openGauss: Configuring an NTP Server

The Network Time Protocol NTP is used to synchronize time between clients and servers on the network. By configuring an NTP, you can synchronize the clock of a PC to the Coordinated Universal Time UTC and synchronize system clocks of multiple OSs. Copyright C 2020 Greenbone Networks GmbH Some tex...

[SECURITY] Fedora 32 Update: chrony-3.5.1-1.fc32

chrony is a versatile implementation of the Network Time Protocol NTP. It can synchronise the system clock with NTP servers, reference clocks e.g. GPS receiver, and manual input using wristwatch and keyboard. It can also operate as an NTPv4 RFC 5905 server and peer to provide a time service to...

Medium: ntp

Issue Overview: ntpd in ntp before 4.2.8p14 and 4.3.x before 4.3.100 allows remote attackers to cause a denial of service daemon exit or system time change by predicting transmit timestamps for use in spoofed packets. The victim must be relying on unauthenticated IPv4 time sources. There must be ...

SUSE-SU-2020:1823-1 Security update for ntp

This update for ntp fixes the following issues: ntp was updated to 4.2.8p15 - CVE-2020-11868: Fixed an issue which a server mode packet with spoofed source address frequently send to the client ntpd could have caused denial of service bsc1169740. - CVE-2018-8956: Fixed an issue which could have...

[SECURITY] Fedora 32 Update: ntp-4.2.8p15-1.fc32

The Network Time Protocol NTP is used to synchronize a computer's time with another reference time source. This package includes ntpd a daemon which continuously adjusts system time and utilities used to query and configure the ntpd daemon. Perl scripts are in the ntp-perl package, ntpdate is in...

Fedora: Security Advisory for ntp (FEDORA-2020-a0b39d58db)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

Moderate: Red Hat Security Advisory: ntp security update

An update for ntp is now available for Red Hat Enterprise Linux 7. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is available for each vulnerability from the CV...

DEBIAN-CVE-2020-13817

ntpd in ntp before 4.2.8p14 and 4.3.x before 4.3.100 allows remote attackers to cause a denial of service daemon exit or system time change by predicting transmit timestamps for use in spoofed packets. The victim must be relying on unauthenticated IPv4 time sources. There must be an off-path...

GE Grid Solutions Reason RT Clocks

1. EXECUTIVE SUMMARY CVSS v3 9.6 ATTENTION: Low skill level to exploit/exploitable remotely Vendor: GE Equipment: Grid Solutions Reason RT Clocks Vulnerability: Missing Authentication for Critical Function 2. RISK EVALUATION Successful exploitation of this vulnerability could allow access to...

CVE-2018-8956

ntpd in ntp 4.2.8p10, 4.2.8p11, 4.2.8p12 and 4.2.8p13 allow remote attackers to prevent a broadcast client from synchronizing its clock with a broadcast NTP server via soofed mode 3 and mode 5 packets. The attacker must either be a part of the same broadcast network or control a slave in that...

Time synchronization issues on Windows VMs with the 9.x Citrix VM Tools

On Windows VMs with the xeniface 9.0.0.11 or 9.1.0.4 driver installed, the VM time can become unsynchronized when the time set by the Citrix VM Tools conflicts with the Windows VM's own time synchronization for example, using Active Directory or NTP...

FreeBSD-SA-20:09.ntp

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-20:09.ntp Security Advisory The FreeBSD Project Topic: Multiple denial of service in ntpd Category: contrib Module: ntp Announced: 2020-03-19 Credits: Philippe...

Fedora: Security Advisory for systemd (FEDORA-2020-f8e267d6d0)

The remote host is missing an update for the Copyright C 2020 Greenbone Networks GmbH Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-or-later This program is free software; you can...

SQL Injection Vulnerability in ba***.php File of Kindergarten Online Management System

Xianqi Kindergarten Online Management System is a kindergarten online management system that supports real-time synchronization of data between smartphone APP and computer. A SQL injection vulnerability exists in the ba.php file of the kindergarten online management system. An attacker can exploi...

[SECURITY] Fedora 31 Update: systemd-243.4-1.fc31

systemd is a system and service manager that runs as PID 1 and starts the rest of the system. It provides aggressive parallelization capabilities, uses socket and D-Bus activation for starting services, offers on-demand starting of daemons, keeps track of processes using Linux control groups,...

Siemens Cp1604 Uncontrolled Resource Consumption

A vulnerability has been identified in CP1604 All versions V2.8, CP1616 All versions V2.8, Development/Evaluation Kits for PROFINET IO: DK Standard Ethernet Controller All versions V4.1.1 Patch 05, Development/Evaluation Kits for PROFINET IO: EK-ERTEC 200 All versions V4.5.0 Patch 01,...

CVE-2019-10923

An attacker with network access to an affected product may cause a denial of service condition by breaking the real-time synchronization IRT of the affected installation...

CVE-2019-10923

An attacker with network access to an affected product may cause a denial of service condition by breaking the real-time synchronization IRT of the affected installation...

Design/Logic Flaw

A vulnerability has been identified in SIMATIC S7-400 CPU 414-3 PN/DP V7, SIMATIC S7-400 CPU 414F-3 PN/DP V7, SIMATIC S7-400 CPU 416-3 PN/DP V7, SIMATIC S7-400 CPU 416F-3 PN/DP V7, Development/Evaluation Kits for PROFINET IO: DK Standard Ethernet Controller, Development/Evaluation Kits for PROFIN...

CVE-2019-10923

CVE-2019-10923 affects Siemens Industrial Real-Time devices (e.g., CP1604/CP1616, PROFINET IO DK/EK-ERTEC kits, SCALANCE X‑200IRT, ET200 family, SIMATIC S7-300/400 CPUs, ET200S/ET200M, etc.). A remote attacker with network access can cause a denial of service by breaking the real‑time synchroniza...