Exploit the possiblities
Showing 1 - 18 of 18 RSS Feed

CVE-2014-9293

Status Candidate

Overview

The config_auth function in ntpd in NTP before 4.2.7p11, when an auth key is not configured, improperly generates a key, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via a brute-force attack.

Related Files

HP Security Bulletin HPSBHF03432 1
Posted Dec 10, 2015
Authored by HP | Site hp.com

HP Security Bulletin HPSBHF03432 1 - Potential security vulnerabilities have been identified with HPE Networking Comware 5, Comware 5, Low Encryption SW, Comware 7, and VCX, Using NTP. The vulnerabilities could be remotely exploited resulting in resulting in remote access restriction bypass and code execution. Revision 1 of this advisory.

tags | advisory, remote, vulnerability, code execution
advisories | CVE-2014-9293, CVE-2014-9294, CVE-2014-9295
MD5 | 3125d9de58219658ab5a98f8b984b7e0
HP Security Bulletin HPSBOV03505 1
Posted Sep 10, 2015
Authored by HP | Site hp.com

HP Security Bulletin HPSBOV03505 1 - Potential security vulnerabilities have been identified with the TCP/IP Services for OpenVMS running NTP. These vulnerabilities could be exploited remotely to allow unauthenticated attackers to execute code with the privileges of ntpd or cause a Denial of Service (DoS). Revision 1 of this advisory.

tags | advisory, denial of service, tcp, vulnerability
advisories | CVE-2013-5211, CVE-2014-9293, CVE-2014-9294, CVE-2014-9295, CVE-2014-9296
MD5 | 509857457f500e317efd338ea6b2b9b2
HP Security Bulletin HPSBUX03240 SSRT101872 2
Posted Apr 9, 2015
Authored by HP | Site hp.com

HP Security Bulletin HPSBUX03240 SSRT101872 2 - Potential security vulnerabilities have been identified with HP-UX running NTP. These could be exploited remotely to execute code, create a Denial of Service (DoS), or other vulnerabilities. Revision 2 of this advisory.

tags | advisory, denial of service, vulnerability
systems | hpux
advisories | CVE-2014-9293, CVE-2014-9294, CVE-2014-9295, CVE-2014-9296, CVE-2014-9297
MD5 | 4385bb919e195fce9e150eebdf165315
Mandriva Linux Security Advisory 2015-140
Posted Mar 30, 2015
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2015-140 - If no authentication key is defined in the ntp.conf file, a cryptographically-weak default key is generated. ntp-keygen before 4.2.7p230 uses a non-cryptographic random number generator with a weak seed to generate symmetric keys. A remote unauthenticated attacker may craft special packets that trigger buffer overflows in the ntpd functions crypto_recv() (when using autokey authentication), ctl_putdata(), and configure(). The resulting buffer overflows may be exploited to allow arbitrary malicious code to be executed with the privilege of the ntpd process. A section of code in ntpd handling a rare error is missing a return statement, therefore processing did not stop when the error was encountered. This situation may be exploitable by an attacker. Stephen Roettger of the Google Security Team, Sebastian Krahmer of the SUSE Security Team and Harlan Stenn of Network Time Foundation discovered that the length value in extension fields is not properly validated in several code paths in ntp_crypto.c, which could lead to information leakage or denial of service. Stephen Roettger of the Google Security Team reported that ACLs based on IPv6 ::1 addresses can be bypassed. The ntp package has been patched to fix these issues.

tags | advisory, remote, denial of service, overflow, arbitrary
systems | linux, suse, mandriva
advisories | CVE-2014-9293, CVE-2014-9294, CVE-2014-9295, CVE-2014-9296, CVE-2014-9297, CVE-2014-9298
MD5 | 63eace47c4bb590165b141e4cf13cf56
HP Security Bulletin HPSBGN03277 1
Posted Mar 9, 2015
Authored by HP | Site hp.com

HP Security Bulletin HPSBGN03277 1 - Potential security vulnerabilities have been identified with the NTP service that is present on HP Virtualization Performance Viewer (vPV). These could be exploited remotely to execute code, create a Denial of Service (DoS), and other vulnerabilities. Revision 1 of this advisory.

tags | advisory, denial of service, vulnerability
advisories | CVE-2014-9293, CVE-2014-9294, CVE-2014-9295, CVE-2014-9296
MD5 | 7bfec74b7eb740ce72064a922627025b
HP Security Bulletin HPSBPV03266
Posted Feb 20, 2015
Authored by HP | Site hp.com

HP Security Bulletin HPSBPV03266 - Potential security vulnerabilities have been identified with certain HP Networking and H3C switches and routers running NTP. The vulnerabilities could be exploited remotely to allow execution of code, disclosure of information and denial of service (DoS). Revision 1 of this advisory.

tags | advisory, denial of service, vulnerability
advisories | CVE-2014-9293, CVE-2014-9294, CVE-2014-9295
MD5 | 1dda2868cc061abdaf06b8ea3b182502
HP Security Bulletin HPSBUX03240 SSRT101872
Posted Feb 19, 2015
Authored by HP | Site hp.com

HP Security Bulletin HPSBUX03240 SSRT101872 - Potential security vulnerabilities have been identified with HP-UX running NTP. These could be exploited remotely to execute code, create a Denial of Service (DoS), or other vulnerabilities. Revision 1 of this advisory.

tags | advisory, denial of service, vulnerability
systems | hpux
advisories | CVE-2014-9293, CVE-2014-9294, CVE-2014-9295, CVE-2014-9296, CVE-2014-9297
MD5 | 5c4a66b3cb7e2dd8edd7d99f81147e16
Red Hat Security Advisory 2015-0104-01
Posted Jan 29, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-0104-01 - The Network Time Protocol is used to synchronize a computer's time with a referenced time source. Multiple buffer overflow flaws were discovered in ntpd's crypto_recv(), ctl_putdata(), and configure() functions. A remote attacker could use either of these flaws to send a specially crafted request packet that could crash ntpd or, potentially, execute arbitrary code with the privileges of the ntp user. Note: the crypto_recv() flaw requires non-default configurations to be active, while the ctl_putdata() flaw, by default, can only be exploited via local attackers, and the configure() flaw requires additional authentication to exploit.

tags | advisory, remote, overflow, arbitrary, local, protocol
systems | linux, redhat
advisories | CVE-2014-9293, CVE-2014-9294, CVE-2014-9295, CVE-2014-9296
MD5 | e7470191a6430289d2a3fe335f29b10a
EMC M&R (Watch4Net) XSS / Upload / Java / Traversal / Overflow
Posted Jan 20, 2015
Site emc.com

EMC M&R (Watch4Net) suffers from heap overflow, remote file upload, insecure cryptographic storage, cross site scripting, ntp-related, java-related, and path traversal vulnerabilities.

tags | advisory, java, remote, overflow, vulnerability, xss, file upload
advisories | CVE-2014-3618, CVE-2014-4288, CVE-2014-6456, CVE-2014-6457, CVE-2014-6458, CVE-2014-6466, CVE-2014-6468, CVE-2014-6476, CVE-2014-6485, CVE-2014-6492, CVE-2014-6493, CVE-2014-6502, CVE-2014-6503, CVE-2014-6504, CVE-2014-6506, CVE-2014-6511, CVE-2014-6512, CVE-2014-6513, CVE-2014-6515, CVE-2014-6517, CVE-2014-6519, CVE-2014-6527, CVE-2014-6531, CVE-2014-6532, CVE-2014-6558, CVE-2014-6562, CVE-2014-9293, CVE-2014-9294
MD5 | 1bb4795beb321e519020ba164d8124db
Mandriva Linux Security Advisory 2015-003
Posted Jan 5, 2015
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2015-003 - If no authentication key is defined in the ntp.conf file, a cryptographically-weak default key is generated. ntp-keygen before 4.2.7p230 uses a non-cryptographic random number generator with a weak seed to generate symmetric keys. A remote unauthenticated attacker may craft special packets that trigger buffer overflows in the ntpd functions crypto_recv() (when using autokey authentication), ctl_putdata(), and configure(). The resulting buffer overflows may be exploited to allow arbitrary malicious code to be executed with the privilege of the ntpd process. A section of code in ntpd handling a rare error is missing a return statement, therefore processing did not stop when the error was encountered. This situation may be exploitable by an attacker. The ntp package has been patched to fix these issues.

tags | advisory, remote, overflow, arbitrary
systems | linux, mandriva
advisories | CVE-2014-9293, CVE-2014-9294, CVE-2014-9295, CVE-2014-9296
MD5 | f616ead0b5ef994d0519beeb7a84a09a
Gentoo Linux Security Advisory 201412-34
Posted Dec 26, 2014
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201412-34 - Multiple vulnerabilities have been found in NTP, the worst of which could result in remote execution of arbitrary code. Versions less than 4.2.8 are affected.

tags | advisory, remote, arbitrary, vulnerability
systems | linux, gentoo
advisories | CVE-2014-9293, CVE-2014-9294, CVE-2014-9295, CVE-2014-9296
MD5 | 3fa90939625997dbafb2564f0dd3b508
FreeBSD Security Advisory - NTP Weak Seeding / Buffer Overflow
Posted Dec 24, 2014
Site security.freebsd.org

FreeBSD Security Advisory - The ntpd(8) daemon is an implementation of the Network Time Protocol (NTP) used to synchronize the time of a computer system to a reference time source. When no authentication key is set in the configuration file, ntpd(8) would generate a random key that uses a non-linear additive feedback random number generator seeded with very few bits of entropy. The ntp-keygen(8) utility is also affected by a similar issue. When Autokey Authentication is enabled, for example if ntp.conf(5) contains a 'crypto pw' directive, a remote attacker can send a carefully crafted packet that can overflow a stack buffer. In ntp_proto.c, the receive() function is missing a return statement in the case when an error is detected.

tags | advisory, remote, overflow, crypto, protocol
systems | freebsd
advisories | CVE-2014-9293, CVE-2014-9294, CVE-2014-9295, CVE-2014-9296
MD5 | c0686516e1cd6bb7454b00db8848f13f
Cisco Security Advisory 20141222-ntpd
Posted Dec 24, 2014
Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - Multiple Cisco products incorporate a version of the ntpd package. Versions of this package are affected by one or more vulnerabilities that could allow an unauthenticated, remote attacker to execute arbitrary code or create a denial of service (DoS) condition. On December 19, 2014, NTP.org and US-CERT released security advisories detailing two issues regarding weak cryptographic pseudorandom number generation (PRNG), three buffer overflow vulnerabilities, and an unhandled error condition with an unknown impact. Cisco will release free software updates that address these vulnerabilities. Workarounds that mitigate these vulnerabilities are available.

tags | advisory, remote, denial of service, overflow, arbitrary, vulnerability
systems | cisco
advisories | CVE-2014-9293, CVE-2014-9294, CVE-2014-9295, CVE-2014-9296
MD5 | a59f55aa9ca0db51b26a01267e615c81
Slackware Security Advisory - ntp Updates
Posted Dec 23, 2014
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New ntp packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix security issues.

tags | advisory
systems | linux, slackware
advisories | CVE-2014-9293, CVE-2014-9294, CVE-2014-9295, CVE-2014-9296
MD5 | 2546e09e60219e1457c1e9ee519895af
Red Hat Security Advisory 2014-2024-01
Posted Dec 22, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-2024-01 - The Network Time Protocol is used to synchronize a computer's time with a referenced time source. Multiple buffer overflow flaws were discovered in ntpd's crypto_recv(), ctl_putdata(), and configure() functions. A remote attacker could use either of these flaws to send a specially crafted request packet that could crash ntpd or, potentially, execute arbitrary code with the privileges of the ntp user. Note: the crypto_recv() flaw requires non-default configurations to be active, while the ctl_putdata() flaw, by default, can only be exploited via local attackers, and the configure() flaw requires additional authentication to exploit.

tags | advisory, remote, overflow, arbitrary, local, protocol
systems | linux, redhat
advisories | CVE-2014-9293, CVE-2014-9294, CVE-2014-9295, CVE-2014-9296
MD5 | 60bd8aa5048ba79a8ddfcd64e716d0b2
Ubuntu Security Notice USN-2449-1
Posted Dec 22, 2014
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2449-1 - Neel Mehta discovered that NTP generated weak authentication keys. A remote attacker could possibly use this issue to brute force the authentication key and send requests if permitted by IP restrictions. Stephen Roettger discovered that NTP generated weak MD5 keys. A remote attacker could possibly use this issue to brute force the MD5 key and spoof a client or server. Stephen Roettger discovered that NTP contained buffer overflows in the crypto_recv(), ctl_putdata() and configure() functions. In non-default configurations, a remote attacker could use these issues to cause NTP to crash, resulting in a denial of service, or possibly execute arbitrary code. The default compiler options for affected releases should reduce the vulnerability to a denial of service. In addition, attackers would be isolated by the NTP AppArmor profile. Various other issues were also addressed.

tags | advisory, remote, denial of service, overflow, arbitrary, spoof
systems | linux, ubuntu
advisories | CVE-2014-9293, CVE-2014-9294, CVE-2014-9295, CVE-2014-9296
MD5 | 711278445d5d3720a80ec9f652c7e8a2
Red Hat Security Advisory 2014-2025-01
Posted Dec 22, 2014
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2014-2025-01 - The Network Time Protocol is used to synchronize a computer's time with a referenced time source. Multiple buffer overflow flaws were discovered in ntpd's crypto_recv(), ctl_putdata(), and configure() functions. A remote attacker could use either of these flaws to send a specially crafted request packet that could crash ntpd or, potentially, execute arbitrary code with the privileges of the ntp user. Note: the crypto_recv() flaw requires non-default configurations to be active, while the ctl_putdata() flaw, by default, can only be exploited via local attackers, and the configure() flaw requires additional authentication to exploit.

tags | advisory, remote, overflow, arbitrary, local, protocol
systems | linux, redhat
advisories | CVE-2014-9293, CVE-2014-9294, CVE-2014-9295
MD5 | c796fcdbd153b474b215cbc98cfb7eaf
Debian Security Advisory 3108-1
Posted Dec 22, 2014
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3108-1 - Several vulnerabilities were discovered in the ntp package, an implementation of the Network Time Protocol.

tags | advisory, vulnerability, protocol
systems | linux, debian
advisories | CVE-2014-9293, CVE-2014-9294, CVE-2014-9295, CVE-2014-9296
MD5 | 83909c331fd652c887fb52d8126b5b13
Page 1 of 1
Back1Next

File Archive:

November 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    22 Files
  • 2
    Nov 2nd
    28 Files
  • 3
    Nov 3rd
    10 Files
  • 4
    Nov 4th
    1 Files
  • 5
    Nov 5th
    5 Files
  • 6
    Nov 6th
    15 Files
  • 7
    Nov 7th
    15 Files
  • 8
    Nov 8th
    13 Files
  • 9
    Nov 9th
    9 Files
  • 10
    Nov 10th
    9 Files
  • 11
    Nov 11th
    3 Files
  • 12
    Nov 12th
    2 Files
  • 13
    Nov 13th
    15 Files
  • 14
    Nov 14th
    17 Files
  • 15
    Nov 15th
    19 Files
  • 16
    Nov 16th
    15 Files
  • 17
    Nov 17th
    19 Files
  • 18
    Nov 18th
    4 Files
  • 19
    Nov 19th
    2 Files
  • 20
    Nov 20th
    9 Files
  • 21
    Nov 21st
    14 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close