27 matches found
Linux Distros Unpatched Vulnerability : CVE-2018-7183
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Buffer overflow in the decodearr function in ntpq in ntp 4.2.8p6 through 4.2.8p10 allows remote attackers to execute arbitrary code by leveraging an ntpq query...
RHEL 8 : ntp (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 8 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - ntp: decodearr can write beyond its buffer limit CVE-2018-7183 - ntpd in ntp 4.2.x before 4.2.8p7 and 4.3...
Security Bulletin: IBM Flex System Chassis Management Module (CMM) is affected by vulnerabilities in NTP
Summary IBM Flex System Chassis Management Module CMM has addressed the following vulnerabilities in NTP. Vulnerability Details CVEID: CVE-2018-7185 DESCRIPTION: NTP is vulnerable to a denial of service. By sending specially crafted packets, a remote authenticated attacker could exploit this...
K51743312: NTP vulnerability CVE-2018-7183
Security Advisory Description Buffer overflow in the decodearr function in ntpq in ntp 4.2.8p6 through 4.2.8p10 allows remote attackers to execute arbitrary code by leveraging an ntpq query and sending a response with a crafted array. CVE-2018-7183 Impact There is no impact; F5 products are not...
SUSE CVE-2018-7183
Buffer overflow in the decodearr function in ntpq in ntp 4.2.8p6 through 4.2.8p10 allows remote attackers to execute arbitrary code by leveraging an ntpq query and sending a response with a crafted array...
SUSE: Security Advisory (SUSE-SU-2018:0956-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Huawei EulerOS: Security Advisory for ntp (EulerOS-SA-2020-1210)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
Symantec Content Analysis < 2.3.5.1 affected by Multiple Vulnerabilities (SYMSA1451)
The version of Symantec Content Analysis running on the remote host is prior to version 2.3.5.1. It is, therefore, affected by multiple vulnerabilities: - Buffer overflow in the decodearr function in ntpq in ntp 4.2.8p6 through 4.2.8p10 allows remote attackers to execute arbitrary code by...
Network Time Protocol ntpq decodearr Stack-based Buffer Overflow (CVE-2018-7183)
A buffer overflow vulnerability has been discovered in the monitoring and control program ntpq of Network Time Protocol daemon. A successful attack would result in arbitrary code execution in the security context of the user...
SUSE SLES12 Security Update : ntp (SUSE-SU-2018:1765-2)
This update for ntp fixes the following issues : Update to 4.2.8p11 bsc1082210 : - CVE-2016-1549: Sybil vulnerability: ephemeral association attack. While fixed in ntp-4.2.8p7, there are significant additional protections for this issue in 4.2.8p11. - CVE-2018-7182: ctlgetitem: buffer read overru...
Vulnerabilities in NTP affect AIX,Vulnerabilities in NTP affect VIOS
IBM SECURITY ADVISORY First Issued: Tue Aug 14 14:48:57 CDT 2018 The most recent version of this document is available here: http://aix.software.ibm.com/aix/efixes/security/ntpadvisory10.asc https://aix.software.ibm.com/aix/efixes/security/ntpadvisory10.asc...
USN-3707-1: NTP vulnerabilities
Yihan Lian discovered that NTP incorrectly handled certain malformed mode 6 packets. A remote attacker could possibly use this issue to cause ntpd to crash, resulting in a denial of service. This issue only affected Ubuntu 17.10 and Ubuntu 18.04 LTS. CVE-2018-7182 Michael Macnair discovered that...
SUSE SLED12 / SLES12 Security Update : ntp (SUSE-SU-2018:1765-1)
This update for ntp fixes the following issues : - Update to 4.2.8p11 bsc1082210 : - CVE-2016-1549: Sybil vulnerability: ephemeral association attack. While fixed in ntp-4.2.8p7, there are significant additional protections for this issue in 4.2.8p11. - CVE-2018-7182: ctlgetitem: buffer read...
SUSE SLES12 Security Update : ntp (SUSE-SU-2018:1464-1)
This update for ntp fixes the following issues : - Update to 4.2.8p11 bsc1082210 : - CVE-2016-1549: Sybil vulnerability: ephemeral association attack. While fixed in ntp-4.2.8p7, there are significant additional protections for this issue in 4.2.8p11. - CVE-2018-7182: ctlgetitem: buffer read...
GLSA-201805-12 : NTP: Multiple vulnerabilities
The remote host is affected by the vulnerability described in GLSA-201805-12 NTP: Multiple vulnerabilities Multiple vulnerabilities have been discovered in NTP. Please review the CVE identifiers referenced below for details. Impact : A remote attacker could possibly execute arbitrary code or caus...
Medium: ntp
Issue Overview: The monlist feature in ntprequest.c in ntpd in NTP before 4.2.7p26 allows remote attackers to cause a denial of service traffic amplification via forged 1 REQMONGETLIST or 2 REQMONGETLIST1 requests, as exploited in the wild in December 2013. CVE-2013-5211 A malicious authenticated...
openSUSE Security Update : ntp (openSUSE-2018-376)
This update for ntp fixes the following issues : - Update to 4.2.8p11 bsc1082210 : - CVE-2016-1549: Sybil vulnerability: ephemeral association attack. While fixed in ntp-4.2.8p7, there are significant additional protections for this issue in 4.2.8p11. - CVE-2018-7182: ctlgetitem: buffer read...
SUSE SLED12 / SLES12 Security Update : ntp (SUSE-SU-2018:0956-1)
This update for ntp fixes the following issues : - Update to 4.2.8p11 bsc1082210 : - CVE-2016-1549: Sybil vulnerability: ephemeral association attack. While fixed in ntp-4.2.8p7, there are significant additional protections for this issue in 4.2.8p11. - CVE-2018-7182: ctlgetitem: buffer read...
Fedora Update for ntp FEDORA-2018-de113aeac6
The remote host is missing an update for the SPDX-FileCopyrightText: 2018 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE SLES11 Security Update : ntp (SUSE-SU-2018:0808-1)
This update for ntp fixes the following issues: Security issues fixed : - CVE-2016-1549: Significant additional protections against CVE-2016-1549 that was fixed in ntp-4.2.8p7 bsc1082210. - CVE-2018-7170: Ephemeral association time spoofing additional protection bsc1083424. - CVE-2018-7182: Buffe...