- Home
- CVEs with nessus.description==ntp has been updated to fix four security issues :
- ntp-keygen used a weak RNG seed, which made it easier for remote attackers to defeat cryptographic protection mechanisms via a brute-force attack. (bsc#910764).
(CVE-2014-9294)
- The config_auth function, when an auth key is not configured, improperly generated a key, which made it easier for remote attackers to defeat cryptographic protection mechanisms via a brute-force attack.
(bsc#910764). (CVE-2014-9293)
- ::1 can be spoofed on some operating systems, so ACLs based on IPv6 ::1 addresses could be bypassed.
(bsc#910764). (CVE-2014-9298)
- vallen is not validated in several places in ntp_crypto.c, leading to potential information leak.
(bsc#910764). (CVE-2014-9297)
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top