12 matches found
K64505405: NTP vulnerability CVE-2016-4956
Security Advisory Description ntpd in NTP 4.x before 4.2.8p8 allows remote attackers to cause a denial of service interleaved-mode transition and time change via a spoofed broadcast packet. NOTE: this vulnerability exists because of an incomplete fix for CVE-2016-1548. CVE-2016-4956 Impact In...
Linux: Read /etc/ntp.conf (KB)
The ntpd program is an operating system daemon which sets and maintains the system time of day in synchronism with Internet standard time servers. It is a complete implementation of the Network Time Protocol NTP version 4, but also retains compatibility with version 3, as defined by RFC-1305, and...
SUSE SLES11 Security Update : ntp (SUSE-SU-2016:1311-1)
This network time protocol server ntp was updated to 4.2.8p6 to fix the following issues : Also yast2-ntp-client was updated to match some sntp syntax changes. bsc937837 Major functional changes : - The 'sntp' commandline tool changed its option handling in a major way. - 'controlkey 1' is added...
Ntpd ntp-4.2.6p5 ctl_putdata() Buffer Overflow
/ Ntpd Based on: ntpq client from ntp package Provided for legal security research and testing purposes ONLY PoC DoS Denial of Service PoC. Will crash NTPd. You will need to know the KEY ID and MD5 password, for example put this in you ntp.conf -------------- /etc/ntp.conf -------------- keys...
openSUSE Security Update : ntp (openSUSE-2015-767)
This ntp update provides the following security and non security fixes : - Update to 4.2.8p4 to fix several security issues bsc951608 : - CVE-2015-7871: NAK to the Future: Symmetric association authentication bypass via crypto-NAK - CVE-2015-7855: decodenetnum will ASSERT botch instead of returni...
openSUSE Security Update : ntp (openSUSE-2014-474)
The NTP time service could be used for remote denial of service amplification attacks. This issue can be fixed by the administrator as we described in our security advisory SUSE-SA:2014:001 http://lists.opensuse.org/opensuse-security-announce/2014-01/msg00005. html and on...
openSUSE Security Update : openSUSE-2014- (openSUSE-2014--1)
The NTP time service could be used for remote denial of service amplification attacks. This issue can be fixed by the administrator as we described in our security advisory SUSE-SA:2014:001 http://lists.opensuse.org/opensuse-security-announce/2014-01/msg00005. html and on...
openSUSE Security Update : openSUSE-2014- (openSUSE-2014--1)
The NTP time service could be used for remote denial of service amplification attacks. This issue can be fixed by the administrator as we described in our security advisory SUSE-SA:2014:001 http://lists.opensuse.org/opensuse-security-announce/2014-01/msg00005. html and on...
SuSE 11.3 Security Update : ntp (SAT Patch Number 9540)
The NTP time service could have been used for remote denial of service amplification attacks. This issue can be fixed by the administrator as we described in our security advisory SUSE-SA:2014:001: http://lists.opensuse.org/opensuse-security-announce/2014-01/msg00005. html and on...
SUSE-SU-2015:0259-3 Security update for ntp
The NTP time service could have been used for remote denial of service amplification attacks. This issue can be fixed by the administrator as we described in our security advisory SUSE-SA:2014:001 http://lists.opensuse.org/opensuse-security-announce/2014-01/msg00005.html and on...
TA14-013A: NTP Amplification Attacks Using CVE-2013-5211
NCCIC / US-CERT National Cyber Awareness System: TA14-013A: NTP Amplification Attacks Using CVE-2013-5211 01/13/2014 05:51 PM EST Original release date: January 13, 2014 | Last revised: January 14, 2014 Systems Affected NTP servers Overview A Network Time Protocol NTP Amplification attack is an...
buffer overflow fix for NTP
The version of xntp3 that shipped with Slackware 7.1 as well as the version that was in Slackware -current contains a buffer overflow bug that could lead to a root compromise. Slackware 7.1 and Slackware -current users are urged to upgrade to the new packages available for their release. The...