OracleVM 3.3 / 3.4 : ntp (OVMSA-2018-0290)

The remote OracleVM system is missing necessary patches to address critical security updates : - add disable monitor to default ntp.conf CVE-2013-5211 - fix buffer overflow in parsing of address in ntpq and ntpdc CVE-2018-12327 - fix CVE-2016-7429 patch to work correctly on multicast client 14229...

ntp security update

4.2.6p5-15.0.1 - add disable monitor to default ntp.conf CVE-2013-5211 4.2.6p5-15 - fix buffer overflow in parsing of address in ntpq and ntpdc CVE-2018-12327 4.2.6p5-14 - fix CVE-2016-7429 patch to work correctly on multicast client 1422973 4.2.6p5-13 - fix buffer overflow in datum refclock driv...

OracleVM 3.3 / 3.4 : ntp (OVMSA-2017-0165)

The remote OracleVM system is missing necessary patches to address critical security updates : - add disable monitor to default ntp.conf CVE-2013-5211 - fix buffer overflow in datum refclock driver CVE-2017-6462 - fix crash with invalid unpeer command CVE-2017-6463 - fix potential crash with...

ntp security update

4.2.6p5-12.0.1.el69.1 - add disable monitor to default ntp.conf CVE-2013-5211 4.2.6p5-12.el69.1 - fix buffer overflow in datum refclock driver CVE-2017-6462 - fix crash with invalid unpeer command CVE-2017-6463 - fix potential crash with invalid server command CVE-2017-6464 4.2.6p5-12 - don't lim...

ntp security update

4.2.6p5-22.0.1.el72.2 - add disable monitor to default ntp.conf CVE-2013-5211...

ntpd DRDoS / Amplification Attack using ntpdc monlist command

ntp.org reports: Unrestricted access to the monlist feature in ntprequest.c in ntpd in NTP before 4.2.7p26 allows remote attackers to cause a denial of service traffic amplification via forged 1 REQMONGETLIST or 2 REQMONGETLIST1 requests, as exploited in the wild in December 2013 Use noquery to...