[Forgot Password]
Login  Register Subscribe

30389

 
 

423868

 
 

244411

 
 

909

 
 

193363

 
 

277

Paid content will be excluded from the download.


Download | Alert*
OVAL

CESA-2016:0063 -- centos 6 ntp

ID: oval:org.secpod.oval:def:203825Date: (C)2016-02-16   (M)2024-01-29
Class: PATCHFamily: unix




The Network Time Protocol is used to synchronize a computer"s time with a referenced time source. It was discovered that ntpd as a client did not correctly check the originate timestamp in received packets. A remote attacker could use this flaw to send a crafted packet to an ntpd client that would effectively disable synchronization with the server, or push arbitrary offset/delay measurements to modify the time on the client. All ntp users are advised to upgrade to these updated packages, which contain a backported patch to resolve this issue. After installing the update, the ntpd daemon will restart automatically.

Platform:
CentOS 6
Product:
ntp
Reference:
CESA-2016:0063
CVE-2015-8138
CVE    1
CVE-2015-8138
CPE    2
cpe:/a:ntp:ntp
cpe:/o:centos:centos:6

© SecPod Technologies