27 matches found
EUVD-2025-30196
Malicious code in bioql PyPI...
Linux Distros Unpatched Vulnerability : CVE-2020-13817
The Linux/Unix host has one or more packages installed that are impacted by a vulnerability without a vendor supplied patch available. - ntpd in ntp before 4.2.8p14 and 4.3.x before 4.3.100 allows remote attackers to cause a denial of service daemon exit or system time change by predicting transm...
SUSE: Security Advisory (SUSE-SU-2018:3352-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2018:3386-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
SUSE: Security Advisory (SUSE-SU-2018:3351-1)
The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
UBUNTU-CVE-2020-13817
ntpd in ntp before 4.2.8p14 and 4.3.x before 4.3.100 allows remote attackers to cause a denial of service daemon exit or system time change by predicting transmit timestamps for use in spoofed packets. The victim must be relying on unauthenticated IPv4 time sources. There must be an off-path...
SUSE SLES15 Security Update : ntp (SUSE-SU-2018:3386-1)
NTP was updated to 4.2.8p12 bsc1111853 : CVE-2018-12327: Fixed stack-based buffer overflow in the openhost command-line call of NTPQ/NTPDC. bsc1098531 CVE-2018-7170: Add further tweaks to improve the fix for the ephemeral association time spoofing additional protection bsc1083424 Please also see...
Security update for ntp (moderate)
NTP was updated to 4.2.8p12 bsc1111853: - CVE-2018-12327: Fixed stack buffer overflow in the openhost command-line call of NTPQ/NTPDC. bsc1098531 - CVE-2018-7170: Add further tweaks to improve the fix for the ephemeral association time spoofing additional protection bsc1083424 Please also see...
Security update for ntp (moderate)
This update for NTP to version 4.2.8p12 fixes the following vulnerabilities bsc1111853: - CVE-2018-12327: Fixed stack buffer overflow in the openhost command-line call of NTPQ/NTPDC. bsc1098531 - CVE-2018-7170: Add further tweaks to improve the fix for the ephemeral association time spoofing...
SUSE SLES12 Security Update : ntp (SUSE-SU-2018:3351-1)
NTP was updated to 4.2.8p12 bsc1111853 : CVE-2018-12327: Fixed stack-based buffer overflow in the openhost command-line call of NTPQ/NTPDC. bsc1098531 CVE-2018-7170: Add further tweaks to improve the fix for the ephemeral association time spoofing additional protection bsc1083424 Please also see...
SUSE SLES11 Security Update : ntp (SUSE-SU-2018:3352-1)
NTP was updated to 4.2.8p12 bsc1111853 : CVE-2018-12327: Fixed stack-based buffer overflow in the openhost command-line call of NTPQ/NTPDC. bsc1098531 CVE-2018-7170: Add further tweaks to improve the fix for the ephemeral association time spoofing additional protection bsc1083424 Please also see...
Amazon Linux 2 : ntp (ALAS-2018-1009)
Ephemeral association time spoofing additional protection ntpd in ntp 4.2.x before 4.2.8p7 and 4.3.x before 4.3.92 allows authenticated users that know the private symmetric key to create arbitrarily-many ephemeral associations in order to win the clock selection of ntpd and modify a victim's clo...
Amazon Linux AMI : ntp (ALAS-2018-1009)
Ephemeral association time spoofing additional protection ntpd in ntp 4.2.x before 4.2.8p7 and 4.3.x before 4.3.92 allows authenticated users that know the private symmetric key to create arbitrarily-many ephemeral associations in order to win the clock selection of ntpd and modify a victim's clo...
Network Time Protocol Forced Interleaved Time Spoofing Vulnerability(CVE-2016-1548)
SUMMARY It is possible to change the time of an ntpd client or deny service to an ntpd client by forcing it to change from basic client/server mode to interleaved symmetric mode. An attacker can spoof a packet from a legitimate ntpd server with an origin timestamp that matches the peer-dst...
The NTP daemon has a number of vulnerabilities need to fix-vulnerability warning-the black bar safety net
! Cisco to the Linux Foundation's Core Infrastructure implementation plan submitted by a number of the Network Time Protocol daemon vulnerability. They can allow an attacker to forge a UDP packet, causing a denial of service;or stop to set the correct time. Cisco's Talos security intelligence and...
Network Time Protocol Ephemeral Association Time Spoofing Vulnerability
SUMMARY ntpd is vulnerable to Sybil attacks. A malicious authenticated peer can create arbitrarily-many ephemeral associations in order to win ntpd’s clock selection algorithm and modify a victim’s clock. TESTED VERSIONS NTP 4.2.8p3 NTP 4.2.8p4 NTPsec 3e160db8dc248a0bcb053b56a80167dc742d2b74 NTPs...
CVE-2015-3757
Apple OS X before 10.10.5 does not properly restrict access to the Date & Time preferences pane, which allows local users to spoof the time by visiting this pane...
CVE-2012-3737
The Passcode Lock implementation in Apple iOS before 6 does not properly restrict photo viewing, which allows physically proximate attackers to view arbitrary stored photos by spoofing a time value...
Scientific Linux Security Update : ntp on SL4.x, SL5.x i386/x86_64
A flaw was discovered in the way the ntpd daemon checked the return value of the OpenSSL EVPVerifyFinal function. On systems using NTPv4 authentication, this could lead to an incorrect verification of cryptographic signatures, allowing time-spoofing attacks. CVE-2009-0021 Note: This issue only...
CentOS Update for ntp CESA-2009:0046 centos5 i386
The remote host is missing an update for the SPDX-FileCopyrightText: 2011 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription scriptxrefname:"URL",...