QwikSec

Security Database

CVE

CWE

Training

CVE-2014-9751

Published: Oct 4, 2015

Modified: Aug 6, 2024

PUBLISHED

Description

The read_network_packet function in ntp_io.c in ntpd in NTP 4.x before 4.2.8p1 on Linux and OS X does not properly determine whether a source IP address is an IPv6 loopback address, which makes it easier for remote attackers to spoof restricted packets, and read or write to the runtime state, by leveraging the ability to reach the ntpd machine's network interface with a packet from the ::1 address.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

third-party-advisory

x_refsource_CERT-VN

http://support.ntp.org/bin/view/Main/SecurityNotice#December_2014_NTP_Security_Vulne

x_refsource_CONFIRM

http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html

x_refsource_CONFIRM

http://bugs.ntp.org/show_bug.cgi?id=2672

x_refsource_CONFIRM

vendor-advisory

x_refsource_DEBIAN

vdb-entry

x_refsource_BID

vendor-advisory

x_refsource_REDHAT

https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03886en_us

x_refsource_CONFIRM

https://bugzilla.redhat.com/show_bug.cgi?id=1184572

x_refsource_CONFIRM

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.