Search 211766 CVE descriptions
and 97459 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:
Category:SuSE Local Security Checks
Title:SUSE: Security Advisory (SUSE-SU-2016:1584-1)
Summary:The remote host is missing an update for the 'ntp' package(s) announced via the SUSE-SU-2016:1584-1 advisory.
The remote host is missing an update for the 'ntp' package(s) announced via the SUSE-SU-2016:1584-1 advisory.

Vulnerability Insight:
ntp was updated to version 4.2.8p8 to fix five security issues.
These security issues were fixed:
- CVE-2016-4953: Bad authentication demobilizes ephemeral associations
- CVE-2016-4954: Processing spoofed server packets (bsc#982066).
- CVE-2016-4955: Autokey association reset (bsc#982067).
- CVE-2016-4956: Broadcast interleave (bsc#982068).
- CVE-2016-4957: CRYPTO_NAK crash (bsc#982064).
These non-security issues were fixed:
- Keep the parent process alive until the daemon has finished
initialisation, to make sure that the PID file exists when the parent
- bsc#979302: Change the process name of the forking DNS worker process to
avoid the impression that ntpd is started twice.
- bsc#981422: Don't ignore SIGCHILD because it breaks wait().
- Separate the creation of ntp.keys and key #1 in it to avoid problems
when upgrading installations that have the file, but no key #1, which is
needed e.g. by 'rcntp addserver'.

Affected Software/OS:
'ntp' package(s) on SUSE Linux Enterprise Server 11-SP4, SUSE Linux Enterprise Debuginfo 11-SP4

Please install the updated package(s).

CVSS Score:

CVSS Vector:

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2016-4953
BugTraq ID: 91010
CERT/CC vulnerability note: VU#321640
FreeBSD Security Advisory: FreeBSD-SA-16:24
SuSE Security Announcement: SUSE-SU-2016:1563 (Google Search)
SuSE Security Announcement: SUSE-SU-2016:1584 (Google Search)
SuSE Security Announcement: SUSE-SU-2016:1602 (Google Search)
SuSE Security Announcement: openSUSE-SU-2016:1583 (Google Search)
SuSE Security Announcement: openSUSE-SU-2016:1636 (Google Search)
Common Vulnerability Exposure (CVE) ID: CVE-2016-4954
Common Vulnerability Exposure (CVE) ID: CVE-2016-4955
BugTraq ID: 91007
Common Vulnerability Exposure (CVE) ID: CVE-2016-4956
BugTraq ID: 91009
Common Vulnerability Exposure (CVE) ID: CVE-2016-4957
CopyrightCopyright (C) 2021 Greenbone Networks GmbH

This is only one of 97459 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.

© 1998-2021 E-Soft Inc. All rights reserved.