17 matches found
EUVD-2016-2644
Malware in sbrugna...
F5 Networks BIG-IP : NTP vulnerability (K82570157)
The version of F5 Networks BIG-IP installed on the remote host is prior to tested version. It is, therefore, affected by a vulnerability as referenced in the K82570157 advisory. - ntpd in ntp 4.2.x before 4.2.8p7 and 4.3.x before 4.3.92 allows authenticated users that know the private symmetric k...
K82570157: NTP vulnerability CVE-2018-7170
Security Advisory Description ntpd in ntp 4.2.x before 4.2.8p7 and 4.3.x before 4.3.92 allows authenticated users that know the private symmetric key to create arbitrarily-many ephemeral associations in order to win the clock selection of ntpd and modify a victim's clock via a Sybil attack. This...
SUSE CVE-2016-1549
A malicious authenticated peer can create arbitrarily-many ephemeral associations in order to win the clock selection algorithm in ntpd in NTP 4.2.8p4 and earlier and NTPsec 3e160db8dc248a0bcb053b56a80167dc742d2b74 and a5fb34b9cc89b92a8fef2f459004865c93bb7f92 and modify a victim's clock...
Amazon Linux AMI : ntp (ALAS-2018-1083)
ntpd in ntp 4.2.x before 4.2.8p7 allows authenticated users that know the private symmetric key to create arbitrarily-many ephemeral associations in order to win the clock selection of ntpd and modify a victim's clock via a Sybil attack. This issue exists because of an incomplete fix for...
PT-2018-3864
Name of the Vulnerable Software and Affected Versions NTP version 4.2.8p11 Eltex ESR-200 affected versions not specified NTP affected versions not specified Description The issue is related to the implementation of the NTP protocol, which can lead to security restrictions being bypassed. An...
NTP nptd Unauthorized Modification Vulnerability
NTP Network Time Protocol is a network protocol that synchronizes the clocks of two computers by exchanging packets. ntpd is an operating system daemon. A security vulnerability exists in nptd in versions 4.2.x prior to NTP 4.2.8p7 and 4.3.x prior to 4.3.92. An attacker can exploit this...
CVE-2018-7170
ntpd in ntp 4.2.x before 4.2.8p7 and 4.3.x before 4.3.92 allows authenticated users that know the private symmetric key to create arbitrarily-many ephemeral associations in order to win the clock selection of ntpd and modify a victim's clock via a Sybil attack. This issue exists because of an...
CVE-2018-7170
ntpd in ntp 4.2.x before 4.2.8p7 and 4.3.x before 4.3.92 allows authenticated users that know the private symmetric key to create arbitrarily-many ephemeral associations in order to win the clock selection of ntpd and modify a victim's clock via a Sybil attack. This issue exists because of an...
CVE-2018-7170
ntpd in ntp 4.2.x before 4.2.8p7 and 4.3.x before 4.3.92 allows authenticated users that know the private symmetric key to create arbitrarily-many ephemeral associations in order to win the clock selection of ntpd and modify a victim's clock via a Sybil attack. This issue exists because of an...
FreeBSD : ntp -- multiple vulnerabilities (af485ef4-1c58-11e8-8477-d05099c0ae8c)
Network Time Foundation reports : The NTP Project at Network Time Foundation is releasing ntp-4.2.8p11. This release addresses five security issues in ntpd : - LOW/MEDIUM: Sec 3012 / CVE-2016-1549 / VU961909: Sybil vulnerability: ephemeral association attack - INFO/MEDIUM: Sec 3412 / CVE-2018-718...
ntp -- multiple vulnerabilities
Network Time Foundation reports: The NTP Project at Network Time Foundation is releasing ntp-4.2.8p11. This release addresses five security issues in ntpd: LOW/MEDIUM: Sec 3012 / CVE-2016-1549 / VU961909: Sybil vulnerability: ephemeral association attack INFO/MEDIUM: Sec 3412 / CVE-2018-7182 /...
DEBIAN-CVE-2016-1549
A malicious authenticated peer can create arbitrarily-many ephemeral associations in order to win the clock selection algorithm in ntpd in NTP 4.2.8p4 and earlier and NTPsec 3e160db8dc248a0bcb053b56a80167dc742d2b74 and a5fb34b9cc89b92a8fef2f459004865c93bb7f92 and modify a victim's clock...
UBUNTU-CVE-2016-1549
A malicious authenticated peer can create arbitrarily-many ephemeral associations in order to win the clock selection algorithm in ntpd in NTP 4.2.8p4 and earlier and NTPsec 3e160db8dc248a0bcb053b56a80167dc742d2b74 and a5fb34b9cc89b92a8fef2f459004865c93bb7f92 and modify a victim's clock...
CVE-2016-1549
A malicious authenticated peer can create arbitrarily-many ephemeral associations in order to win the clock selection algorithm in ntpd in NTP 4.2.8p4 and earlier and NTPsec 3e160db8dc248a0bcb053b56a80167dc742d2b74 and a5fb34b9cc89b92a8fef2f459004865c93bb7f92 and modify a victim's clock...
PT-2016-3321 · Ntp +5 · Ntpd +7
Name of the Vulnerable Software and Affected Versions: ntpd versions prior to 4.2.8p4 NTPsec versions prior to a5fb34b9cc89b92a8fef2f459004865c93bb7f92 Description: A malicious authenticated peer can exploit an issue in the clock selection algorithm to modify a victim's clock. The issue is relate...
Network Time Protocol Ephemeral Association Time Spoofing Vulnerability
SUMMARY ntpd is vulnerable to Sybil attacks. A malicious authenticated peer can create arbitrarily-many ephemeral associations in order to win ntpd’s clock selection algorithm and modify a victim’s clock. TESTED VERSIONS NTP 4.2.8p3 NTP 4.2.8p4 NTPsec 3e160db8dc248a0bcb053b56a80167dc742d2b74 NTPs...