Back to search
CVE-2014-9296
Published: Dec 20, 2014
Modified: Aug 6, 2024
PUBLISHED
Description
The receive function in ntp_proto.c in ntpd in NTP before 4.2.8 continues to execute after detecting a certain authentication error, which might allow remote attackers to trigger an unintended association change via crafted packets.
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
20141222 Multiple Vulnerabilities in ntpd Affecting Cisco Products
vendor-advisory
x_refsource_CISCO
HPSBGN03277
vendor-advisory
x_refsource_HP
https://kc.mcafee.com/corporate/index?page=content&id=SB10103
x_refsource_CONFIRM
71758
vdb-entry
x_refsource_BID
http://advisories.mageia.org/MGASA-2014-0541.html
x_refsource_CONFIRM
VU#852879
third-party-advisory
x_refsource_CERT-VN
HPSBUX03240
vendor-advisory
x_refsource_HP
62209
third-party-advisory
x_refsource_SECUNIA
http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html
x_refsource_CONFIRM
RHSA-2015:0104
vendor-advisory
x_refsource_REDHAT
HPSBOV03505
vendor-advisory
x_refsource_HP
http://bugs.ntp.org/show_bug.cgi?id=2670
x_refsource_CONFIRM
SSRT101872
vendor-advisory
x_refsource_HP
openSUSE-SU-2014:1670
vendor-advisory
x_refsource_SUSE
https://bugzilla.redhat.com/show_bug.cgi?id=1176040
x_refsource_CONFIRM
http://support.ntp.org/bin/view/Main/SecurityNotice
x_refsource_CONFIRM
http://bk1.ntp.org/ntp-dev/?PAGE=patch&REV=548ad06feXHK1HlZoY-WZVyynwvwAg
x_refsource_CONFIRM
MDVSA-2015:003
vendor-advisory
x_refsource_MANDRIVA
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now