6 matches found
Linux Distros Unpatched Vulnerability : CVE-2019-11331
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - Network Time Protocol NTP, as specified in RFC 5905, uses port 123 even for modes where a fixed port number is not required, which makes it easier for remote...
RHEL 7 : ntp (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 7 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - ntp: Using port 123 for modes where a fixed port number is not required facilitates off-path attacks...
RHEL 6 : ntp (Unpatched Vulnerability)
The remote Redhat Enterprise Linux 6 host has one or more packages installed that are affected by multiple vulnerabilities that have been acknowledged by the vendor but will not be patched. - ntp: Using port 123 for modes where a fixed port number is not required facilitates off-path attacks...
F5 Networks BIG-IP : NTP vulnerability (K09940637)
The version of F5 Networks BIG-IP installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the K09940637 advisory. Network Time Protocol NTP, as specified in RFC 5905, uses port 123 even for modes where a fixed port number is not...
K09940637: NTP vulnerability CVE-2019-11331
Security Advisory Description Network Time Protocol NTP, as specified in RFC 5905, uses port 123 even for modes where a fixed port number is not required, which makes it easier for remote attackers to conduct off-path attacks. CVE-2019-11331 Impact Using an off-path attack not a man-in-the-middle...
CVE-2019-11331
CVE-2019-11331 concerns Network Time Protocol (NTP) implementations that use port 123 even when a fixed port isn’t required (per RFC 5905). The provided documents confirm an off‑path attack possibility due to port usage, describing it as enabling remote actors to conduct off‑path attacks against ...