Linux Distros Unpatched Vulnerability : CVE-2016-7429

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - NTP before 4.2.8p9 changes the peer structure to the interface it receives the response from a source, which allows remote attackers to cause a denial of servic...

Linux Distros Unpatched Vulnerability : CVE-2015-7973

The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - NTP before 4.2.8p6 and 4.3.x before 4.3.90, when configured in broadcast mode, allows man-in-the-middle attackers to conduct replay attacks by sniffing the...

Meinberg NTP Permissions, Privileges, and Access Controls (CVE-2016-3989)

The NTP time-server interface on Meinberg IMS-LANTIME M3000, IMS- LANTIME M1000, IMS-LANTIME M500, LANTIME M900, LANTIME M600, LANTIME M400, LANTIME M300, LANTIME M200, LANTIME M100, SyncFire 1100, and LCES devices with firmware before 6.20.004 allows remote authenticated users to obtain root...

OPENSUSE-SU-2024:11102-1 ntp-4.2.8p15-7.2 on GA media

These are all security issues fixed in the ntp-4.2.8p15-7.2 package on the GA media of openSUSE Tumbleweed...

SUSE CVE-2019-6445

An issue was discovered in NTPsec before 1.1.3. An authenticated attacker can cause a NULL pointer dereference and ntpd crash in ntpcontrol.c, related to ctlgetitem...

SUSE CVE-2019-6444

An issue was discovered in NTPsec before 1.1.3. processcontrol in ntpcontrol.c has a stack-based buffer over-read because attacker-controlled data is dereferenced by ntohl in ntpd...

EUVD-2016-10120

The control mode mode 6 functionality in ntpd in NTP before 4.2.8p9 allows remote attackers to set or unset traps via a crafted control mode packet...

NICER Protocol Deep Dive: Internet Exposure of NTP

Welcome to the NICER Protocol Deep Dive blog series! When we started researching what all was out on the internet way back in January, we had no idea we'd end up with a hefty, 137-page tome of a research report. The sheer length of such a thing might put off folks who might otherwise learn a thin...

OPENSUSE-SU-2020:1007-1 Security update for ntp

This update for ntp fixes the following issues: ntp was updated to 4.2.8p15 - CVE-2020-11868: Fixed an issue which a server mode packet with spoofed source address frequently send to the client ntpd could have caused denial of service bsc1169740. - CVE-2018-8956: Fixed an issue which could have...

OPENSUSE-SU-2020:0934-1 Security update for ntp

This update for ntp fixes the following issues: ntp was updated to 4.2.8p15 - CVE-2020-11868: Fixed an issue which a server mode packet with spoofed source address frequently send to the client ntpd could have caused denial of service bsc1169740. - CVE-2018-8956: Fixed an issue which could have...

SUSE-SU-2020:1805-1 Security update for ntp

This update for ntp fixes the following issues: ntp was updated to 4.2.8p15 - CVE-2020-11868: Fixed an issue which a server mode packet with spoofed source address frequently send to the client ntpd could have caused denial of service bsc1169740. - CVE-2018-8956: Fixed an issue which could have...

CVE-2019-8936

NTP through 4.2.8p12 has a NULL Pointer Dereference...

OPENSUSE-SU-2019:1143-1 Security update for ntp

This update for ntp fixes the following issues: Security issue fixed: - CVE-2019-8936: Fixed a null pointer exception which could allow an authenticated attcker to cause segmentation fault to ntpd bsc1128525. Other issues addressed: - Fixed several bugs in the BANCOMM reclock driver. - Fixed...

SUSE-SU-2019:14004-1 Security update for ntp

This update for ntp fixes the following issues: Security issue fixed: - CVE-2019-8936: Fixed a null pointer exception which could allow an authenticated attcker to cause segmentation fault to ntpd bsc1128525. Other issues addressed: - Make sure that SLE12 version is higher than the one in SLE11...

SUSE-SU-2019:0789-1 Security update for ntp

This update for ntp fixes the following issues: Security issue fixed: - CVE-2019-8936: Fixed a null pointer exception which could allow an authenticated attcker to cause segmentation fault to ntpd bsc1128525. Other isses addressed: - Fixed an issue which caused openSSL mismatch bsc1125401 - Fixed...

SUSE-SU-2019:0775-1 Security update for ntp

This update for ntp fixes the following issues: Security issue fixed: - CVE-2019-8936: Fixed a null pointer exception which could allow an authenticated attcker to cause segmentation fault to ntpd bsc1128525. Other issues addressed: - Fixed several bugs in the BANCOMM reclock driver. - Fixed...

Low: Red Hat Security Advisory: ntp security update

An update for ntp is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Low. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CVE lin...

SUSE-SU-2018:3356-1 Security update for ntp

NTP was updated to 4.2.8p12 bsc1111853: - CVE-2018-12327: Fixed stack buffer overflow in the openhost command-line call of NTPQ/NTPDC. bsc1098531 - CVE-2018-7170: Add further tweaks to improve the fix for the ephemeral association time spoofing additional protection bsc1083424 Please also see...

SUSE-SU-2018:3342-1 Security update for ntp

NTP was updated to 4.2.8p12 bsc1111853: - CVE-2018-12327: Fixed stack buffer overflow in the openhost command-line call of NTPQ/NTPDC. bsc1098531 - CVE-2018-7170: Add further tweaks to improve the fix for the ephemeral association time spoofing additional protection bsc1083424 Please also see...

SUSE-SU-2018:1765-2 Security update for ntp

This update for ntp fixes the following issues: - Update to 4.2.8p11 bsc1082210: CVE-2016-1549: Sybil vulnerability: ephemeral association attack. While fixed in ntp-4.2.8p7, there are significant additional protections for this issue in 4.2.8p11. CVE-2018-7182: ctlgetitem: buffer read overrun...