8 matches found
CVE-2023-21130
In btmbleperiodicadvsynclost of btmblegap.cc, there is a possible remote code execution due to a buffer overflow. This could lead to remote code execution with no additional execution privileges needed. User interaction is not needed for exploitation.Product: AndroidVersions: Android-13Android ID...
SUSE CVE-2015-1799
The symmetric-key feature in the receive function in ntpproto.c in ntpd in NTP 3.x and 4.x before 4.2.8p2 performs state-variable updates upon receiving certain invalid packets, which makes it easier for man-in-the-middle attackers to cause a denial of service synchronization loss by spoofing the...
F5 Networks BIG-IP : NTP vulnerability (K16506)
The symmetric-key feature in the receive function in ntpproto.c in ntpd in NTP 3.x and 4.x before 4.2.8p2 performs state-variable updates upon receiving certain invalid packets, which makes it easier for man-in-the-middle attackers to cause a denial of service synchronization loss by spoofing the...
Updated ntp packages fix security vulnerabilities
Updated ntp packages fix security vulnerabilities: The symmetric-key feature in the receive function in ntpproto.c in ntpd in NTP before 4.2.8p2 requires a correct MAC only if the MAC field has a nonzero length, which makes it easier for man-in-the-middle attackers to spoof packets by omitting th...
CVE-2015-1799
The symmetric-key feature in the receive function in ntpproto.c in ntpd in NTP 3.x and 4.x before 4.2.8p2 performs state-variable updates upon receiving certain invalid packets, which makes it easier for man-in-the-middle attackers to cause a denial of service synchronization loss by spoofing the...
Design/Logic Flaw
The symmetric-key feature in the receive function in ntpproto.c in ntpd in NTP 3.x and 4.x before 4.2.8p2 performs state-variable updates upon receiving certain invalid packets, which makes it easier for man-in-the-middle attackers to cause a denial of service synchronization loss by spoofing the...
CVE-2015-1799
The symmetric-key feature in the receive function in ntpproto.c in ntpd in NTP 3.x and 4.x before 4.2.8p2 performs state-variable updates upon receiving certain invalid packets, which makes it easier for man-in-the-middle attackers to cause a denial of service synchronization loss by spoofing the...
CVE-2015-1799
The symmetric-key feature in the receive function in ntpproto.c in ntpd in NTP 3.x and 4.x before 4.2.8p2 performs state-variable updates upon receiving certain invalid packets, which makes it easier for man-in-the-middle attackers to cause a denial of service synchronization loss by spoofing the...