Lucene search
RedHatRHSA-2017:3071HistoryOct 26, 2017 - 6:19 a.m.
(RHSA-2017:3071) Moderate: ntp security update
2017-10-2606:19:03
access.redhat.com
63
0.089 Low
EPSS
Percentile
94.6%
The Network Time Protocol (NTP) is used to synchronize a computerโs time with another referenced time source. These packages include the ntpd service which continuously adjusts system time and utilities used to query and configure the ntpd service.
Security Fix(es):
-
Two vulnerabilities were discovered in the NTP serverโs parsing of configuration directives. A remote, authenticated attacker could cause ntpd to crash by sending a crafted message. (CVE-2017-6463, CVE-2017-6464)
-
A vulnerability was found in NTP, in the parsing of packets from the /dev/datum device. A malicious device could send crafted messages, causing ntpd to crash. (CVE-2017-6462)
Red Hat would like to thank the NTP project for reporting these issues. Upstream acknowledges Cure53 as the original reporter of these issues.
| OS | Version | Architecture | Package | Version | Filename |
|---|---|---|---|---|---|
| RedHat | 6 | x86_64 | ntp-perl | <ย 4.2.6p5-12.el6_9.1 | ntp-perl-4.2.6p5-12.el6_9.1.x86_64.rpm |
| RedHat | 6 | x86_64 | ntpdate | <ย 4.2.6p5-12.el6_9.1 | ntpdate-4.2.6p5-12.el6_9.1.x86_64.rpm |
| RedHat | 6 | s390x | ntp | <ย 4.2.6p5-12.el6_9.1 | ntp-4.2.6p5-12.el6_9.1.s390x.rpm |
| RedHat | 6 | i686 | ntpdate | <ย 4.2.6p5-12.el6_9.1 | ntpdate-4.2.6p5-12.el6_9.1.i686.rpm |
| RedHat | 6 | ppc64 | ntp-perl | <ย 4.2.6p5-12.el6_9.1 | ntp-perl-4.2.6p5-12.el6_9.1.ppc64.rpm |
| RedHat | 6 | x86_64 | ntp | <ย 4.2.6p5-12.el6_9.1 | ntp-4.2.6p5-12.el6_9.1.x86_64.rpm |
| RedHat | 6 | ppc64 | ntp-debuginfo | <ย 4.2.6p5-12.el6_9.1 | ntp-debuginfo-4.2.6p5-12.el6_9.1.ppc64.rpm |
| RedHat | 6 | noarch | ntp-doc | <ย 4.2.6p5-12.el6_9.1 | ntp-doc-4.2.6p5-12.el6_9.1.noarch.rpm |
| RedHat | 6 | i686 | ntp | <ย 4.2.6p5-12.el6_9.1 | ntp-4.2.6p5-12.el6_9.1.i686.rpm |
| RedHat | 6 | ppc64 | ntpdate | <ย 4.2.6p5-12.el6_9.1 | ntpdate-4.2.6p5-12.el6_9.1.ppc64.rpm |
Related
openvas
openvas
CentOS Update for ntp CESA-2017:3071 centos6
2017-10-27 00:00:00
RedHat Update for ntp RHSA-2017:3071-01
2017-10-27 00:00:00
Huawei EulerOS: Security Advisory for ntp (EulerOS-SA-2019-1938)
2020-01-23 00:00:00
nessus
nessus
RHEL 7 : ntp (RHSA-2018:0855)
2018-04-11 00:00:00
Oracle Linux 7 : ntp (ELSA-2018-0855)
2018-04-18 00:00:00
Virtuozzo 6 : ntp / ntp-doc / ntp-perl / ntpdate (VZLSA-2017-3071)
2018-11-27 00:00:00
centos
centos
ntp, ntpdate security update
2017-10-26 11:47:10
ntp, ntpdate, sntp security update
2018-04-26 17:47:34
ibm
ibm
Security Bulletin: Vulnerabilities in NTP affect PowerKVM
2018-07-06 23:57:31
redhat
redhat
(RHSA-2018:0855) Moderate: ntp security, bug fix, and enhancement update
2018-04-10 05:02:34
freebsd
freebsd
FreeBSD -- Multiple vulnerabilities of ntp
2017-04-12 00:00:00
freebsd_advisory
freebsd_advisory
FreeBSD-SA-17:03.ntp
2017-04-12 00:00:00
amazon
amazon
Medium: ntp
2017-04-20 05:54:00
Medium: ntp
2018-05-10 17:11:00
fedora
fedora
[SECURITY] Fedora 25 Update: ntp-4.2.6p5-44.fc25
2017-03-29 01:35:03
[SECURITY] Fedora 24 Update: ntp-4.2.6p5-44.fc24
2017-04-18 16:49:59
[SECURITY] Fedora 26 Update: ntp-4.2.8p10-1.fc26
2017-04-01 18:10:49
mageia
mageia
Updated ntp packages fix security vulnerability
2017-05-09 09:35:29
oraclelinux
oraclelinux
ntp security update
2018-12-19 00:00:00
ntp security, bug fix, and enhancement update
2018-04-16 00:00:00
ntp security update
2017-10-26 00:00:00
aix
aix
checkpoint_advisories
checkpoint_advisories
veracode
veracode
Denial Of Service (DoS)
2019-05-02 06:37:19
Denial Of Service (DoS)
2019-01-15 09:19:43
Denial Of Service (DoS)
2019-05-02 06:37:19
debiancve
debiancve
ubuntucve
ubuntucve
prion
prion
Buffer overflow
2017-03-27 17:59:00
Design/Logic Flaw
2017-03-27 17:59:00
Design/Logic Flaw
2017-03-27 17:59:00
cvelist
cvelist
redhatcve
redhatcve
f5
f5
K96670746 : NTP vulnerability CVE-2017-6464
2017-05-09 00:00:00
K07082049 : NTP vulnerability CVE-2017-6462
2017-05-08 00:00:00
K02951273 : NTP vulnerability CVE-2017-6463
2017-05-16 00:00:00
nvd
nvd
cve
cve
slackware
slackware
[slackware-security] ntp
2017-04-22 16:42:41
symantec
symantec
SA147 : March 2017 NTP Security Vulnerabilities
2017-04-13 08:00:00
ubuntu
ubuntu
NTP vulnerabilities
2019-01-23 00:00:00
NTP vulnerabilities
2017-07-05 00:00:00
cloudfoundry
cloudfoundry
USN-3349-1: NTP vulnerabilities | Cloud Foundry
2017-08-04 00:00:00
apple
apple
About the security content of macOS High Sierra 10.13
2017-09-25 00:00:00
About the security content of macOS High Sierra 10.13 - Apple Support
2020-02-06 07:51:09