FreeBSD : ntp -- multiple vulnerabilities (af485ef4-1c58-11e8-8477-d05099c0ae8c)

Network Time Foundation reports : The NTP Project at Network Time Foundation is releasing ntp-4.2.8p11. This release addresses five security issues in ntpd : - LOW/MEDIUM: Sec 3012 / CVE-2016-1549 / VU961909: Sybil vulnerability: ephemeral association attack - INFO/MEDIUM: Sec 3412 / CVE-2018-718...

RedHat Update for ntp RHSA-2017:3071-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Vulnerabilities Identified in Network Time Protocol Daemon (ntpd)

The Network Time Foundation's NTP Project has has released version ntp-4.2.8p10 to address multiple vulnerabilities in ntpd. Exploitation of some of these vulnerabilities may allow a remote attacker to cause a denial-of-service condition. US-CERT encourages users and administrators to review the...

Vulnerabilities Identified in Network Time Protocol Daemon (ntpd)

The Network Time Foundation's NTP Project has released version ntp-4.2.8p9 to address multiple vulnerabilities in ntpd. Exploitation of some of these vulnerabilities may allow a remote attacker to cause a denial-of-service condition. US-CERT encourages users and administrators to review...

Vulnerabilities Identified in Network Time Protocol Daemon (ntpd)

The Network Time Foundation's NTP Project has released version ntp-4.2.8p8 to address multiple vulnerabilities in ntpd. Exploitation of one of these vulnerabilities may allow a remote attacker to cause a denial-of-service condition. Users and administrators are encouraged to review Vulnerability...

FreeBSD : ntp -- multiple vulnerabilities (b2487d9a-0c30-11e6-acd0-d050996490d0)

Network Time Foundation reports : NTF's NTP Project has been notified of the following low- and medium-severity vulnerabilities that are fixed in ntp-4.2.8p7, released on Tuesday, 26 April 2016 : - Bug 3020 / CVE-2016-1551: Refclock impersonation vulnerability, AKA: refclock-peering. Reported by...

ntp -- multiple vulnerabilities

Network Time Foundation reports: NTF's NTP Project has been notified of the following low- and medium-severity vulnerabilities that are fixed in ntp-4.2.8p7, released on Tuesday, 26 April 2016: Bug 3020 / CVE-2016-1551: Refclock impersonation vulnerability, AKA: refclock-peering. Reported by Matt...

ntp -- multiple vulnerabilities

Network Time Foundation reports: NTF's NTP Project has been notified of the following low- and medium-severity vulnerabilities that are fixed in ntp-4.2.8p6, released on Tuesday, 19 January 2016: Bug 2948 / CVE-2015-8158: Potential Infinite Loop in ntpq. Reported by Cisco ASIG. Bug 2945 /...

Vulnerabilities Identified in Network Time Protocol Daemon (ntpd)

The Network Time Foundation's NTP Project has released an update addressing multiple vulnerabilities in ntpd. Exploitation of some of these vulnerabilities may allow an attacker to cause a denial-of-service DoS condition. Users and administrators are encouraged to review the NTP Security Notice...

ntp -- denial of service vulnerability

Network Time Foundation reports: NTF's NTP Project has been notified of the following 1 medium-severity vulnerability that is fixed in ntp-4.2.8p5, released on Thursday, 7 January 2016: NtpBug2956: Small-step/Big-step CVE-2015-5300...

ntp -- 13 low- and medium-severity vulnerabilities

ntp.org reports: NTF's NTP Project has been notified of the following 13 low- and medium-severity vulnerabilities that are fixed in ntp-4.2.8p4, released on Wednesday, 21 October 2015: Bug 2941 CVE-2015-7871 NAK to the Future: Symmetric association authentication bypass via crypto-NAK Cisco ASIG...

Vulnerabilities Identified in Network Time Protocol Daemon (ntpd)

The Network Time Foundation's NTP Project has released an update addressing multiple vulnerabilities in ntpd. Exploitation of these vulnerabilities may allow an attacker to conduct a man-in-the-middle attack or cause a denial of service condition. Users and administrators are encouraged to review...

NTP Project ntpd reference implementation contains multiple vulnerabilities

Overview NTP Project ntpd reference implementation accepts unauthenticated packets with symmetric key cryptography and does not protect symmetric associations against denial of service attacks. Description CVE-2015-1798, bug 2779:In NTP4 installations utilizing symmetric key authentication,...

NTP Project Network Time Protocol daemon (ntpd) contains multiple vulnerabilities (Updated)

Overview The NTP Project ntpd version 4.2.7 and pervious versions contain several vulnerabilities. ntp-keygen prior to version 4.2.7p230 also uses a non-cryptographic random number generator when generating symmetric keys. These vulnerabilities may affect ntpd acting as a server or client...