UbuntuUpdates.org

Bugs fixes in "ntp"

Origin Bug number Title Date fixed
CVE CVE-2016-4954 The process_packet function in ntp_proto.c in ntpd in NTP 4.x before 4.2.8p8 allows remote attackers to cause a denial of service (peer-variable modi 2016-10-05
CVE CVE-2016-2518 Crafted addpeer with hmode > 7 causes out-of-bounds reference 2016-10-05
CVE CVE-2016-2516 Duplicate IPs on unconfig directives will cause an assertion failure 2016-10-05
CVE CVE-2016-1550 Timing attack for authenticated packets 2016-10-05
CVE CVE-2016-1548 Change the time of an ntpd client or deny service to an ntpd client by forcing it to change from basic client/server mode to interleaved symmetric mo 2016-10-05
CVE CVE-2016-0727 NTP statsdir cleanup cronjob insecure 2016-10-05
CVE CVE-2015-8158 Potential Infinite Loop in ntpq 2016-10-05
CVE CVE-2015-8138 ntp: missing check for zero originate timestamp 2016-10-05
CVE CVE-2016-1547 Validate crypto-NAKs 2016-10-05
CVE CVE-2015-7979 Off-path Denial of Service (DoS) attack on authenticated broadcast mode 2016-10-05
CVE CVE-2015-7978 Stack exhaustion in recursive traversal of restriction list 2016-10-05
CVE CVE-2015-7977 reslist NULL pointer dereference 2016-10-05
CVE CVE-2015-7976 ntpq saveconfig command allows dangerous characters in filenames 2016-10-05
CVE CVE-2015-7975 nextvar() missing length check 2016-10-05
CVE CVE-2015-7974 NTP 4.x before 4.2.8p6 and 4.3.x before 4.3.90 do not verify peer associations of symmetric keys when authenticating packets, which might allow remot 2016-10-05
CVE CVE-2015-7973 Deja Vu: Replay attack on authenticated broadcast mode 2016-10-05
Launchpad 1528050 NTP statsdir cleanup cronjob insecure 2016-10-05
Launchpad 1576698 ntpdate-debian not working 2016-10-04
Launchpad 1576698 ntpdate-debian not working 2016-09-21
Launchpad 1567540 ntpd crashed with SIGABRT (was: ntp crashes everytime the network goes up or down.) 2016-08-24



About   -   Send Feedback to @ubuntu_updates