Download
| Alert*
oval:org.secpod.oval:def:1600689
Denial of Service via Malformed Config:A vulnerability was discovered in the NTP servers parsing of configuration directives. A remote, authenticated attacker could cause ntpd to crash by sending a crafted message.Potential Overflows in ctl_put functions:A vulnerability was found in NTP, in the buil ... oval:org.secpod.oval:def:112219 The Network Time Protocol is used to synchronize a computer's time with another reference time source. This package includes ntpd and utilities used to query and configure the ntpd daemon. Perl scripts ntp-wait and ntptrace are in the ntp-perl package, ntpdate is in the ntpdate package and snt ... oval:org.secpod.oval:def:112268 The Network Time Protocol is used to synchronize a computers time with another reference time source. This package includes ntpd and utilities used to query and configure the ntpd daemon. Perl scripts ntp-wait and ntptrace are in the ntp-perl package, ntpdate is in the ntpdate package and sntp is ... oval:org.secpod.oval:def:89044571 This ntp update to version 4.2.8p10 fixes the following issues: Security issues fixed : - CVE-2017-6464: Denial of Service via Malformed Config - CVE-2017-6462: Buffer Overflow in DPTS Clock - CVE-2017-6463: Authenticated DoS via Malicious Config Option - CVE-2017-6458: Potential Overflows in ctl_pu ... oval:org.secpod.oval:def:1000675 The remote host is missing a patch 143726-11 containing a security fix. For more information please visit the reference link. oval:org.secpod.oval:def:1000710 The remote host is missing a patch 143725-11 containing a security fix. For more information please visit the reference link. oval:org.secpod.oval:def:42236 The host is installed with Apple Mac OS X 10.8 before 10.13 and is prone to an unspecified vulnerability. A flaw is present in the application, which fails to properly handle unspecified vectors. Successful exploitation could allow attackers to crash the service. oval:org.secpod.oval:def:89044561 This ntp update to version 4.2.8p10 fixes serveral issues. This updated enables leap smearing. See /usr/share/doc/packages/ntp/README.leapsmear for details. Security issues fixed : - CVE-2017-6464: Denial of Service via Malformed Config - CVE-2017-6462: Buffer Overflow in DPTS Clock - CVE-2017-6463: ... oval:org.secpod.oval:def:2100960 Stack-based buffer overflow in the Windows installer for NTP before 4.2.8p10 and 4.3.x before 4.3.94 allows local users to have unspecified impact via an application path on the command line. oval:org.secpod.oval:def:1100544 The remote host is missing a patch containing a security fix, which affects the following packages: ntp.rte, bos.net.tcp.ntpd, bos.net.tcp.ntp and bos.net.tcp.client. For more information please visit vendor advisory link. oval:org.secpod.oval:def:42214 The host is missing a security update according to Apple advisory, APPLE-SA-2017-09-25-1. The update is required to fix multiple vulnerabilities. The flaws are present in the application, which fails to properly handle crafted data. Successful exploitation could allow attackers to execute arbitrary ... |