Lucene search
K

1468 matches found

Cent OS
Cent OS
added 2009/05/21 2:43 p.m.88 views

ntp security update

CentOS Errata and Security Advisory CESA-2009:1040 An updated ntp package that fixes two security issues is now available for Red Hat Enterprise Linux 4. This update has been rated as having critical security impact by the Red Hat Security Response Team. The Network Time Protocol NTP is used to...

6.8CVSS7.2AI score0.21123EPSS
Exploits2References8
OSV
OSV
added 2009/05/19 12:0 a.m.31 views

DSA-1801-1 ntp - several vulnerabilities

Bulletin has no description...

6.8CVSS7.7AI score0.21123EPSS
Exploits2
RedHat Linux
RedHat Linux
added 2009/05/18 8:51 p.m.4 views

ntp: remote arbitrary code execution vulnerability if autokeys is enabled

Stack-based buffer overflow in the cryptorecv function in ntpcrypto.c in ntpd in NTP before 4.2.4p7 and 4.2.5 before 4.2.5p74, when OpenSSL and autokey are enabled, allows remote attackers to execute arbitrary code via a crafted packet containing an extension field...

6.8CVSS7.2AI score0.21123EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2009/05/18 8:51 p.m.36 views

Critical: Red Hat Security Advisory: ntp security update

An updated ntp package that fixes two security issues is now available for Red Hat Enterprise Linux 4. This update has been rated as having critical security impact by the Red Hat Security Response Team. The Network Time Protocol NTP is used to synchronize a computer's time with a referenced time...

6.8CVSS7.2AI score0.21123EPSS
Exploits2References3
RedHat Linux
RedHat Linux
added 2009/05/18 8:33 p.m.5 views

ntp: remote arbitrary code execution vulnerability if autokeys is enabled

Stack-based buffer overflow in the cryptorecv function in ntpcrypto.c in ntpd in NTP before 4.2.4p7 and 4.2.5 before 4.2.5p74, when OpenSSL and autokey are enabled, allows remote attackers to execute arbitrary code via a crafted packet containing an extension field...

6.8CVSS7.2AI score0.21123EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2009/05/18 8:33 p.m.5 views

ntp: buffer overflow in ntpq

Stack-based buffer overflow in the cookedprint function in ntpq/ntpq.c in ntpq in NTP before 4.2.4p7-RC2 allows remote NTP servers to execute arbitrary code via a crafted response...

6.8CVSS7.2AI score0.13228EPSS
Exploits1References4
RedHat Linux
RedHat Linux
added 2009/05/18 8:33 p.m.40 views

Important: Red Hat Security Advisory: ntp security update

An updated ntp package that fixes two security issues is now available for Red Hat Enterprise Linux 5. This update has been rated as having important security impact by the Red Hat Security Response Team. The Network Time Protocol NTP is used to synchronize a computer's time with a referenced tim...

6.8CVSS6.8AI score0.21123EPSS
Exploits2References3
CERT
CERT
added 2009/05/18 12:0 a.m.143 views

ntpd autokey stack buffer overflow

Overview ntpd contains a stack buffer overflow, which may allow a remote, unauthenticated attacker to execute arbitrary code on a vulnerable system or create a denial of service. Description NTP Network Time Protocol is a method by which client machines can synchronize the local date and time wit...

6.8CVSS8.3AI score0.21123EPSS
Exploits1References5
OSV
OSV
added 2009/04/14 3:30 p.m.2 views

DEBIAN-CVE-2009-0159

Stack-based buffer overflow in the cookedprint function in ntpq/ntpq.c in ntpq in NTP before 4.2.4p7-RC2 allows remote NTP servers to execute arbitrary code via a crafted response...

6.8CVSS8.3AI score0.13228EPSS
Exploits1References1
seebug.org
seebug.org
added 2009/04/13 12:0 a.m.82 views

NTP ntpq命令远程栈溢出溢出漏洞

BUGTRAQ ID: 34481 CVECAN ID: CVE-2009-0159 NTP(Network Time Protocol)是用于通过网络同步计算机时钟的协议。 ntpq程序中存在栈溢出漏洞。如果用户使用ntpq命令从远程时间服务器请求了对等端信息且服务器返回了恶意响应的话,就可能触发这个溢出。由于溢出仅限于两个字节,因此最可能的结果是拒绝服务。 University of Delaware NTP 4.2.4 厂商补丁: University of Delaware ----------------------...

6.8CVSS0.9AI score0.13228EPSS
Exploits1
OpenVAS
OpenVAS
added 2009/02/02 12:0 a.m.14 views

RedHat Security Advisory RHSA-2009:0046

The remote host is missing updates announced in advisory RHSA-2009:0046. The Network Time Protocol NTP is used to synchronize a computer SPDX-FileCopyrightText: 2009 E-Soft Inc. Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holder...

5CVSS7.5AI score0.03218EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2009/01/29 9:45 a.m.30 views

Moderate: Red Hat Security Advisory: ntp security update

Updated ntp packages to correct a security issue are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The Network Time Protocol NTP is used to synchronize a computer's time with a referenced ti...

5CVSS6.5AI score0.03218EPSS
Exploits0References2
RedHat Linux
RedHat Linux
added 2009/01/29 9:45 a.m.4 views

ntp incorrectly checks for malformed signatures

NTP 4.2.4 before 4.2.4p5 and 4.2.5 before 4.2.5p150 does not properly check the return value from the OpenSSL EVPVerifyFinal function, which allows remote attackers to bypass validation of the certificate chain via a malformed SSL/TLS signature for DSA and ECDSA keys, a similar vulnerability to...

5CVSS6.9AI score0.03218EPSS
Exploits0References4
Tenable Nessus
Tenable Nessus
added 2009/01/29 12:0 a.m.29 views

RHEL 4 / 5 : ntp (RHSA-2009:0046)

Updated ntp packages to correct a security issue are now available for Red Hat Enterprise Linux 4 and 5. This update has been rated as having moderate security impact by the Red Hat Security Response Team. The Network Time Protocol NTP is used to synchronize a computer's time with a referenced ti...

7.5CVSS7.2AI score0.05146EPSS
Exploits6References13
Check Point Advisories
Check Point Advisories
added 2009/01/25 12:0 a.m.3 views

Update Protection against Multiple Vendors NTP Mode 7 Denial of Service

A denial of service vulnerability exists in the Network Time Protocol NTP, a product shipped by many vendors. The vulnerability is due to incorrect handling of mode 7 MODEPRIVATE requests. A remote unauthenticated attacker can exploit this vulnerability by sending a maliciously crafted mode 7...

6.4CVSS6.6AI score0.32288EPSS
Exploits3
Fedora
Fedora
added 2009/01/24 2:34 a.m.31 views

[SECURITY] Fedora 10 Update: ntp-4.2.4p6-1.fc10

The Network Time Protocol NTP is used to synchronize a computer's time with another reference time source. This package includes ntpd a daemon which continuously adjusts system time and utilities used to query and configure the ntpd daemon. Perl scripts ntp-wait and ntptrace are in the ntp-perl...

5.8CVSS1.1AI score0.05146EPSS
Exploits1
Fedora
Fedora
added 2009/01/24 2:32 a.m.43 views

[SECURITY] Fedora 9 Update: ntp-4.2.4p6-1.fc9

The Network Time Protocol NTP is used to synchronize a computer's time with another reference time source. This package includes ntpd a daemon which continuously adjusts system time and utilities used to query and configure the ntpd daemon. Perl scripts ntp-wait and ntptrace are in the ntp-perl...

5.8CVSS1.1AI score0.05146EPSS
Exploits1
OpenVAS
OpenVAS
added 2009/01/20 12:0 a.m.34 views

FreeBSD Security Advisory (FreeBSD-SA-09:03.ntpd.asc)

The remote host is missing an update to the system as announced in the referenced advisory FreeBSD-SA-09:03.ntpd.asc ADV FreeBSD-SA-09:03.ntpd.asc OpenVAS Vulnerability Test $ Description: Auto generated from ADV FreeBSD-SA-09:03.ntpd.asc Authors: Thomas Reinke Copyright: Copyright c 2009 E-Soft...

5CVSS7.7AI score0.03218EPSS
Exploits0
Tenable Nessus
Tenable Nessus
added 2009/01/14 12:0 a.m.27 views

Debian DSA-1702-1 : ntp - interpretation conflict

It has been discovered that NTP, an implementation of the Network Time Protocol, does not properly check the result of an OpenSSL function for verifying cryptographic signatures, which may ultimately lead to the acceptance of unauthenticated time information. Note that cryptographic authenticatio...

7.5CVSS7.2AI score0.05146EPSS
Exploits6References13
Debian
Debian
added 2009/01/12 8:34 p.m.26 views

[SECURITY] [DSA 1702-1] New ntp packages fix cryptographic weakness

------------------------------------------------------------------------ Debian Security Advisory DSA-1702-1 [email protected] http://www.debian.org/security/ Florian Weimer January 12, 2009 http://www.debian.org/security/faq -...

5CVSS6.5AI score0.03218EPSS
Exploits0
Rows per page
Query Builder