Download
| Alert*
|
oval:org.secpod.oval:def:115130
The Network Time Protocol is used to synchronize a computer's time with another reference time source. This package includes ntpd and utilities used to query and configure the ntpd daemon. Perl scripts are in the ntp-perl package, ntpdate is in the ntpdate package and sntp is in the sntp packa ... oval:org.secpod.oval:def:1901444 Stack-based buffer overflow in ntpq and ntpdc of NTP version 4.2.8p11 allows an attacker to achieve code execution or escalate to higher privileges via a long string as the argument for an IPv4 or IPv6 command-line parameter. NOTE: It is unclear whether there are any common situations in which ntpq ... oval:org.secpod.oval:def:70147 ntp - Network Time Protocol daemon and utility programs. A security issue was fixed in ntpq and ntpdc. oval:org.secpod.oval:def:89002400 NTP was updated to 4.2.8p12 : - CVE-2018-12327: Fixed stack buffer overflow in the openhost command-line call of NTPQ/NTPDC. - CVE-2018-7170: Add further tweaks to improve the fix for the ephemeral association time spoofing additional protection Please also see https://www.nwtime.org/network-time- ... oval:org.secpod.oval:def:89002455 NTP was updated to 4.2.8p12 : - CVE-2018-12327: Fixed stack buffer overflow in the openhost command-line call of NTPQ/NTPDC. - CVE-2018-7170: Add further tweaks to improve the fix for the ephemeral association time spoofing additional protection Please also see https://www.nwtime.org/network-time- ... oval:org.secpod.oval:def:115035 The Network Time Protocol is used to synchronize a computer's time with another reference time source. This package includes ntpd and utilities used to query and configure the ntpd daemon. Perl scripts are in the ntp-perl package, ntpdate is in the ntpdate package and sntp is in the sntp packa ... oval:org.secpod.oval:def:1504241 [4.2.6p5-29.0.1] - Bump release to avoid ULN conflict with Oracle modified errata. [4.2.6p5-29] - fix CVE-2016-7429 patch to restore default ttl configuration - fix buffer overflow in parsing of address in ntpq and ntpdc - fix crash in parsing of received address in ntpq - avoid reading freed mem ... oval:org.secpod.oval:def:502588 The Network Time Protocol is used to synchronize a computer"s time with another referenced time source. These packages include the ntpd service which continuously adjusts system time and utilities used to query and configure the ntpd service. Security Fix: * ntp: Stack-based buffer overflow in ntpq ... oval:org.secpod.oval:def:1600928 ntpd in ntp 4.2.x before 4.2.8p7 allows authenticated users that know the private symmetric key to create arbitrarily-many ephemeral associations in order to win the clock selection of ntpd and modify a victim#039;s clock via a Sybil attack. This issue exists because of an incomplete fix for CVE-201 ... oval:org.secpod.oval:def:1700278 The ntpq and ntpdc command-line utilities that are part of ntp package are vulnerable to stack-based buffer overflow via crafted hostname. Applications using these vulnerable utilities with an untrusted input may be potentially exploited, resulting in a crash or arbitrary code execution under privil ... oval:org.secpod.oval:def:68074 ntp - Network Time Protocol daemon and utility programs. A security issue was fixed in ntpq and ntpdc. oval:org.secpod.oval:def:205134 The Network Time Protocol is used to synchronize a computer"s time with another referenced time source. These packages include the ntpd service which continuously adjusts system time and utilities used to query and configure the ntpd service. Security Fix: * ntp: Stack-based buffer overflow in ntpq ... oval:org.secpod.oval:def:503306 The Network Time Protocol is used to synchronize a computer"s time with another referenced time source. These packages include the ntpd service which continuously adjusts system time and utilities used to query and configure the ntpd service. Security Fix: * ntp: Stack-based buffer overflow in ntpq ... oval:org.secpod.oval:def:2001095 Stack-based buffer overflow in ntpq and ntpdc of NTP version 4.2.8p11 allows an attacker to achieve code execution or escalate to higher privileges via a long string as the argument for an IPv4 or IPv6 command-line parameter. NOTE: It is unclear whether there are any common situations in which ntpq ... oval:org.secpod.oval:def:1502411 The advisory is missing the security advisory description. For more information please visit the reference link oval:org.secpod.oval:def:205318 The Network Time Protocol is used to synchronize a computer"s time with another referenced time source. These packages include the ntpd service which continuously adjusts system time and utilities used to query and configure the ntpd service. Security Fix: * ntp: Stack-based buffer overflow in ntpq ... oval:org.secpod.oval:def:60362 The remote host is missing a patch containing a security fix, which affects the following packages: ntp.rte. For more information please visit vendor advisory link. |
