Download
| Alert*
oval:org.secpod.oval:def:89002375
This update for ntp fixes the following issues: - Update to 4.2.8p11 : * CVE-2016-1549: Sybil vulnerability: ephemeral association attack. While fixed in ntp-4.2.8p7, there are significant additional protections for this issue in 4.2.8p11. * CVE-2018-7182: ctl_getitem: buffer read overrun leads to u ... oval:org.secpod.oval:def:89002454 This update for ntp fixes the following issues: - Update to 4.2.8p11 : * CVE-2016-1549: Sybil vulnerability: ephemeral association attack. While fixed in ntp-4.2.8p7, there are significant additional protections for this issue in 4.2.8p11. * CVE-2018-7182: ctl_getitem: buffer read overrun leads to u ... oval:org.secpod.oval:def:114206 The Network Time Protocol is used to synchronize a computer's time with another reference time source. This package includes ntpd and utilities used to query and configure the ntpd daemon. Perl scripts are in the ntp-perl package, ntpdate is in the ntpdate package and sntp is in the sntp packa ... oval:org.secpod.oval:def:89002137 This update for ntp fixes the following issues: - Update to 4.2.8p11 : * CVE-2016-1549: Sybil vulnerability: ephemeral association attack. While fixed in ntp-4.2.8p7, there are significant additional protections for this issue in 4.2.8p11. * CVE-2018-7182: ctl_getitem: buffer read overrun leads to u ... oval:org.secpod.oval:def:115130 The Network Time Protocol is used to synchronize a computer's time with another reference time source. This package includes ntpd and utilities used to query and configure the ntpd daemon. Perl scripts are in the ntp-perl package, ntpdate is in the ntpdate package and sntp is in the sntp packa ... oval:org.secpod.oval:def:1100516 The remote host is missing a patch containing a security fix, which affects the following packages: bos.net.tcp.client and ntp.rte. For more information please visit vendor advisory link. oval:org.secpod.oval:def:1000508 The remote host is missing a patch 143726-12 containing a security fix. For more information please visit the reference link. oval:org.secpod.oval:def:114196 The Network Time Protocol is used to synchronize a computer's time with another reference time source. This package includes ntpd and utilities used to query and configure the ntpd daemon. Perl scripts are in the ntp-perl package, ntpdate is in the ntpdate package and sntp is in the sntp packa ... oval:org.secpod.oval:def:89002061 This update for ntp fixes the following issues: Security issues fixed: - CVE-2016-1549: Significant additional protections against CVE-2016-1549 that was fixed in ntp-4.2.8p7 . - CVE-2018-7170: Ephemeral association time spoofing additional protection . - CVE-2018-7182: Buffer read overrun leads inf ... oval:org.secpod.oval:def:1000569 The remote host is missing a patch 143725-12 containing a security fix. For more information please visit the reference link. oval:org.secpod.oval:def:1900085 ntpd in ntp 4.2.x before 4.2.8p7 and 4.3.x before 4.3.92 allows authenticated users that know the private symmetric key to create arbitrarily-many ephemeral associations in order to win the clock selection of ntpd and modify a victim"s clock via a Sybil attack. This issue exists because of an incomp ... oval:org.secpod.oval:def:2102302 ntpd in ntp 4.2.x before 4.2.8p7 and 4.3.x before 4.3.92 allows authenticated users that know the private symmetric key to create arbitrarily-many ephemeral associations in order to win the clock selection of ntpd and modify a victim"s clock via a Sybil attack. This issue exists because of an incomp ... oval:org.secpod.oval:def:89002455 NTP was updated to 4.2.8p12 : - CVE-2018-12327: Fixed stack buffer overflow in the openhost command-line call of NTPQ/NTPDC. - CVE-2018-7170: Add further tweaks to improve the fix for the ephemeral association time spoofing additional protection Please also see https://www.nwtime.org/network-time- ... oval:org.secpod.oval:def:2000845 ntpd in ntp 4.2.x before 4.2.8p7 and 4.3.x before 4.3.92 allows authenticated users that know the private symmetric key to create arbitrarily-many ephemeral associations in order to win the clock selection of ntpd and modify a victim"s clock via a Sybil attack. This issue exists because of an incomp ... oval:org.secpod.oval:def:60362 The remote host is missing a patch containing a security fix, which affects the following packages: ntp.rte. For more information please visit vendor advisory link. oval:org.secpod.oval:def:89002400 NTP was updated to 4.2.8p12 : - CVE-2018-12327: Fixed stack buffer overflow in the openhost command-line call of NTPQ/NTPDC. - CVE-2018-7170: Add further tweaks to improve the fix for the ephemeral association time spoofing additional protection Please also see https://www.nwtime.org/network-time- ... oval:org.secpod.oval:def:1600928 ntpd in ntp 4.2.x before 4.2.8p7 allows authenticated users that know the private symmetric key to create arbitrarily-many ephemeral associations in order to win the clock selection of ntpd and modify a victim#039;s clock via a Sybil attack. This issue exists because of an incomplete fix for CVE-201 ... oval:org.secpod.oval:def:1600883 Ephemeral association time spoofing additional protectionntpd in ntp 4.2.x before 4.2.8p7 and 4.3.x before 4.3.92 allows authenticated users that know the private symmetric key to create arbitrarily-many ephemeral associations in order to win the clock selection of ntpd and modify a victim#039;s clo ... |