10 matches found
Moderate: Red Hat Security Advisory: ntp security update
An update for ntp is now available for Red Hat Enterprise Linux 6.7 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each...
Scientific Linux Security Update : ntp on SL6.x, SL7.x i386/x86_64 (20160531)
Security Fixes : - It was found that when NTP was configured in broadcast mode, a remote attacker could broadcast packets with bad authentication to all clients. The clients, upon receiving the malformed packets, would break the association with the broadcast server, causing them to become out of...
ntp: distributed denial of service amplification
CVE-2016-4953 distributed denial of service amplification An attacker who knows the origin timestamp and can send a spoofed packet containing a CRYPTO-NAK to an ephemeral peer target before any other response is sent can demobilize that association. Credit to Miroslav Lichvar of Red Hat -...
Moderate: Red Hat Security Advisory: ntp security update
An update for ntp is now available for Red Hat Enterprise Linux 6 and Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...
CentOS 6 : ntp (CESA-2015:1459)
Updated ntp packages that fix multiple security issues, several bugs, and add two enhancements are now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having Moderate security impact. Common Vulnerability Scoring System CVSS base scores, which give...
Debian DSA-3222-1 : chrony - security update
Miroslav Lichvar of Red Hat discovered multiple vulnerabilities in chrony, an alternative NTP client and server : - CVE-2015-1821 Using particular address/subnet pairs when configuring access control would cause an invalid memory write. This could allow attackers to cause a denial of service cras...
DLA-99-1 flac - security update
Bulletin has no description...
Debian DSA-3082-1 : flac - security update
Michele Spagnuolo, of Google Security Team, and Miroslav Lichvar, of Red Hat, discovered two issues in flac, a library handling Free Lossless Audio Codec media: by providing a specially crafted FLAC file, an attacker could execute arbitrary code. %NASLMINLEVEL 70300 C Tenable Network Security, In...
GLSA-201006-14 : Newt: User-assisted execution of arbitrary code
The remote host is affected by the vulnerability described in GLSA-201006-14 Newt: User-assisted execution of arbitrary code Miroslav Lichvar reported that Newt is prone to a heap-based buffer overflow in textbox.c. Impact : A remote attacker could entice a user to enter a specially crafted strin...
Debian DSA-1894-1 : newt - buffer overflow
Miroslav Lichvar discovered that newt, a windowing toolkit, is prone to a buffer overflow in the content processing code, which can lead to the execution of arbitrary code. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted...