Rapid7 Vulnerability & Exploit Database

F5 Networks: K16393 (CVE-2014-9751): NTP vulnerability CVE-2014-9751

Back to Search

F5 Networks: K16393 (CVE-2014-9751): NTP vulnerability CVE-2014-9751

Severity

CVSS

(AV:N/AC:M/Au:N/C:P/I:P/A:P)

Published

04/09/2015

Created

07/25/2018

Added

02/16/2017

Modified

08/25/2020

Description

The read_network_packet function in ntp_io.c in ntpd in NTP 4.x before 4.2.8p1 on Linux and OS X does not properly determine whether a source IP address is an IPv6 loopback address, which makes it easier for remote attackers to spoof restricted packets, and read or write to the runtime state, by leveraging the ability to reach the ntpd machine's network interface with a packet from the ::1 address.

Solution(s)

f5-big-ip-upgrade-latest

References

https://support.f5.com/csp/article/K16393
DLA-149-1
DSA-3154
DSA-3388
CVE-2014-9751

Advanced vulnerability management analytics and reporting.

Key Features

Free InsightVM Trial View All Features

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;

Rapid7 Vulnerability & Exploit Database

F5 Networks: K16393 (CVE-2014-9751): NTP vulnerability CVE-2014-9751