Slackware: Security Advisory (SSA:2016-326-01)

The remote host is missing an update for the SPDX-FileCopyrightText: 2022 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

SUSE: Security Advisory (SUSE-SU-2016:3193-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Security Bulletin: Multiple vulnerabilities in Open Source NTP and ISC BIND affect IBM Netezza Host Management

Summary Open Source NTP and ISC BIND are used by IBM Netezza Host Management. IBM Netezza Host Management has addressed the applicable CVEs. Vulnerability Details CVEID: CVE-2016-9310 DESCRIPTION: NTP is vulnerable to a denial of service, caused by an error in the control mode mode 6 functionalit...

NewStart CGSL MAIN 4.05 : ntp Multiple Vulnerabilities (NS-SA-2019-0114)

The remote NewStart CGSL host, running version MAIN 4.05, has ntp packages installed that are affected by multiple vulnerabilities: - It was found that when ntp is configured with rate limiting for all associations the limits are also applied to responses received from its configured sources. A...

Photon OS 1.0: Ntpstat PHSA-2017-0003

An update of the ntpstat package has been released. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from VMware Security Advisory PHSA-2017-0003. The text itself is copyright C VMware, Inc. include'compat.inc'; if description scriptid121669;...

Security Bulletin: Vulnerabilities in NTP affect IBM Flex System Chassis Management Module (CMM)

Summary IBM Chassis Management Module CMM has addressed the following vulnerabilities in NTP. Vulnerability Details Summary IBM Chassis Management Module CMM has addressed the following vulnerabilities in NTP. Vulnerability Details: CVEID: CVE-2016-7426 Description: NTP is vulnerable to a denial ...

Security Bulletin: IBM Security Access Manager appliances are affected by multiple Network Time Protocol (NTP) vulnerabilities

Summary IBM Security Access Manager has addressed the following vulnerabilities that have been identified in Network Time Protocol NTP. Vulnerability Details CVEID: CVE-2016-7426 DESCRIPTION: NTP is vulnerable to a denial of service, caused by the improper handling of invalid server responses. By...

Security Bulletin: Multiple vulnerabilities in NTP affect IBM Security Network Protection

Summary There are multiple vulnerabilities in NTP that is used by IBM Security Network Protection. These vulnerabilities include CVE-2016-7426, CVE-2016-7433, CVE-2016-9310, CVE-2016-9311, and CVE-2016-7429. Vulnerability Details CVEID: CVE-2016-7426 DESCRIPTION: NTP is vulnerable to a denial of...

Ubuntu 14.04 LTS / 16.04 LTS : NTP vulnerabilities (USN-3349-1)

The remote Ubuntu 14.04 LTS / 16.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-3349-1 advisory. Yihan Lian discovered that NTP incorrectly handled certain large request data values. A remote attacker could possibly use this issue to caus...

USN-3349-1: NTP vulnerabilities

Yihan Lian discovered that NTP incorrectly handled certain large request data values. A remote attacker could possibly use this issue to cause NTP to crash, resulting in a denial of service. This issue only affected Ubuntu 16.04 LTS. CVE-2016-2519 Miroslav Lichvar discovered that NTP incorrectly...

OracleVM 3.3 / 3.4 : ntp (OVMSA-2017-0038)

The remote OracleVM system is missing necessary patches to address critical security updates : - add disable monitor to default ntp.conf CVE-2013-5211 - don't limit rate of packets from sources CVE-2016-7426 - don't change interface from received packets CVE-2016-7429 - fix calculation of root...

RedHat Update for ntp RHSA-2017:0252-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Oracle Linux 6 / 7 : ntp (ELSA-2017-0252)

The remote Oracle Linux 6 / 7 host has packages installed that are affected by multiple vulnerabilities as referenced in the ELSA-2017-0252 advisory. - don't limit rate of packets from sources CVE-2016-7426 - don't change interface from received packets CVE-2016-7429 - fix calculation of root...

CentOS 6 / 7 : ntp (CESA-2017:0252)

An update for ntp is now available for Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...

SUSE SLES11 Security Update : ntp (SUSE-SU-2017:0255-1)

This update for ntp fixes the following issues: ntp was updated to 4.2.8p9. Security issues fixed : - CVE-2016-9311, CVE-2016-9310, bsc1011377: Mode 6 unauthenticated trap information disclosure and DDoS vector. - CVE-2016-7427, bsc1011390: Broadcast Mode Replay Prevention DoS. - CVE-2016-7428,...

CVE-2016-7433

CVE-2016-7433 affects ntpd (ntp) prior to 4.2.8p9. Root cause: initial sync calculations regression where the root distance did not include peer dispersion. This can cause incorrect timing calculations, with documented potential for denial of service or disruption. Remediation: upgrade ntp to 4.2...

Amazon Linux AMI : ntp (ALAS-2017-781)

The following security-related issues were resolved : CVE-2016-7426 : Client rate limiting and server responses CVE-2016-7429 : Attack on interface selection CVE-2016-7433 : Broken initial sync calculations regression CVE-2016-9310 : Mode 6 unauthenticated trap information disclosure and DDoS...

Medium: ntp

Issue Overview: The following security-related issues were resolved: CVE-2016-7426: Client rate limiting and server responses CVE-2016-7429: Attack on interface selection CVE-2016-7433: Broken initial sync calculations regression CVE-2016-9310: Mode 6 unauthenticated trap information disclosure a...

openSUSE Security Update : ntp (openSUSE-2016-1525)

This update for ntp fixes the following issues : ntp was updated to 4.2.8p9. Security issues fixed : - CVE-2016-9311, CVE-2016-9310, bsc1011377: Mode 6 unauthenticated trap information disclosure and DDoS vector. - CVE-2016-7427, bsc1011390: Broadcast Mode Replay Prevention DoS. - CVE-2016-7428,...

FreeBSD : FreeBSD -- Multiple vulnerabilities of ntp (fcedcdbb-c86e-11e6-b1cf-14dae9d210b8)

Multiple vulnerabilities have been discovered in the NTP suite : CVE-2016-9311: Trap crash, Reported by Matthew Van Gundy of Cisco ASIG. CVE-2016-9310: Mode 6 unauthenticated trap information disclosure and DDoS vector. Reported by Matthew Van Gundy of Cisco ASIG. CVE-2016-7427: Broadcast Mode...