142 matches found
DEBIAN-CVE-2020-8622
In BIND 9.0.0 - 9.11.21, 9.12.0 - 9.16.5, 9.17.0 - 9.17.3, also affects 9.9.3-S1 - 9.11.21-S1 of the BIND 9 Supported Preview Edition, An attacker on the network path for a TSIG-signed request, or operating the server receiving the TSIG-signed request, could send a truncated response to that...
EulerOS 2.0 SP8 : ntp (EulerOS-SA-2020-1817)
According to the versions of the ntp packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - ntpd in ntp before 4.2.8p14 and 4.3.x before 4.3.100 allows an off-path attacker to block unauthenticated synchronization via a server mode packet...
Amazon Linux 2 : ntp (ALAS-2020-1455)
The version of ntp installed on the remote host is prior to 4.2.6p5-29. It is, therefore, affected by multiple vulnerabilities as referenced in the ALAS2-2020-1455 advisory. ntpd in ntp before 4.2.8p14 and 4.3.x before 4.3.100 allows remote attackers to cause a denial of service daemon exit or...
Security update for ntp (moderate)
openSUSE Security Update: Security update for ntp Announcement ID: openSUSE-SU-2020:1007-1 Rating: moderate References: 1125401 1169740 1171355 1172651 1173334 992038 Cross-References: CVE-2018-8956 CVE-2020-11868 CVE-2020-13817 CVE-2020-15025 Affected Products: openSUSE Leap 15.2 An update that...
Medium: ntp
Issue Overview: ntpd in ntp before 4.2.8p14 and 4.3.x before 4.3.100 allows remote attackers to cause a denial of service daemon exit or system time change by predicting transmit timestamps for use in spoofed packets. The victim must be relying on unauthenticated IPv4 time sources. There must be ...
EulerOS 2.0 SP2 : ntp (EulerOS-SA-2020-1684)
According to the version of the ntp packages installed, the EulerOS installation on the remote host is affected by the following vulnerability : - ntpd in ntp before 4.2.8p14 and 4.3.x before 4.3.100 allows an off-path attacker to block unauthenticated synchronization via a server mode packet wit...
CVE-2020-13817
A high-performance ntpd instance that gets its time from unauthenticated IPv4 time sources may be vulnerable to an off-path attacker who can query time from the victim's ntpd instance. An attacker who can send a large number of packets with the spoofed IPv4 address of the upstream server can use...
DEBIAN-CVE-2020-13817
ntpd in ntp before 4.2.8p14 and 4.3.x before 4.3.100 allows remote attackers to cause a denial of service daemon exit or system time change by predicting transmit timestamps for use in spoofed packets. The victim must be relying on unauthenticated IPv4 time sources. There must be an off-path...
UBUNTU-CVE-2020-13817
ntpd in ntp before 4.2.8p14 and 4.3.x before 4.3.100 allows remote attackers to cause a denial of service daemon exit or system time change by predicting transmit timestamps for use in spoofed packets. The victim must be relying on unauthenticated IPv4 time sources. There must be an off-path...
CVE-2020-13817
ntpd in ntp before 4.2.8p14 and 4.3.x before 4.3.100 allows remote attackers to cause a denial of service daemon exit or system time change by predicting transmit timestamps for use in spoofed packets. The victim must be relying on unauthenticated IPv4 time sources. There must be an off-path...
Updated ntp packages fix security vulnerability
The updated packages fix security vulnerabilities including: ntpd in ntp before 4.2.8p14 and 4.3.x before 4.3.100 allows an off-path attacker to block unauthenticated synchronization via a server mode packet with a spoofed source IP address, because transmissions are rescheduled even when a packe...
CVE-2020-11868
A flaw was found in the Network Time Protocol NTP, where a security issue exists that allows an off-path attacker to prevent the Network Time Protocol daemon ntpd from synchronizing with NTP servers not using authentication. A server mode packet with a spoofed source address sent to the client nt...
CVE-2020-11868
ntpd in ntp before 4.2.8p14 and 4.3.x before 4.3.100 allows an off-path attacker to block unauthenticated synchronization via a server mode packet with a spoofed source IP address, because transmissions are rescheduled even when a packet lacks a valid origin timestamp...
DEBIAN-CVE-2020-11868
ntpd in ntp before 4.2.8p14 and 4.3.x before 4.3.100 allows an off-path attacker to block unauthenticated synchronization via a server mode packet with a spoofed source IP address, because transmissions are rescheduled even when a packet lacks a valid origin timestamp...
Design/Logic Flaw
ntpd in ntp before 4.2.8p14 and 4.3.x before 4.3.100 allows an off-path attacker to block unauthenticated synchronization via a server mode packet with a spoofed source IP address, because transmissions are rescheduled even when a packet lacks a valid origin timestamp...
CVE-2020-11868
ntpd in ntp before 4.2.8p14 and 4.3.x before 4.3.100 allows an off-path attacker to block unauthenticated synchronization via a server mode packet with a spoofed source IP address, because transmissions are rescheduled even when a packet lacks a valid origin timestamp...
CVE-2020-11868
ntpd in ntp before 4.2.8p14 and 4.3.x before 4.3.100 allows an off-path attacker to block unauthenticated synchronization via a server mode packet with a spoofed source IP address, because transmissions are rescheduled even when a packet lacks a valid origin timestamp...
CVE-2020-11868
NTOP vulnerability CVE-2020-11868 affects ntp in ntp (before 4.2.8p14 and 4.3.x before 4.3.100). An off-path attacker can block unauthenticated synchronization by sending a server-mode packet with a spoofed source IP, because transmissions can be rescheduled even when the origin timestamp is inva...
CVE-2020-11868
ntpd in ntp before 4.2.8p14 and 4.3.x before 4.3.100 allows an off-path attacker to block unauthenticated synchronization via a server mode packet with a spoofed source IP address, because transmissions are rescheduled even when a packet lacks a valid origin timestamp...
CVE-2020-11868
ntpd in ntp before 4.2.8p14 and 4.3.x before 4.3.100 allows an off-path attacker to block unauthenticated synchronization via a server mode packet with a spoofed source IP address, because transmissions are rescheduled even when a packet lacks a valid origin timestamp...