2 matches found
MGASA-2016-0174 Updated ntp packages fix security vulnerabilities
Updated ntp packages fix security vulnerabilities: It is possible to change the time of an ntpd client or deny service to an ntpd client by forcing it to change from basic client/server mode to interleaved symmetric mode. An attacker can spoof a packet from a legitimate ntpd server with an origin...
MGASA-2014-0541 Updated ntp packages fix security vulnerabilities
Updated ntp packages fix security vulnerabilities: If no authentication key is defined in the ntp.conf file, a cryptographically-weak default key is generated CVE-2014-9293. ntp-keygen before 4.2.7p230 uses a non-cryptographic random number generator with a weak seed to generate symmetric keys...