QwikSec

Security Database

CVE

CWE

Training

CVE-2014-9295

Published: Dec 20, 2014

Modified: Aug 6, 2024

PUBLISHED

Description

Multiple stack-based buffer overflows in ntpd in NTP before 4.2.8 allow remote attackers to execute arbitrary code via a crafted packet, related to (1) the crypto_recv function when the Autokey Authentication feature is used, (2) the ctl_putdata function, and (3) the configure function.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

20141222 Multiple Vulnerabilities in ntpd Affecting Cisco Products

vendor-advisory

x_refsource_CISCO

vdb-entry

x_refsource_BID

vendor-advisory

x_refsource_HP

https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04790232

x_refsource_CONFIRM

http://bugs.ntp.org/show_bug.cgi?id=2667

x_refsource_CONFIRM

https://kc.mcafee.com/corporate/index?page=content&id=SB10103

x_refsource_CONFIRM

http://advisories.mageia.org/MGASA-2014-0541.html

x_refsource_CONFIRM

third-party-advisory

x_refsource_CERT-VN

vendor-advisory

x_refsource_HP

vendor-advisory

x_refsource_REDHAT

https://bugzilla.redhat.com/show_bug.cgi?id=1176037

x_refsource_CONFIRM

third-party-advisory

x_refsource_SECUNIA

http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html

x_refsource_CONFIRM

vendor-advisory

x_refsource_REDHAT

vendor-advisory

x_refsource_HP

http://bk1.ntp.org/ntp-dev/?PAGE=patch&REV=548acc4dN1TbM1tRJrbPcA4yc1aTdA

x_refsource_CONFIRM

vendor-advisory

x_refsource_HP

https://help.ecostruxureit.com/display/public/UADCO8x/StruxureWare+Data+Center+Operation+Software+Vulnerability+Fixes

x_refsource_CONFIRM

http://bugs.ntp.org/show_bug.cgi?id=2668

x_refsource_CONFIRM

http://bk1.ntp.org/ntp-dev/?PAGE=patch&REV=548acdf3tUSFizXcv_X4b77Jt_Y-cg

x_refsource_CONFIRM

openSUSE-SU-2014:1670

vendor-advisory

x_refsource_SUSE

http://bk1.ntp.org/ntp-dev/?PAGE=patch&REV=548acf55dxKfhb6MuYQwzu8eDlS97g

x_refsource_CONFIRM

http://support.ntp.org/bin/view/Main/SecurityNotice

x_refsource_CONFIRM

vendor-advisory

x_refsource_HP

https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04916783

x_refsource_CONFIRM

http://www1.huawei.com/en/security/psirt/security-bulletins/security-advisories/hw-417665.htm

x_refsource_CONFIRM

vendor-advisory

x_refsource_MANDRIVA

http://bugs.ntp.org/show_bug.cgi?id=2669

x_refsource_CONFIRM

https://www.arista.com/en/support/advisories-notices/security-advisories/1047-security-advisory-8

x_refsource_MISC

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.