20 matches found
EUVD-2023-53905
Malicious code in bioql PyPI...
SUSE CVE-2023-4012
ntpd will crash if the server is not NTS-enabled no certificate and it receives an NTS-enabled client request mode 3...
[SECURITY] [DSA 5466-1] ntpsec security update
------------------------------------------------------------------------- Debian Security Advisory DSA-5466-1 [email protected] https://www.debian.org/security/ Salvatore Bonaccorso August 04, 2023 https://www.debian.org/security/faq -...
SUSE CVE-2019-6445
An issue was discovered in NTPsec before 1.1.3. An authenticated attacker can cause a NULL pointer dereference and ntpd crash in ntpcontrol.c, related to ctlgetitem...
EulerOS Virtualization for ARM 64 3.0.2.0 : ntp (EulerOS-SA-2019-1938)
According to the versions of the ntp packages installed, the EulerOS Virtualization for ARM 64 installation on the remote host is affected by the following vulnerabilities : - The Network Time Protocol NTP is used to synchronize a computer's time with another reference time source. This package...
CVE-2019-6445
An issue was discovered in NTPsec before 1.1.3. An authenticated attacker can cause a NULL pointer dereference and ntpd crash in ntpcontrol.c, related to ctlgetitem...
Null pointer dereference
An issue was discovered in NTPsec before 1.1.3. An authenticated attacker can cause a NULL pointer dereference and ntpd crash in ntpcontrol.c, related to ctlgetitem...
CVE-2019-6445
An issue was discovered in NTPsec before 1.1.3. An authenticated attacker can cause a NULL pointer dereference and ntpd crash in ntpcontrol.c, related to ctlgetitem...
CVE-2019-6445
An issue was discovered in NTPsec before 1.1.3. An authenticated attacker can cause a NULL pointer dereference and ntpd crash in ntpcontrol.c, related to ctlgetitem...
CVE-2019-6445
Summary: CVE-2019-6445 affects NTPsec prior to 1.1.3. An authenticated attacker can trigger a NULL pointer dereference in ntp_control.c (ctl_getitem), causing ntpd to crash. The issue is confirmed in multiple advisories and vendor/plugin postings tied to the 1.1.3 release. Affected component: ntp...
CVE-2019-6445
An issue was discovered in NTPsec before 1.1.3. An authenticated attacker can cause a NULL pointer dereference and ntpd crash in ntpcontrol.c, related to ctlgetitem...
CVE-2019-6445
An issue was discovered in NTPsec before 1.1.3. An authenticated attacker can cause a NULL pointer dereference and ntpd crash in ntpcontrol.c, related to ctlgetitem...
ntp: Buffer Overflow in DPTS Clock
A vulnerability was found in NTP, in the parsing of packets from the /dev/datum device. A malicious device could send crafted messages, causing ntpd to crash...
CVE-2015-5194
The logconfigcommand function in ntpparser.y in ntpd in NTP before 4.2.7p42 allows remote attackers to cause a denial of service ntpd crash via crafted logconfig commands...
CVE-2015-5194
The logconfigcommand function in ntpparser.y in ntpd in NTP before 4.2.7p42 allows remote attackers to cause a denial of service ntpd crash via crafted logconfig commands...
CVE-2017-6464
CVE-2017-6464: NTP denial of service via a malformed mode configuration directive. A remote authenticated attacker could crash ntpd. Affected are ntp in ntp 4.2.x prior to 4.2.8p10 and 4.3.x prior to 4.3.94. Connected advisories/entries confirm fixes and updates to remediate, e.g., Red Hat/CentOS...
ntp: incomplete checks in ntp_crypto.c
It was found that the fix for CVE-2014-9750 was incomplete: three issues were found in the value length checks in NTP's ntpcrypto.c, where a packet with particular autokey operations that contained malicious data was not always being completely validated. A remote attacker could use a specially...
NTP Incomplete Fix Denial of Service Vulnerability
NTP Network Time Protocol is a network protocol that synchronizes the clocks of two computers by exchanging packets. A security vulnerability exists in NTP versions prior to 4.2.8p4 and 4.3.x prior to 4.3.77. due to the program failing to properly check packet length. An attacker could exploit th...
F5 Networks BIG-IP : NTP vulnerability (SOL16392)
The vallen packet value is not validated in several code paths in ntpcrypto.c which can lead to information leakage or a possible crash of ntpd. C Tenable Network Security, Inc. The descriptive text and package checks in this plugin were extracted from F5 Networks BIG-IP Solution SOL16392. The te...
Updated ntp packages fix security vulnerabilities
Updated ntp packages fix security vulnerability: A flaw was found in the way ntpd processed certain remote configuration packets. An attacker could use a specially crafted package to cause ntpd to crash if the attacker had authenticated access to remote ntpd configuration CVE-2015-5146. It was...