Anfälligkeitssuche        Suche in 211766 CVE Beschreibungen
und 97459 Test Beschreibungen,
Zugriff auf 10,000+ Quellverweise.
Tests   CVE   Alle  

Test Kennung:1.3.6.1.4.1.25623.1.1.4.2018.0808.1
Kategorie:SuSE Local Security Checks
Titel:SUSE: Security Advisory (SUSE-SU-2018:0808-1)
Zusammenfassung:The remote host is missing an update for the 'ntp' package(s) announced via the SUSE-SU-2018:0808-1 advisory.
Beschreibung:Summary:
The remote host is missing an update for the 'ntp' package(s) announced via the SUSE-SU-2018:0808-1 advisory.

Vulnerability Insight:
This update for ntp fixes the following issues:
Security issues fixed:
- CVE-2016-1549: Significant additional protections against CVE-2016-1549
that was fixed in ntp-4.2.8p7 (bsc#1082210).
- CVE-2018-7170: Ephemeral association time spoofing additional protection
(bsc#1083424).
- CVE-2018-7182: Buffer read overrun leads information leak in
ctl_getitem() (bsc#1083426).
- CVE-2018-7183: decodearr() can write beyond its buffer limit
(bsc#1083417).
- CVE-2018-7184: Interleaved symmetric mode cannot recover from bad state
(bsc#1083422).
- CVE-2018-7185: Unauthenticated packet can reset authenticated
interleaved association (bsc#1083420).
Bug fixes:
- bsc#1077445: Don't use libevent's cached time stamps in sntp.
- Disable CMAC in ntp when building against a version of OpenSSL that
doesn't support it.

Affected Software/OS:
'ntp' package(s) on SUSE Linux Enterprise Server 11-SP4, SUSE Linux Enterprise Debuginfo 11-SP4

Solution:
Please install the updated package(s).

CVSS Score:
7.5

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P

Querverweis: Common Vulnerability Exposure (CVE) ID: CVE-2016-1549
BugTraq ID: 88200
http://www.securityfocus.com/bid/88200
FreeBSD Security Advisory: FreeBSD-SA-18:02
https://security.FreeBSD.org/advisories/FreeBSD-SA-16:16.ntp.asc
https://security.gentoo.org/glsa/201607-15
http://www.talosintelligence.com/reports/TALOS-2016-0083/
http://www.securitytracker.com/id/1035705
Common Vulnerability Exposure (CVE) ID: CVE-2018-7170
BugTraq ID: 103194
http://www.securityfocus.com/bid/103194
Bugtraq: 20180301 [Newsletter/Marketing] [slackware-security] ntp (SSA:2018-060-02) (Google Search)
http://www.securityfocus.com/archive/1/541824/100/0/threaded
https://security.FreeBSD.org/advisories/FreeBSD-SA-18:02.ntp.asc
https://security.gentoo.org/glsa/201805-12
http://packetstormsecurity.com/files/146631/Slackware-Security-Advisory-ntp-Updates.html
https://bugzilla.redhat.com/show_bug.cgi?id=1550214
Common Vulnerability Exposure (CVE) ID: CVE-2018-7182
BugTraq ID: 103191
http://www.securityfocus.com/bid/103191
https://www.exploit-db.com/exploits/45846/
https://usn.ubuntu.com/3707-1/
Common Vulnerability Exposure (CVE) ID: CVE-2018-7183
BugTraq ID: 103351
http://www.securityfocus.com/bid/103351
https://usn.ubuntu.com/3707-2/
Common Vulnerability Exposure (CVE) ID: CVE-2018-7184
BugTraq ID: 103192
http://www.securityfocus.com/bid/103192
Common Vulnerability Exposure (CVE) ID: CVE-2018-7185
BugTraq ID: 103339
http://www.securityfocus.com/bid/103339
https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html
CopyrightCopyright (C) 2021 Greenbone Networks GmbH

Dies ist nur einer von 97459 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus.

Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.




© 1998-2021 E-Soft Inc. Alle Rechte vorbehalten.