Lucene search
SuseSUSE-SU-2015:0322-1HistoryFeb 19, 2015 - 1:05 a.m.
Security update for xntp (important)
2015-02-1901:05:02
lists.opensuse.org
18
0.044 Low
EPSS
Percentile
91.6%
xntp has been updated to fix two security issues:
* CVE-2014-9298: ::1 can be spoofed on some OSes, so ACLs based on
IPv6 ::1 addresses can be bypassed (bnc#911792).
* CVE-2014-9297: vallen is not validated in several places in
ntp_crypto.c, leading to potential info leak (bnc#911792).
Security Issues:
* CVE-2014-9294
<<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9294">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9294</a>>
* CVE-2014-9293
<<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9293">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9293</a>>
* CVE-2014-9298
<<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9298">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9298</a>>
* CVE-2014-9297
<<a href="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9297">http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-9297</a>>
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| SUSE Linux Enterprise Server LTSS | 10.4 | i586 | xntp | < 4.2.4p3-48.27.1 | xntp-4.2.4p3-48.27.1.i586.rpm |
| SUSE Linux Enterprise Server LTSS | 10.4 | x86_64 | xntp | < 4.2.4p3-48.27.1 | xntp-4.2.4p3-48.27.1.x86_64.rpm |
| SUSE Linux Enterprise Server LTSS | 10.4 | s390x | xntp-doc | < 4.2.4p3-48.27.1 | xntp-doc-4.2.4p3-48.27.1.s390x.rpm |
| SUSE Linux Enterprise Server LTSS | 10.4 | s390x | xntp | < 4.2.4p3-48.27.1 | xntp-4.2.4p3-48.27.1.s390x.rpm |
| SUSE Linux Enterprise Server LTSS | 10.4 | x86_64 | xntp-doc | < 4.2.4p3-48.27.1 | xntp-doc-4.2.4p3-48.27.1.x86_64.rpm |
| SUSE Linux Enterprise Server LTSS | 10.4 | i586 | xntp-doc | < 4.2.4p3-48.27.1 | xntp-doc-4.2.4p3-48.27.1.i586.rpm |
Related
nessus
nessus
SUSE SLES10 Security Update : xntp (SUSE-SU-2015:0322-1)
2015-05-20 00:00:00
SuSE 11.3 Security Update : ntp (SAT Patch Number 10293)
2015-02-12 00:00:00
Mandriva Linux Security Advisory : ntp (MDVSA-2015:140)
2015-03-30 00:00:00
suse
suse
Security update for ntp (important)
2015-02-16 19:05:42
Security update for ntp (important)
2015-02-12 03:06:04
Security update for ntp (important)
2015-02-12 21:04:54
openvas
openvas
SUSE: Security Advisory (SUSE-SU-2015:0259-1)
2021-06-09 00:00:00
SUSE: Security Advisory for ntp (SUSE-SU-2015:0274-1)
2015-10-16 00:00:00
SUSE: Security Advisory (SUSE-SU-2015:0259-2)
2021-06-09 00:00:00
ibm
ibm
fedora
fedora
[SECURITY] Fedora 20 Update: ntp-4.2.6p5-20.fc20
2015-02-15 03:17:24
[SECURITY] Fedora 21 Update: ntp-4.2.6p5-27.fc21
2015-02-15 03:25:41
[SECURITY] Fedora 20 Update: ntp-4.2.6p5-22.fc20
2015-04-22 22:55:51
cisco
cisco
Multiple Vulnerabilities in ntpd Affecting Cisco Products
2014-12-22 16:00:00
cert
cert
ics
ics
Network Time Protocol Vulnerabilities (Update C)
2018-08-29 12:00:00
Network Time Protocol Vulnerabilities (Update B)
2018-09-10 12:00:00
Network Time Protocol Vulnerabilities (Supplement Update A)
2015-03-05 12:00:00
securityvulns
securityvulns
ntpd multiple security vulnerabilities
2015-02-11 00:00:00
[USN-2497-1] NTP vulnerabilities
2015-02-11 00:00:00
[SECURITY] [DSA 3108-1] ntp security update
2014-12-23 00:00:00
ubuntu
ubuntu
NTP vulnerabilities
2015-02-09 00:00:00
NTP vulnerabilities
2014-12-22 00:00:00
debian
debian
[SECURITY] [DLA 149-1] ntp security update
2015-02-07 15:26:18
[SECURITY] [DSA 3154-1] ntp security update
2015-02-05 21:13:52
[SECURITY] [DSA 3154-1] ntp security update
2015-02-05 21:13:52
mageia
mageia
Updated ntp packages fix security vulnerabilities
2015-02-11 23:47:51
Updated ntp packages fix security vulnerabilities
2014-12-20 16:51:12
osv
osv
ntp - security update
2015-02-07 00:00:00
ntp - security update
2014-12-20 00:00:00
ntp - security update
2014-12-20 00:00:00
archlinux
archlinux
ntp: multiple issues
2015-02-06 00:00:00
ntp: multiple issues
2014-12-22 00:00:00
amazon
amazon
Medium: ntp
2015-03-23 08:31:00
Important: ntp
2014-12-19 14:00:00
redhat
redhat
(RHSA-2014:2025) Important: ntp security update
2014-12-20 00:00:00
(RHSA-2014:2024) Important: ntp security update
2014-12-20 00:00:00
(RHSA-2015:0104) Important: ntp security update
2015-01-28 00:00:00
aix
aix
oraclelinux
oraclelinux
ntp security update
2014-12-20 00:00:00
ntp security update
2014-12-20 00:00:00
ntp security, bug fix, and enhancement update
2015-07-28 00:00:00
centos
centos
ntp security update
2014-12-20 03:00:03
ntp, ntpdate, sntp security update
2014-12-20 02:57:22
ntp, ntpdate security update
2015-07-26 14:13:05
citrix
citrix
Citrix Security Advisory for NTP Vulnerabilities
2015-01-05 04:00:00
slackware
slackware
[slackware-security] ntp
2014-12-23 05:38:39
arista
arista
Security Advisory 0008
2015-01-09 00:00:00
checkpoint_security
checkpoint_security
veracode
veracode
Authentication Bypass
2019-05-02 05:06:19
Weak Authentication
2019-05-02 05:06:18
Arbitrary Code Execution
2019-05-02 05:06:18
freebsd
freebsd
ntp -- multiple vulnerabilities
2014-12-19 00:00:00
gentoo
gentoo
NTP: Multiple vulnerabilities
2014-12-24 00:00:00
freebsd_advisory
freebsd_advisory
FreeBSD-SA-14:31.ntp
2014-12-23 00:00:00
f5
f5
SOL15934 - NTP vulnerability CVE-2014-9293
2014-12-23 00:00:00
K15934 : NTP vulnerability CVE-2014-9293
2015-04-22 00:00:00
K15935 : NTP vulnerability CVE-2014-9294
2015-09-17 00:00:00
prion
prion
Design/Logic Flaw
2014-12-20 02:59:00
Design/Logic Flaw
2014-12-20 02:59:00
cve
cve
CVE-2014-9293
2014-12-20 02:59:00
CVE-2014-9294
2014-12-20 02:59:00
ubuntucve
ubuntucve
debiancve
debiancve
CVE-2014-9293
2014-12-20 02:59:00
CVE-2014-9294
2014-12-20 02:59:00