Download
| Alert*
oval:org.secpod.oval:def:500638
The Network Time Protocol is used to synchronize a computer"s time with a referenced time source. A buffer overflow flaw was discovered in the ntpd daemon"s NTPv4 authentication code. If ntpd was configured to use public key cryptography for NTP packet authentication, a remote attacker could use th ... oval:org.secpod.oval:def:202189 The Network Time Protocol is used to synchronize a computer"s time with a referenced time source. A buffer overflow flaw was discovered in the ntpd daemon"s NTPv4 authentication code. If ntpd was configured to use public key cryptography for NTP packet authentication, a remote attacker could use th ... oval:org.secpod.oval:def:202084 The Network Time Protocol is used to synchronize a computer"s time with a referenced time source. A buffer overflow flaw was discovered in the ntpd daemon"s NTPv4 authentication code. If ntpd was configured to use public key cryptography for NTP packet authentication, a remote attacker could use th ... oval:org.secpod.oval:def:114206 The Network Time Protocol is used to synchronize a computer's time with another reference time source. This package includes ntpd and utilities used to query and configure the ntpd daemon. Perl scripts are in the ntp-perl package, ntpdate is in the ntpdate package and sntp is in the sntp packa ... oval:org.secpod.oval:def:37674 ntp: Network Time Protocol daemon and utility programs Several security issues were fixed in NTP. oval:org.secpod.oval:def:115130 The Network Time Protocol is used to synchronize a computer's time with another reference time source. This package includes ntpd and utilities used to query and configure the ntpd daemon. Perl scripts are in the ntp-perl package, ntpdate is in the ntpdate package and sntp is in the sntp packa ... oval:org.secpod.oval:def:400748 ntp was updated to version 4.2.8p8 to fix 17 security issues. These security issues were fixed: - CVE-2016-4956: Broadcast interleave . - CVE-2016-2518: Crafted addpeer with hmode > 7 causes array wraparound with MATCH_ASSOC . - CVE-2016-2519: ctl_getitem return value not always checked . - CVE-2 ... oval:org.secpod.oval:def:602572 Several vulnerabilities were discovered in the Network Time Protocol daemon and utility programs: CVE-2015-7974 Matt Street discovered that insufficient key validation allows impersonation attacks between authenticated peers. CVE-2015-7977 / CVE-2015-7978 Stephen Gray discovered that a NULL pointer ... oval:org.secpod.oval:def:114196 The Network Time Protocol is used to synchronize a computer's time with another reference time source. This package includes ntpd and utilities used to query and configure the ntpd daemon. Perl scripts are in the ntp-perl package, ntpdate is in the ntpdate package and sntp is in the sntp packa ... oval:org.secpod.oval:def:204167 The Network Time Protocol is used to synchronize a computer"s time with another referenced time source. These packages include the ntpd service which continuously adjusts system time and utilities used to query and configure the ntpd service. Security Fix: * It was found that the fix for CVE-2014-9 ... oval:org.secpod.oval:def:400712 ntp was updated to version 4.2.8p8 to fix five security issues. These security issues were fixed: - CVE-2016-4953: Bad authentication demobilizes ephemeral associations . - CVE-2016-4954: Processing spoofed server packets . - CVE-2016-4955: Autokey association reset . - CVE-2016-4956: Broadcast inte ... oval:org.secpod.oval:def:501930 The Network Time Protocol is used to synchronize a computer"s time with another referenced time source. These packages include the ntpd service which continuously adjusts system time and utilities used to query and configure the ntpd service. Security Fix: * It was found that the fix for CVE-2014-9 ... oval:org.secpod.oval:def:1501664 The Network Time Protocol is used to synchronize a computer"s time with another referenced time source. These packages include the ntpd service which continuously adjusts system time and utilities used to query and configure the ntpd service. Security Fix: * It was found that when NTP was configure ... oval:org.secpod.oval:def:400710 This update for ntp to 4.2.8p7 fixes the following issues: * CVE-2016-1547, bsc#977459: Validate crypto-NAKs, AKA: CRYPTO-NAK DoS. * CVE-2016-1548, bsc#977461: Interleave-pivot * CVE-2016-1549, bsc#977451: Sybil vulnerability: ephemeral association attack. * CVE-2016-1550, bsc#977464: Improve NTP se ... oval:org.secpod.oval:def:400676 ntp was updated to version 4.2.8p6 to fix 28 security issues. Major functional changes: - The "sntp" commandline tool changed its option handling in a major way, some options have been renamed or dropped. - "controlkey 1" is added during update to ntp.conf to allow sntp to work. ... oval:org.secpod.oval:def:703298 ntp: Network Time Protocol daemon and utility programs Several security issues were fixed in NTP. oval:org.secpod.oval:def:110183 The Network Time Protocol is used to synchronize a computer"s time with another reference time source. This package includes ntpd and utilities used to query and configure the ntpd daemon. Perl scripts ntp-wait and ntptrace are in the ntp-perl package, ntpdate is in the ntpdate package and sntp is ... oval:org.secpod.oval:def:1600389 It was discovered that ntpd as a client did not correctly check the originate timestamp in received packets. A remote attacker could use this flaw to send a crafted packet to an ntpd client that would effectively disable synchronization with the server, or push arbitrary offset/delay measurements to ... oval:org.secpod.oval:def:51513 ntp: Network Time Protocol daemon and utility programs Several security issues were fixed in NTP. oval:org.secpod.oval:def:1700033 Ephemeral association time spoofing additional protectionntpd in ntp 4.2.x before 4.2.8p7 and 4.3.x before 4.3.92 allows authenticated users that know the private symmetric key to create arbitrarily-many ephemeral associations in order to win the clock selection of ntpd and modify a victims clock vi ... oval:org.secpod.oval:def:52812 ntp: Network Time Protocol daemon and utility programs Several security issues were fixed in NTP. oval:org.secpod.oval:def:52613 ntp: Network Time Protocol daemon and utility programs Several security issues were fixed in NTP. oval:org.secpod.oval:def:400775 ntp was updated to version 4.2.8p6 to fix 12 security issues. Also yast2-ntp-client was updated to match some sntp syntax changes. These security issues were fixed: - CVE-2015-8158: Fixed potential infinite loop in ntpq . - CVE-2015-8138: Zero Origin Timestamp Bypass . - CVE-2015-7979: Off-path Den ... oval:org.secpod.oval:def:2000845 ntpd in ntp 4.2.x before 4.2.8p7 and 4.3.x before 4.3.92 allows authenticated users that know the private symmetric key to create arbitrarily-many ephemeral associations in order to win the clock selection of ntpd and modify a victim"s clock via a Sybil attack. This issue exists because of an incomp ... oval:org.secpod.oval:def:1900085 ntpd in ntp 4.2.x before 4.2.8p7 and 4.3.x before 4.3.92 allows authenticated users that know the private symmetric key to create arbitrarily-many ephemeral associations in order to win the clock selection of ntpd and modify a victim"s clock via a Sybil attack. This issue exists because of an incomp ... oval:org.secpod.oval:def:1600928 ntpd in ntp 4.2.x before 4.2.8p7 allows authenticated users that know the private symmetric key to create arbitrarily-many ephemeral associations in order to win the clock selection of ntpd and modify a victim#039;s clock via a Sybil attack. This issue exists because of an incomplete fix for CVE-201 ... oval:org.secpod.oval:def:1600883 Ephemeral association time spoofing additional protectionntpd in ntp 4.2.x before 4.2.8p7 and 4.3.x before 4.3.92 allows authenticated users that know the private symmetric key to create arbitrarily-many ephemeral associations in order to win the clock selection of ntpd and modify a victim#039;s clo ... |