Download
| Alert*
oval:org.secpod.oval:def:41172
ntp: Network Time Protocol daemon and utility programs Several security issues were fixed in NTP. oval:org.secpod.oval:def:42245 The host is installed with Apple Mac OS X 10.8 before 10.13 and is prone a denial of service vulnerability. A flaw is present in the application, which fails to properly handle crafted ELF file. Successful exploitation could allow attackers to cause a denial of service (application crash) or possibl ... oval:org.secpod.oval:def:2100960 Stack-based buffer overflow in the Windows installer for NTP before 4.2.8p10 and 4.3.x before 4.3.94 allows local users to have unspecified impact via an application path on the command line. oval:org.secpod.oval:def:89044571 This ntp update to version 4.2.8p10 fixes the following issues: Security issues fixed : - CVE-2017-6464: Denial of Service via Malformed Config - CVE-2017-6462: Buffer Overflow in DPTS Clock - CVE-2017-6463: Authenticated DoS via Malicious Config Option - CVE-2017-6458: Potential Overflows in ctl_pu ... oval:org.secpod.oval:def:1000675 The remote host is missing a patch 143726-11 containing a security fix. For more information please visit the reference link. oval:org.secpod.oval:def:1000710 The remote host is missing a patch 143725-11 containing a security fix. For more information please visit the reference link. oval:org.secpod.oval:def:89044561 This ntp update to version 4.2.8p10 fixes serveral issues. This updated enables leap smearing. See /usr/share/doc/packages/ntp/README.leapsmear for details. Security issues fixed : - CVE-2017-6464: Denial of Service via Malformed Config - CVE-2017-6462: Buffer Overflow in DPTS Clock - CVE-2017-6463: ... oval:org.secpod.oval:def:41174 ntp: Network Time Protocol daemon and utility programs Several security issues were fixed in NTP. oval:org.secpod.oval:def:42214 The host is missing a security update according to Apple advisory, APPLE-SA-2017-09-25-1. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly handle crafted data. Successful exploitation could allow attackers to execute arbitrary ... |