ELSA-2016-0063

Опубликовано: 25 янв. 2016

Источник: oracle-oval

Платформа: Oracle Linux 7

Платформа: Oracle Linux 6

Описание

ELSA-2016-0063: ntp security update (IMPORTANT)

[4.2.6p5-5.el6_7.4]

don't accept server/peer packets with zero origin timestamp (CVE-2015-8138)

Обновленные пакеты

Oracle Linux 7

Oracle Linux x86_64

ntp

4.2.6p5-22.el7_2.1

ntp-doc

4.2.6p5-22.el7_2.1

ntp-perl

4.2.6p5-22.el7_2.1

ntpdate

4.2.6p5-22.el7_2.1

sntp

4.2.6p5-22.el7_2.1

Oracle Linux 6

Oracle Linux x86_64

ntp

4.2.6p5-5.el6_7.4

ntp-doc

4.2.6p5-5.el6_7.4

ntp-perl

4.2.6p5-5.el6_7.4

ntpdate

4.2.6p5-5.el6_7.4

Oracle Linux i686

ntp

4.2.6p5-5.el6_7.4

ntp-doc

4.2.6p5-5.el6_7.4

ntp-perl

4.2.6p5-5.el6_7.4

ntpdate

4.2.6p5-5.el6_7.4

Связанные CVE

CVE-2015-8138

Ссылки на источники

Связанные уязвимости

CVE-2015-8138

CVSS3: 5.3

ubuntu

больше 8 лет назад

NTP before 4.2.8p6 and 4.3.x before 4.3.90 allows remote attackers to bypass the origin timestamp validation via a packet with an origin timestamp set to zero.

CVE-2015-8138

redhat

больше 9 лет назад

NTP before 4.2.8p6 and 4.3.x before 4.3.90 allows remote attackers to bypass the origin timestamp validation via a packet with an origin timestamp set to zero.

CVE-2015-8138

CVSS3: 5.3

nvd

больше 8 лет назад

NTP before 4.2.8p6 and 4.3.x before 4.3.90 allows remote attackers to bypass the origin timestamp validation via a packet with an origin timestamp set to zero.

CVE-2015-8138

CVSS3: 5.3

debian

больше 8 лет назад

NTP before 4.2.8p6 and 4.3.x before 4.3.90 allows remote attackers to ...

GHSA-5mf2-6mvq-v64v

CVSS3: 5.3

github

больше 3 лет назад

NTP before 4.2.8p6 and 4.3.x before 4.3.90 allows remote attackers to bypass the origin timestamp validation via a packet with an origin timestamp set to zero.