MiracleLinux 3 : ntp-4.2.2p1-9.2.2AXS3 (AXSA:2009-434:03)

The remote MiracleLinux 3 host has a package installed that is affected by a vulnerability as referenced in the AXSA:2009-434:03 advisory. The Network Time Protocol NTP is used to synchronize a computer's time with another reference time source. The ntp package contains utilities and daemons that...

PT-2022-6461 · Esr-20 · Esr-20

Name of the Vulnerable Software and Affected Versions: ESR-20 affected versions not specified Description: The issue is related to the lack of protection for service data in the ntpd daemon microcode of the ESR-20 service router. This could allow a remote attacker to gain preliminary information...

Linux: Read /etc/ntp.conf (KB)

The ntpd program is an operating system daemon which sets and maintains the system time of day in synchronism with Internet standard time servers. It is a complete implementation of the Network Time Protocol NTP version 4, but also retains compatibility with version 3, as defined by RFC-1305, and...

[SECURITY] Fedora 28 Update: ntp-4.2.8p13-1.fc28

The Network Time Protocol NTP is used to synchronize a computer's time with another reference time source. This package includes ntpd a daemon which continuously adjusts system time and utilities used to query and configure the ntpd daemon. Perl scripts are in the ntp-perl package, ntpdate is in...

[SECURITY] Fedora 30 Update: ntp-4.2.8p13-1.fc30

The Network Time Protocol NTP is used to synchronize a computer's time with another reference time source. This package includes ntpd a daemon which continuously adjusts system time and utilities used to query and configure the ntpd daemon. Perl scripts are in the ntp-perl package, ntpdate is in...

The vulnerability of the ctl_getitem method in the ntpd daemon, which is part of the NTP time synchronization protocol, arises from reading data within acceptable buffer limits. This allows a malicious actor to cause a service failure.

The vulnerability of the ctlgetitem method in the ntpd daemon, which implements the NTP synchronization protocol, relates to reading beyond the buffer boundaries in memory. Exploiting this vulnerability could allow a malicious actor to cause service failures by using specially crafted mode 6 Troj...

FreeBSD : FreeBSD -- Multiple ntp vulnerabilities (7cfcea05-600a-11e6-a6c3-14dae9d210b8)

Multiple vulnerabilities have been discovered in the NTP suite : The fix for Sec 3007 in ntp-4.2.8p7 contained a bug that could cause ntpd to crash. CVE-2016-4957, Reported by Nicolas Edet of Cisco An attacker who knows the origin timestamp and can send a spoofed packet containing a CRYPTO-NAK to...

[SECURITY] Fedora 22 Update: ntp-4.2.6p5-41.fc22

The Network Time Protocol NTP is used to synchronize a computer's time with another reference time source. This package includes ntpd a daemon which continuously adjusts system time and utilities used to query and configure the ntpd daemon. Perl scripts ntp-wait and ntptrace are in the ntp-perl...

Important: Red Hat Security Advisory: ntp security update

Updated ntp packages that fix one security issue are now available for Red Hat Enterprise Linux 6.5 and 6.6 Extended Update Support. Red Hat Product Security has rated this update as having Important security impact. A Common Vulnerability Scoring System CVSS base score, which gives a detailed...

Scientific Linux Security Update : ntp on SL6.x, SL7.x i386/x86_64 (20151026)

It was discovered that ntpd as a client did not correctly check timestamps in Kiss-of-Death packets. A remote attacker could use this flaw to send a crafted Kiss-of-Death packet to an ntpd client that would increase the client's polling interval value, and effectively disable synchronization with...

[SECURITY] Fedora 23 Update: ntp-4.2.6p5-33.fc23

The Network Time Protocol NTP is used to synchronize a computer's time with another reference time source. This package includes ntpd a daemon which continuously adjusts system time and utilities used to query and configure the ntpd daemon. Perl scripts ntp-wait and ntptrace are in the ntp-perl...

[SECURITY] Fedora 21 Update: ntp-4.2.6p5-30.fc21

The Network Time Protocol NTP is used to synchronize a computer's time with another reference time source. This package includes ntpd a daemon which continuously adjusts system time and utilities used to query and configure the ntpd daemon. Perl scripts ntp-wait and ntptrace are in the ntp-perl...

[SECURITY] Fedora 20 Update: ntp-4.2.6p5-22.fc20

The Network Time Protocol NTP is used to synchronize a computer's time with another reference time source. This package includes ntpd a daemon which continuously adjusts system time and utilities used to query and configure the ntpd daemon. Perl scripts ntp-wait and ntptrace are in the ntp-perl...

[SECURITY] Fedora 20 Update: ntp-4.2.6p5-20.fc20

The Network Time Protocol NTP is used to synchronize a computer's time with another reference time source. This package includes ntpd a daemon which continuously adjusts system time and utilities used to query and configure the ntpd daemon. Perl scripts ntp-wait and ntptrace are in the ntp-perl...

Oracle Linux 5 : ntp (ELSA-2009-1039)

The remote Oracle Linux 5 host has a package installed that is affected by multiple vulnerabilities as referenced in the ELSA-2009-1039 advisory. - fix buffer overflow when parsing Autokey association message 500783, CVE-2009-1252 Tenable has extracted the preceding description block directly fro...

Scientific Linux Security Update : ntp on SL4.x i386/x86_64

A buffer overflow flaw was discovered in the ntpd daemon's NTPv4 authentication code. If ntpd was configured to use public key cryptography for NTP packet authentication, a remote attacker could use this flaw to send a specially crafted request packet that could crash ntpd or, potentially, execut...

FreeBSD Security Advisory (FreeBSD-SA-10:02.ntpd.asc)

The remote host is missing an update to the system as announced in the referenced advisory FreeBSD-SA-10:02.ntpd.asc ADV FreeBSD-SA-10:02.ntpd.asc OpenVAS Vulnerability Test $ Description: Auto generated from ADV FreeBSD-SA-10:02.ntpd.asc Authors: Thomas Reinke Copyright: Copyright c 2010 E-Soft...

RHEL 3 : ntp (RHSA-2009:1651)

An updated ntp package that fixes two security issues is now available for Red Hat Enterprise Linux 3. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The Network Time Protocol NTP is used to synchronize a computer's time with a referenced time...

Mandriva Linux Security Advisory : ntp (MDVSA-2009:309)

Multiple vulnerabilities has been found and corrected in ntp : Requesting peer information from a malicious remote time server may lead to an unexpected application termination or arbitrary code execution CVE-2009-0159. A buffer overflow flaw was discovered in the ntpd daemon's NTPv4 authenticati...

[SECURITY] Fedora 11 Update: ntp-4.2.4p7-2.fc11

The Network Time Protocol NTP is used to synchronize a computer's time with another reference time source. This package includes ntpd a daemon which continuously adjusts system time and utilities used to query and configure the ntpd daemon. Perl scripts ntp-wait and ntptrace are in the ntp-perl...