-2016-9310, CVE-2016-9311, and CVE-2016-7429. Vulnerability Details CVEID: CVE-2016-7426 DESCRIPTION: NTP is vulnerable to a denial of...

Ubuntu 14.04 LTS / 16.04 LTS : NTP vulnerabilities (USN-3349-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3349-1 advisory. Yihan Lian discovered that NTP incorrectly handled certain large request data values. A remote attacker could possibly use this issue to caus...

USN-3349-1: NTP vulnerabilities

Yihan Lian discovered that NTP incorrectly handled certain large request data values. A remote attacker could possibly use this issue to cause NTP to crash, resulting in a denial of service. This issue only affected Ubuntu 16.04 LTS. CVE-2016-2519 Miroslav Lichvar discovered that NTP incorrectly...

OracleVM 3.3 / 3.4 : ntp (OVMSA-2017-0038)

The remote OracleVM system is missing necessary patches to address critical security updates : - add disable monitor to default ntp.conf CVE-2013-5211 - don't limit rate of packets from sources CVE-2016-7426 - don't change interface from received packets CVE-2016-7429 - fix calculation of root...

Oracle Linux 6 / 7 : ntp (ELSA-2017-0252)

The remote Oracle Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2017-0252 advisory. - don't limit rate of packets from sources CVE-2016-7426 - don't change interface from received packets CVE-2016-7429 - fix calculation of root...

CentOS 6 / 7 : ntp (CESA-2017:0252)

An update for ntp is now available for Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

RedHat Update for ntp RHSA-2017:0252-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE SLES11 Security Update : ntp (SUSE-SU-2017:0255-1)

This update for ntp fixes the following issues: ntp was updated to 4.2.8p9. Security issues fixed : - CVE-2016-9311, CVE-2016-9310, bsc1011377: Mode 6 unauthenticated trap information disclosure and DDoS vector. - CVE-2016-7427, bsc1011390: Broadcast Mode Replay Prevention DoS. - CVE-2016-7428,...

DEBIAN-CVE-2016-7429

NTP before 4.2.8p9 changes the peer structure to the interface it receives the response from a source, which allows remote attackers to cause a denial of service prevent communication with a source by sending a response for a source to an interface the source does not use...

CVE-2016-7429

CVE-2016-7429 affects ntpd where, if a server response arrives on a socket tied to a different interface than the request, ntpd may update the peer to use that interface. An attacker with spoofed source addresses can cause ntpd to fail to synchronize with the intended source, effectively enabling...

Amazon Linux AMI : ntp (ALAS-2017-781)

The following security-related issues were resolved : CVE-2016-7426 : Client rate limiting and server responses CVE-2016-7429 : Attack on interface selection CVE-2016-7433 : Broken initial sync calculations regression CVE-2016-9310 : Mode 6 unauthenticated trap information disclosure and DDoS...

Medium: ntp

Issue Overview: The following security-related issues were resolved: CVE-2016-7426: Client rate limiting and server responses CVE-2016-7429: Attack on interface selection CVE-2016-7433: Broken initial sync calculations regression CVE-2016-9310: Mode 6 unauthenticated trap information disclosure a...