Bugs fixes in "ntp"
Origin | Bug number | Title | Date fixed |
---|---|---|---|
CVE | CVE-2016-4955 | ntpd in NTP 4.x before 4.2.8p8, when autokey is enabled, allows remote attackers to cause a denial of service (peer-variable clearing and association | 2016-10-05 |
CVE | CVE-2016-4954 | The process_packet function in ntp_proto.c in ntpd in NTP 4.x before 4.2.8p8 allows remote attackers to cause a denial of service (peer-variable modi | 2016-10-05 |
CVE | CVE-2016-2518 | Crafted addpeer with hmode > 7 causes out-of-bounds reference | 2016-10-05 |
CVE | CVE-2016-2516 | Duplicate IPs on unconfig directives will cause an assertion failure | 2016-10-05 |
CVE | CVE-2016-1550 | Timing attack for authenticated packets | 2016-10-05 |
CVE | CVE-2016-1548 | Change the time of an ntpd client or deny service to an ntpd client by forcing it to change from basic client/server mode to interleaved symmetric mo | 2016-10-05 |
CVE | CVE-2016-0727 | NTP statsdir cleanup cronjob insecure | 2016-10-05 |
CVE | CVE-2015-8158 | Potential Infinite Loop in ntpq | 2016-10-05 |
CVE | CVE-2015-8138 | ntp: missing check for zero originate timestamp | 2016-10-05 |
CVE | CVE-2016-1547 | Validate crypto-NAKs | 2016-10-05 |
CVE | CVE-2015-7979 | Off-path Denial of Service (DoS) attack on authenticated broadcast mode | 2016-10-05 |
CVE | CVE-2015-7978 | Stack exhaustion in recursive traversal of restriction list | 2016-10-05 |
CVE | CVE-2015-7977 | reslist NULL pointer dereference | 2016-10-05 |
CVE | CVE-2015-7976 | ntpq saveconfig command allows dangerous characters in filenames | 2016-10-05 |
CVE | CVE-2015-7975 | nextvar() missing length check | 2016-10-05 |
CVE | CVE-2015-7974 | NTP 4.x before 4.2.8p6 and 4.3.x before 4.3.90 do not verify peer associations of symmetric keys when authenticating packets, which might allow remot | 2016-10-05 |
CVE | CVE-2015-7973 | Deja Vu: Replay attack on authenticated broadcast mode | 2016-10-05 |
Launchpad | 1528050 | NTP statsdir cleanup cronjob insecure | 2016-10-05 |
CVE | CVE-2016-4956 | ntpd in NTP 4.x before 4.2.8p8 allows remote attackers to cause a denial of service (interleaved-mode transition and time change) via a spoofed broad | 2016-10-05 |
CVE | CVE-2016-4955 | ntpd in NTP 4.x before 4.2.8p8, when autokey is enabled, allows remote attackers to cause a denial of service (peer-variable clearing and association | 2016-10-05 |
About
-
Send Feedback to @ubuntu_updates