Lucene search
K

8 matches found

OSV
OSV
added 2019/04/27 2:7 p.m.5 views

SUSE-SU-2018:3342-2 Security update for ntp

NTP was updated to 4.2.8p12 bsc1111853: - CVE-2018-12327: Fixed stack buffer overflow in the openhost command-line call of NTPQ/NTPDC. bsc1098531 - CVE-2018-7170: Add further tweaks to improve the fix for the ephemeral association time spoofing additional protection bsc1083424 Please also see...

9.8CVSS8.2AI score0.29037EPSS
Exploits5References6
Tenable Nessus
Tenable Nessus
added 2018/10/26 12:0 a.m.34 views

openSUSE Security Update : ntp (openSUSE-2018-1280)

This update for NTP to version 4.2.8p12 fixes the following vulnerabilities bsc1111853 : - CVE-2018-12327: Fixed stack-based buffer overflow in the openhost command-line call of NTPQ/NTPDC. bsc1098531 - CVE-2018-7170: Add further tweaks to improve the fix for the ephemeral association time spoofi...

9.8CVSS7.3AI score0.29037EPSS
Exploits5References6
OPENSUSE Linux
OPENSUSE Linux
added 2018/10/25 6:21 p.m.432 views

Security update for ntp (moderate)

NTP was updated to 4.2.8p12 bsc1111853: - CVE-2018-12327: Fixed stack buffer overflow in the openhost command-line call of NTPQ/NTPDC. bsc1098531 - CVE-2018-7170: Add further tweaks to improve the fix for the ephemeral association time spoofing additional protection bsc1083424 Please also see...

7.5CVSS0.3AI score0.29037EPSS
Exploits5References3
Tenable Nessus
Tenable Nessus
added 2018/10/24 12:0 a.m.42 views

SUSE SLED12 / SLES12 Security Update : ntp (SUSE-SU-2018:3342-1)

NTP was updated to 4.2.8p12 bsc1111853 : CVE-2018-12327: Fixed stack-based buffer overflow in the openhost command-line call of NTPQ/NTPDC. bsc1098531 CVE-2018-7170: Add further tweaks to improve the fix for the ephemeral association time spoofing additional protection bsc1083424 Please also see...

9.8CVSS7.3AI score0.29037EPSS
Exploits5References9
Amazon
Amazon
added 2018/05/10 12:0 a.m.63 views

Medium: ntp

Issue Overview: Ephemeral association time spoofing additional protection ntpd in ntp 4.2.x before 4.2.8p7 and 4.3.x before 4.3.92 allows authenticated users that know the private symmetric key to create arbitrarily-many ephemeral associations in order to win the clock selection of ntpd and modif...

9.8CVSS7.9AI score0.2985EPSS
Exploits8
Tenable Nessus
Tenable Nessus
added 2018/02/28 12:0 a.m.58 views

FreeBSD : ntp -- multiple vulnerabilities (af485ef4-1c58-11e8-8477-d05099c0ae8c)

Network Time Foundation reports : The NTP Project at Network Time Foundation is releasing ntp-4.2.8p11. This release addresses five security issues in ntpd : - LOW/MEDIUM: Sec 3012 / CVE-2016-1549 / VU961909: Sybil vulnerability: ephemeral association attack - INFO/MEDIUM: Sec 3412 / CVE-2018-718...

9.8CVSS7AI score0.2985EPSS
Exploits6References8
seebug.org
seebug.org
added 2017/10/26 12:0 a.m.103 views

Network Time Protocol Ephemeral Association Time Spoofing Vulnerability(CVE-2016-1549)

SUMMARY ntpd is vulnerable to Sybil attacks. A malicious authenticated peer can create arbitrarily-many ephemeral associations in order to win ntpd's clock selection algorithm and modify a victim's clock. TESTED VERSIONS NTP 4.2.8p3 NTP 4.2.8p4 NTPsec 3e160db8dc248a0bcb053b56a80167dc742d2b74 NTPs...

4CVSS8.1AI score0.03147EPSS
Exploits1
Debian CVE
Debian CVE
added 2016/07/05 1:0 a.m.37 views

CVE-2016-4953

ntpd in NTP 4.x before 4.2.8p8 allows remote attackers to cause a denial of service ephemeral-association demobilization by sending a spoofed crypto-NAK packet with incorrect authentication data at a certain time...

7.5CVSS6.7AI score0.17245EPSS
Exploits0
Rows per page
Query Builder