9 matches found
Linux Distros Unpatched Vulnerability : CVE-2014-9750
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ntpcrypto.c in ntpd in NTP 4.x before 4.2.8p1, when Autokey Authentication is enabled, allows remote attackers to obtain sensitive information from process memo...
Solaris 10 (x86) : 143726-11
SunOS 5.10x86: SunFreeware ntp patch. Date this patch was last updated by Sun : Oct/16/17 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include'deprecatednasllevel.inc'; include'compat.inc'; if descripti...
Solaris 10 (sparc) : 143725-01
SunOS 5.10: SunFreeware ntp patch. Date this patch was last updated by Sun : Feb/26/10 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include'deprecatednasllevel.inc'; include'compat.inc'; if description...
Solaris 10 (sparc) : 143725-09
SunOS 5.10: SunFreeware ntp patch. Date this patch was last updated by Sun : Oct/17/16 %NASLMINLEVEL 70300 C Tenable Network Security, Inc. The descriptive text in this plugin was extracted from the Oracle SunOS Patch Updates. include'deprecatednasllevel.inc'; include'compat.inc'; if description...
NTP DoS Exploit Released — Update Your Servers to Patch 10 Flaws
A proof-of-concept PoC exploit for a critical vulnerability in the Network Time Protocol daemon ntpd has been publically released that could allow anyone to crash a server with just a single maliciously crafted packet. The vulnerability has been patched by the Network Time Foundation with the...
openSUSE Security Update : ntp (openSUSE-2016-578)
ntp was updated to version 4.2.8p6 to fix 12 security issues. Also yast2-ntp-client was updated to match some sntp syntax changes. bsc937837 These security issues were fixed : - CVE-2015-8158: Fixed potential infinite loop in ntpq bsc962966. - CVE-2015-8138: Zero Origin Timestamp Bypass bsc963002...
Scientific Linux Security Update : ntp on SL6.x, SL7.x i386/x86_64 (20151026)
It was discovered that ntpd as a client did not correctly check timestamps in Kiss-of-Death packets. A remote attacker could use this flaw to send a crafted Kiss-of-Death packet to an ntpd client that would increase the client's polling interval value, and effectively disable synchronization with...
AIX 7.1 TL 2 : ntp (IV68429)
CVE-2014-9293 If no authentication key is defined in the ntp.conf file, a cryptographically-weak default key is generated. CVE-2014-9294 ntp-keygen before 4.2.7p230 uses a non-cryptographic random number generator with a weak seed to generate symmetric keys. CVE-2014-9295 A remote unauthenticated...
Solaris 10 (x86) : 143728-06 (deprecated)
SunOS 5.10x86: SunFreeware ntp source patch. Date this patch was last updated by Sun : Mar/03/16 This plugin has been deprecated and either replaced with individual 143728 patch-revision plugins, or deemed non-security related. %NASLMINLEVEL 70300 C Tenable Network Security, Inc. @DEPRECATED@...