Rapid7 Vulnerability & Exploit Database

F5 Networks: K16393 (CVE-2014-9751): NTP vulnerability CVE-2014-9751

Back to Search

F5 Networks: K16393 (CVE-2014-9751): NTP vulnerability CVE-2014-9751

Severity
7
CVSS
(AV:N/AC:M/Au:N/C:P/I:P/A:P)
Published
04/09/2015
Created
07/25/2018
Added
02/16/2017
Modified
08/25/2020

Description

The read_network_packet function in ntp_io.c in ntpd in NTP 4.x before 4.2.8p1 on Linux and OS X does not properly determine whether a source IP address is an IPv6 loopback address, which makes it easier for remote attackers to spoof restricted packets, and read or write to the runtime state, by leveraging the ability to reach the ntpd machine's network interface with a packet from the ::1 address.

Solution(s)

  • f5-big-ip-upgrade-latest

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;