CVE-2018-8956

ntpd in ntp 4.2.8p10, 4.2.8p11, 4.2.8p12 and 4.2.8p13 allow remote attackers to prevent a broadcast client from synchronizing its clock with a broadcast NTP server via soofed mode 3 and mode 5 packets. The attacker must either be a part of the same broadcast network or control a slave in that...

FreeBSD-SA-20:09.ntp

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-20:09.ntp Security Advisory The FreeBSD Project Topic: Multiple denial of service in ntpd Category: contrib Module: ntp Announced: 2020-03-19 Credits: Philippe...

Fedora: Security Advisory for systemd (FEDORA-2020-f8e267d6d0)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

[SECURITY] Fedora 30 Update: systemd-241-12.git1e19bcd.fc30

systemd is a system and service manager that runs as PID 1 and starts the rest of the system. It provides aggressive parallelization capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, keeps track of processes using Linux control groups,...

[SECURITY] Fedora 30 Update: ntp-4.2.8p13-1.fc30

The Network Time Protocol NTP is used to synchronize a computer's time with another reference time source. This package includes ntpd a daemon which continuously adjusts system time and utilities used to query and configure the ntpd daemon. Perl scripts are in the ntp-perl package, ntpdate is in...

Yi Home Camera Firmware Downgrade Vulnerability

Yi Home Camera is an IoT home camera sold worldwide. A firmware downgrade vulnerability exists in the time synchronization feature of the Yi Home Camera 27US 1.8.7.0D. An attacker can cause a buffer overflow by intercepting and altering network traffic and exploiting the vulnerability via special...

Yi Technology Home Camera 27US TimeSync Code Execution Vulnerability

Summary An exploitable firmware downgrade vulnerability exists in the time syncing functionality of Yi Home Camera 27US 1.8.7.0D. A specially crafted packet can cause a buffer overflow, resulting in code execution. An attacker can intercept and alter network traffic to trigger this vulnerability...

CVE-2018-0473

A vulnerability in the Precision Time Protocol PTP subsystem of Cisco IOS Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition of the Precision Time Protocol. The vulnerability is due to insufficient processing of PTP packets. An attacker could explo...

Design/Logic Flaw

A vulnerability in the Precision Time Protocol PTP subsystem of Cisco IOS Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition of the Precision Time Protocol. The vulnerability is due to insufficient processing of PTP packets. An attacker could explo...

CVE-2018-0473 Cisco IOS Software Precision Time Protocol Denial of Service Vulnerability

A vulnerability in the Precision Time Protocol PTP subsystem of Cisco IOS Software could allow an unauthenticated, remote attacker to cause a denial of service DoS condition of the Precision Time Protocol. The vulnerability is due to insufficient processing of PTP packets. An attacker could explo...

Design/Logic Flaw

A vulnerability has been identified in SICLOCK TC100 All versions and SICLOCK TC400 All versions. An attacker with network access to the device could cause a Denial-of-Service condition by sending certain packets to the device, causing potential reboots of the device. The core functionality of th...

CVE-2018-4851

A vulnerability has been identified in SICLOCK TC100 All versions and SICLOCK TC400 All versions. An attacker with network access to the device could cause a Denial-of-Service condition by sending certain packets to the device, causing potential reboots of the device. The core functionality of th...

CVE-2018-4851

A vulnerability has been identified in SICLOCK TC100 All versions and SICLOCK TC400 All versions. An attacker with network access to the device could cause a Denial-of-Service condition by sending certain packets to the device, causing potential reboots of the device. The core functionality of th...

CVE-2018-4851

The CVE-2018-4851 issue affects Siemens SICLOCK TC100 and TC400 (all versions). An attacker with network access can trigger a Denial-of-Service by sending specific packets, potentially rebooting the device and impacting core functionality. Time-serving resumes after time synchronization with GPS ...

FreeBSD-SA-18:02.ntp

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-18:02.ntp Security Advisory The FreeBSD Project Topic: Multiple vulnerabilities of ntp Category: contrib Module: ntp Announced: 2018-03-07 Credits: Network Time...

CentOS 6 : ntp (CESA-2017:3071)

An update for ntp is now available for Red Hat Enterprise Linux 6. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CV...

RedHat Update for ntp RHSA-2017:3071-01

The remote host is missing an update for the SPDX-FileCopyrightText: 2017 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Tor: Cross-domain linkability when system time changed in Tor Browser

This report is inspired by 257942. That report uses languagechange event as an indicator for different tabs to link multiple visits to a single user. This report uses another trick to achieve the same thing. Malicious websites keeps reading Date.now inside a setInterval loop with a short interval...

RHEL 7 : kernel (RHSA-2017:2770)

The remote Redhat Enterprise Linux 7 host has packages installed that are affected by a vulnerability as referenced in the RHSA-2017:2770 advisory. The kernel packages contain the Linux kernel, the core of any Linux operating system. Security Fixes: A race condition was found in the Linux kernel,...

Important: Red Hat Security Advisory: kernel security and bug fix update

An update for kernel is now available for Red Hat Enterprise Linux 7.3 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for...