Packet Storm - Information Security News, Files, Tools, Exploits, Advisories and Whitepapers http://packetstormsecurity.org/ en-us Mon, 28 May 2012 05:46:37 GMT 144400 http://packetstormsecurity.org/ http://www.google-analytics.com/__utm.gif?utmwv=1.3&utmn=1889029759&utmcs=ISO-8859-1&utmsr=31337x31337&utmsc=32-bit&utmul=en-us&utmje=0&utmfl=-&utmcn=1&utmdt=Files%u2248%20Packet%20Storm&utmhn=packetstormsecurity.org&utmr=-&utmp=%2F0901-advisories%2Fdsa-1702-1.txt%2F&utmac=UA-18885198-1&utmcc=__utma%3D32867617.1889029759.1338183997.1338183997.1338183997.1%3B%2B__utmz%3D32867617.1338183997.1.1.utmccn%3D(direct)%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none) http://packetstormsecurity.org/files/73758/dsa-1702-1.txt http://packetstormsecurity.org/files/73758/dsa-1702-1.txt http://packetstormsecurity.org/files/73758/Debian-Linux-Security-Advisory-1702-1.html Mon, 12 Jan 2009 21:50:31 GMT Debian Security Advisory 1702-1 - It has been discovered that NTP, an implementation of the Network Time Protocol, does not properly check the result of an OpenSSL function for verifying cryptographic signatures, which may ultimately lead to the acceptance of unauthenticated time information. (Note that cryptographic authentication of time servers is often not enabled in the first place.)