17 matches found
Slackware: Security Advisory (SSA:2016-326-01)
The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2016:3193-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Photon OS 1.0: Ntpstat PHSA-2017-0003
An update of the ntpstat package has been released. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2017-0003. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid121669;...
Security Bulletin: Vulnerabilities in NTP affect IBM Flex System Chassis Management Module (CMM)
Summary IBM Chassis Management Module CMM has addressed the following vulnerabilities in NTP. Vulnerability Details Summary IBM Chassis Management Module CMM has addressed the following vulnerabilities in NTP. Vulnerability Details: CVEID: CVE-2016-7426 Description: NTP is vulnerable to a denial ...
Ubuntu 14.04 LTS / 16.04 LTS : NTP vulnerabilities (USN-3349-1)
The remote Ubuntu 14.04 LTS / 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3349-1 advisory. Yihan Lian discovered that NTP incorrectly handled certain large request data values. A remote attacker could possibly use this issue to caus...
USN-3349-1: NTP vulnerabilities
Yihan Lian discovered that NTP incorrectly handled certain large request data values. A remote attacker could possibly use this issue to cause NTP to crash, resulting in a denial of service. This issue only affected Ubuntu 16.04 LTS. CVE-2016-2519 Miroslav Lichvar discovered that NTP incorrectly...
Network Time Protocol Origin Timestamp Check Denial of Service Vulnerability
Summary An exploitable denial of service vulnerability exists in the origin timestamp check functionality of ntpd 4.2.8p9. A specially crafted unauthenticated network packet can be used to reset the expected origin timestamp for target peers. Legitimate replies from targeted peers will fail the...
SUSE SLES11 Security Update : ntp (SUSE-SU-2017:0255-1)
This update for ntp fixes the following issues: ntp was updated to 4.2.8p9. Security issues fixed : - CVE-2016-9311, CVE-2016-9310, bsc1011377: Mode 6 unauthenticated trap information disclosure and DDoS vector. - CVE-2016-7427, bsc1011390: Broadcast Mode Replay Prevention DoS. - CVE-2016-7428,...
CVE-2016-7431
NTP before 4.2.8p9 allows remote attackers to bypass the origin timestamp protection mechanism via an origin timestamp of zero. NOTE: this vulnerability exists because of a CVE-2015-8138 regression...
CVE-2016-7431
CVE-2016-7431 is a documented zero-origin-timestamp bypass in ntpd. A regression after fix for CVE-2015-8138 allowed some zero-origin timestamps to bypass origin timestamp validation. Affected in ntpd upstream releases prior to 4.2.8p9; Cloud Foundry and Arch Linux advisories describe persistent ...
CVE-2016-7431
NTP before 4.2.8p9 allows remote attackers to bypass the origin timestamp protection mechanism via an origin timestamp of zero. NOTE: this vulnerability exists because of a CVE-2015-8138 regression...
openSUSE Security Update : ntp (openSUSE-2016-1525)
This update for ntp fixes the following issues : ntp was updated to 4.2.8p9. Security issues fixed : - CVE-2016-9311, CVE-2016-9310, bsc1011377: Mode 6 unauthenticated trap information disclosure and DDoS vector. - CVE-2016-7427, bsc1011390: Broadcast Mode Replay Prevention DoS. - CVE-2016-7428,...
FreeBSD : FreeBSD -- Multiple vulnerabilities of ntp (fcedcdbb-c86e-11e6-b1cf-14dae9d210b8)
Multiple vulnerabilities have been discovered in the NTP suite : CVE-2016-9311: Trap crash, Reported by Matthew Van Gundy of Cisco ASIG. CVE-2016-9310: Mode 6 unauthenticated trap information disclosure and DDoS vector. Reported by Matthew Van Gundy of Cisco ASIG. CVE-2016-7427: Broadcast Mode...
SUSE SLES12 Security Update : ntp (SUSE-SU-2016:3196-1)
This update for ntp fixes the following issues: ntp was updated to 4.2.8p9. Security issues fixed : - CVE-2016-9311, CVE-2016-9310, bsc1011377: Mode 6 unauthenticated trap information disclosure and DDoS vector. - CVE-2016-7427, bsc1011390: Broadcast Mode Replay Prevention DoS. - CVE-2016-7428,...
SUSE SLES11 Security Update : ntp (SUSE-SU-2016:3193-1)
This update for ntp fixes the following issues : - Simplify ntpd's search for its own executable to prevent AppArmor warnings bsc956365. Security issues fixed update to 4.2.8p9 : - CVE-2016-9311, CVE-2016-9310, bsc1011377: Mode 6 unauthenticated trap information disclosure and DDoS vector. -...
SUSE SLED12 / SLES12 Security Update : ntp (SUSE-SU-2016:3195-1)
This update for ntp fixes the following issues: ntp was updated to 4.2.8p9. Security issues fixed : - CVE-2016-9311, CVE-2016-9310, bsc1011377: Mode 6 unauthenticated trap information disclosure and DDoS vector. - CVE-2016-7427, bsc1011390: Broadcast Mode Replay Prevention DoS. - CVE-2016-7428,...
NTP.org ntpd contains multiple denial of service vulnerabilities
Overview NTP.org ntpd versions ntp-4.2.7p385 up to but not including ntp-4.2.8p9 and ntp-4.3.0 up to but not including ntp-4.3.94 contain multiple denial of service vulnerabilities. Description NTP.org's ntpd, versions ntp-4.2.7p385 up to but not including ntp-4.2.8p9 and ntp-4.3.0 up to but not...