Oracle

Linux

225 Schwachstellen gefunden.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2015-7691

  • EPSS 6.22%
  • Veröffentlicht 07.08.2017 20:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

The crypto_xmit function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (crash) via crafted packets containing particular autokey operations. NOTE: This vulnerability exists due to a...

7.5

CVE-2015-7692

  • EPSS 6.32%
  • Veröffentlicht 07.08.2017 20:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

The crypto_xmit function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (crash). NOTE: This vulnerability exists due to an incomplete fix for CVE-2014-9750.

7.5

CVE-2015-7701

  • EPSS 7.8%
  • Veröffentlicht 07.08.2017 20:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

Memory leak in the CRYPTO_ASSOC function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (memory consumption).

6.5

CVE-2015-7702

  • EPSS 1.42%
  • Veröffentlicht 07.08.2017 20:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

The crypto_xmit function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (crash). NOTE: This vulnerability exists due to an incomplete fix for CVE-2014-9750.

5.9

CVE-2015-7852

  • EPSS 3.54%
  • Veröffentlicht 07.08.2017 20:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

ntpq in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (crash) via crafted mode 6 response packets.

7.5

CVE-2015-7703

  • EPSS 4.95%
  • Veröffentlicht 24.07.2017 14:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

The "pidfile" or "driftfile" directives in NTP ntpd 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77, when ntpd is configured to allow remote configuration, allows remote attackers with an IP address that is allowed to send configuration requests, and w...

7.5

CVE-2015-5219

  • EPSS 4.21%
  • Veröffentlicht 21.07.2017 14:29:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

The ULOGTOD function in ntp.d in SNTP before 4.2.7p366 does not properly perform type conversions from a precision value to a double, which allows remote attackers to cause a denial of service (infinite loop) via a crafted NTP packet.

9.8

CVE-2016-1908

  • EPSS 2.54%
  • Veröffentlicht 11.04.2017 18:59:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

The client in OpenSSH before 7.2 mishandles failed cookie generation for untrusted X11 forwarding and relies on the local X11 server for access-control decisions, which allows remote X11 clients to trigger a fallback and obtain trusted X11 forwarding...

6.5

CVE-2015-8896

  • EPSS 0.23%
  • Veröffentlicht 15.03.2017 19:59:00
  • Zuletzt bearbeitet 20.04.2025 01:37:25

Integer truncation issue in coders/pict.c in ImageMagick before 7.0.5-0 allows remote attackers to cause a denial of service (application crash) via a crafted .pict file.

5.3

CVE-2016-2518

  • EPSS 1.47%
  • Veröffentlicht 30.01.2017 21:59:01
  • Zuletzt bearbeitet 20.04.2025 01:37:25

The MATCH_ASSOC function in NTP before version 4.2.8p9 and 4.3.x before 4.3.92 allows remote attackers to cause an out-of-bounds reference via an addpeer request with a large hmode value.