Vulnerability & Exploit Database

Displaying entries 1 - 10 of 20 in total

Results for: CVE-2014-9296 Back to search

USN-2449-1: NTP vulnerabilities Vulnerability

  • Severity: 8
  • Published: December 19, 2014

Multiple stack-based buffer overflows in ntpd in NTP before 4.2.8 allow remote attackers to execute arbitrary code via a crafted packet, related to (1) the crypto_recv function when the Autokey Authentication feature is used, (2) the ctl_putdata function, and (3) the configure function.

SUSE: CVE-2014-9296: SUSE Linux Security Advisory Vulnerability

  • Severity: 5
  • Published: December 19, 2014

The receive function in ntp_proto.c in ntpd in NTP before 4.2.8 continues to execute after detecting a certain authentication error, which might allow remote attackers to trigger an unintended association change via crafted packets.

Oracle Solaris 11: CVE-2014-9296: Vulnerability in NTP Vulnerability

  • Severity: 5
  • Published: December 19, 2014

The receive function in ntp_proto.c in ntpd in NTP before 4.2.8 continues to execute after detecting a certain authentication error, which might allow remote attackers to trigger an unintended association change via crafted packets.

RHSA-2015:0104: ntp security update Vulnerability

  • Severity: 8
  • Published: December 19, 2014

The Network Time Protocol (NTP) is used to synchronize a computer's timewith a referenced time source.Multiple buffer overflow flaws were discovered in ntpd's crypto_recv(),ctl_putdata(), and configure() functions. A remote attacker could useeither of these flaws to send a specially crafted request packet that couldcrash ntpd or, potenti...

RHSA-2014:2024: ntp security update Vulnerability

  • Severity: 8
  • Published: December 19, 2014

The Network Time Protocol (NTP) is used to synchronize a computer's timewith a referenced time source.Multiple buffer overflow flaws were discovered in ntpd's crypto_recv(),ctl_putdata(), and configure() functions. A remote attacker could useeither of these flaws to send a specially crafted request packet that couldcrash ntpd or, potenti...

ELSA-2014-2024 Important: Oracle Linux ntp security update Vulnerability

  • Severity: 8
  • Published: December 19, 2014

Multiple stack-based buffer overflows in ntpd in NTP before 4.2.8 allow remote attackers to execute arbitrary code via a crafted packet, related to (1) the crypto_recv function when the Autokey Authentication feature is used, (2) the ctl_putdata function, and (3) the configure function.

HP-UX: CVE-2014-9296: Potential security vulnerabilities have been identified with HP-UX running NTP. These could be exploited remotely to execute code, create a Denial of Service (DoS), or other vulnerabilities. Vulnerability

  • Severity: 5
  • Published: December 19, 2014

The receive function in ntp_proto.c in ntpd in NTP before 4.2.8 continues to execute after detecting a certain authentication error, which might allow remote attackers to trigger an unintended association change via crafted packets.

Gentoo Linux: CVE-2014-9296: NTP: Multiple vulnerabilities Vulnerability

  • Severity: 5
  • Published: December 19, 2014

The receive function in ntp_proto.c in ntpd in NTP before 4.2.8 continues to execute after detecting a certain authentication error, which might allow remote attackers to trigger an unintended association change via crafted packets.

FreeBSD: ntp -- multiple vulnerabilities (Multiple CVEs) Vulnerability

  • Severity: 8
  • Published: December 19, 2014

Multiple stack-based buffer overflows in ntpd in NTP before 4.2.8 allow remote attackers to execute arbitrary code via a crafted packet, related to (1) the crypto_recv function when the Autokey Authentication feature is used, (2) the ctl_putdata function, and (3) the configure function.