46 matches found
Linux Distros Unpatched Vulnerability : CVE-2018-7170
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ntpd in ntp 4.2.x before 4.2.8p7 and 4.3.x before 4.3.92 allows authenticated users that know the private symmetric key to create arbitrarily-many ephemeral...
RHEL 7 : ntp (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - ntp: Using port 123 for modes where a fixed port number is not required facilitates off-path attacks...
RHEL 8 : ntp (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - ntp: decodearr can write beyond its buffer limit CVE-2018-7183 - ntpd in ntp 4.2.x before 4.2.8p7 and 4.3...
RHEL 6 : ntp (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - ntp: Using port 123 for modes where a fixed port number is not required facilitates off-path attacks...
F5 Networks BIG-IP : NTP vulnerability (K82570157)
The version of F5 Networks BIG-IP installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the K82570157 advisory. - ntpd in ntp 4.2.x before 4.2.8p7 and 4.3.x before 4.3.92 allows authenticated users that know the private symmetric k...
K82570157: NTP vulnerability CVE-2018-7170
Security Advisory Description ntpd in ntp 4.2.x before 4.2.8p7 and 4.3.x before 4.3.92 allows authenticated users that know the private symmetric key to create arbitrarily-many ephemeral associations in order to win the clock selection of ntpd and modify a victim's clock via a Sybil attack. This...
SUSE: Security Advisory (SUSE-SU-2018:3352-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2018:3386-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2018:0956-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
openSUSE Security Update : ntp (openSUSE-2019-856)
NTP was updated to 4.2.8p12 bsc1111853 : - CVE-2018-12327: Fixed stack-based buffer overflow in the openhost command-line call of NTPQ/NTPDC. bsc1098531 - CVE-2018-7170: Add further tweaks to improve the fix for the ephemeral association time spoofing additional protection bsc1083424 Please also...
Fedora 28 : ntp (2018-e585e25b72)
Security fix for CVE-2018-12327 and fixed fix for CVE-2018-7170. Note that Tenable Network Security has extracted the preceding description block directly from the Fedora update system website. Tenable has attempted to automatically clean and format it as much as possible without introducing...
SUSE SLES15 Security Update : ntp (SUSE-SU-2018:3386-1)
NTP was updated to 4.2.8p12 bsc1111853 : CVE-2018-12327: Fixed stack-based buffer overflow in the openhost command-line call of NTPQ/NTPDC. bsc1098531 CVE-2018-7170: Add further tweaks to improve the fix for the ephemeral association time spoofing additional protection bsc1083424 Please also see...
There are vulnerabilities in NTPv4 that affect AIX.
IBM SECURITY ADVISORY First Issued: Fri Dec 14 12:20:13 CST 2018 The most recent version of this document is available here: http://aix.software.ibm.com/aix/efixes/security/ntpadvisory11.asc https://aix.software.ibm.com/aix/efixes/security/ntpadvisory11.asc...
openSUSE: Security Advisory for ntp (openSUSE-SU-2018:3452-1)
The remote host is missing an update for the Copyright C 2018 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...
openSUSE Security Update : ntp (openSUSE-2018-1280)
This update for NTP to version 4.2.8p12 fixes the following vulnerabilities bsc1111853 : - CVE-2018-12327: Fixed stack-based buffer overflow in the openhost command-line call of NTPQ/NTPDC. bsc1098531 - CVE-2018-7170: Add further tweaks to improve the fix for the ephemeral association time spoofi...
openSUSE Security Update : ntp (openSUSE-2018-1275)
NTP was updated to 4.2.8p12 bsc1111853 : - CVE-2018-12327: Fixed stack-based buffer overflow in the openhost command-line call of NTPQ/NTPDC. bsc1098531 - CVE-2018-7170: Add further tweaks to improve the fix for the ephemeral association time spoofing additional protection bsc1083424 Please also...
Security update for ntp (moderate)
NTP was updated to 4.2.8p12 bsc1111853: - CVE-2018-12327: Fixed stack buffer overflow in the openhost command-line call of NTPQ/NTPDC. bsc1098531 - CVE-2018-7170: Add further tweaks to improve the fix for the ephemeral association time spoofing additional protection bsc1083424 Please also see...
SUSE-SU-2018:3386-1 Security update for ntp
NTP was updated to 4.2.8p12 bsc1111853: - CVE-2018-12327: Fixed stack buffer overflow in the openhost command-line call of NTPQ/NTPDC. bsc1098531 - CVE-2018-7170: Add further tweaks to improve the fix for the ephemeral association time spoofing additional protection bsc1083424 Please also see...
SUSE SLES11 Security Update : ntp (SUSE-SU-2018:3356-1)
NTP was updated to 4.2.8p12 bsc1111853 : CVE-2018-12327: Fixed stack-based buffer overflow in the openhost command-line call of NTPQ/NTPDC. bsc1098531 CVE-2018-7170: Add further tweaks to improve the fix for the ephemeral association time spoofing additional protection bsc1083424 Please also see...
SUSE SLED12 / SLES12 Security Update : ntp (SUSE-SU-2018:3342-1)
NTP was updated to 4.2.8p12 bsc1111853 : CVE-2018-12327: Fixed stack-based buffer overflow in the openhost command-line call of NTPQ/NTPDC. bsc1098531 CVE-2018-7170: Add further tweaks to improve the fix for the ephemeral association time spoofing additional protection bsc1083424 Please also see...