Exploit the possiblities
Showing 1 - 10 of 10 RSS Feed

CVE-2014-9297

Status Candidate

Overview

** REJECT ** DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2014-9750, CVE-2014-9751. Reason: this ID was intended for one issue, but was associated with two issues. Notes: All CVE users should consult CVE-2014-9750 and CVE-2014-9751 to identify the ID or IDs of interest. All references and descriptions in this candidate have been removed to prevent accidental usage.

Related Files

Red Hat Security Advisory 2015-2231-04
Posted Nov 20, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-2231-04 - The Network Time Protocol is used to synchronize a computer's time with another referenced time source. These packages include the ntpd service which continuously adjusts system time and utilities used to query and configure the ntpd service. It was found that because NTP's access control was based on a source IP address, an attacker could bypass source IP restrictions and send malicious control and configuration packets by spoofing ::1 addresses. A denial of service flaw was found in the way NTP hosts that were peering with each other authenticated themselves before updating their internal state variables. An attacker could send packets to one peer host, which could cascade to other peers, and stop the synchronization process among the reached peers.

tags | advisory, denial of service, spoof, protocol
systems | linux, redhat
advisories | CVE-2014-9297, CVE-2014-9298, CVE-2014-9750, CVE-2014-9751, CVE-2015-1798, CVE-2015-1799, CVE-2015-3405
MD5 | 738d8a326cd620fcecec2cb10f69355b
Red Hat Security Advisory 2015-1459-01
Posted Jul 22, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-1459-01 - The Network Time Protocol is used to synchronize a computer's time with another referenced time source. It was found that because NTP's access control was based on a source IP address, an attacker could bypass source IP restrictions and send malicious control and configuration packets by spoofing ::1 addresses. A denial of service flaw was found in the way NTP hosts that were peering with each other authenticated themselves before updating their internal state variables. An attacker could send packets to one peer host, which could cascade to other peers, and stop the synchronization process among the reached peers.

tags | advisory, denial of service, spoof, protocol
systems | linux, redhat
advisories | CVE-2014-9297, CVE-2014-9298, CVE-2015-1798, CVE-2015-1799, CVE-2015-3405
MD5 | fae2ba19f95684d8408b3bc551cf47ea
HP Security Bulletin HPSBUX03240 SSRT101872 2
Posted Apr 9, 2015
Authored by HP | Site hp.com

HP Security Bulletin HPSBUX03240 SSRT101872 2 - Potential security vulnerabilities have been identified with HP-UX running NTP. These could be exploited remotely to execute code, create a Denial of Service (DoS), or other vulnerabilities. Revision 2 of this advisory.

tags | advisory, denial of service, vulnerability
systems | hpux
advisories | CVE-2014-9293, CVE-2014-9294, CVE-2014-9295, CVE-2014-9296, CVE-2014-9297
MD5 | 4385bb919e195fce9e150eebdf165315
FreeBSD Security Advisory - ntp Issues
Posted Apr 8, 2015
Site security.freebsd.org

FreeBSD Security Advisory - The ntpd(8) daemon is an implementation of the Network Time Protocol (NTP) used to synchronize the time of a computer system to a reference time source. The vallen packet value is not validated in several code paths in ntp_crypto.c. When ntpd(8) is configured to use a symmetric key to authenticate a remote NTP server/peer, it checks if the NTP message authentication code (MAC) in received packets is valid, but not that there actually is any MAC included, and packets without a MAC are accepted as if they had a valid MAC. NTP state variables are updated prior to validating the received packets.

tags | advisory, remote, protocol
systems | freebsd
advisories | CVE-2014-9297, CVE-2015-1798, CVE-2015-1799
MD5 | 6b5b2146b2f3da2a6ba4207a596fe02f
Mandriva Linux Security Advisory 2015-140
Posted Mar 30, 2015
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2015-140 - If no authentication key is defined in the ntp.conf file, a cryptographically-weak default key is generated. ntp-keygen before 4.2.7p230 uses a non-cryptographic random number generator with a weak seed to generate symmetric keys. A remote unauthenticated attacker may craft special packets that trigger buffer overflows in the ntpd functions crypto_recv() (when using autokey authentication), ctl_putdata(), and configure(). The resulting buffer overflows may be exploited to allow arbitrary malicious code to be executed with the privilege of the ntpd process. A section of code in ntpd handling a rare error is missing a return statement, therefore processing did not stop when the error was encountered. This situation may be exploitable by an attacker. Stephen Roettger of the Google Security Team, Sebastian Krahmer of the SUSE Security Team and Harlan Stenn of Network Time Foundation discovered that the length value in extension fields is not properly validated in several code paths in ntp_crypto.c, which could lead to information leakage or denial of service. Stephen Roettger of the Google Security Team reported that ACLs based on IPv6 ::1 addresses can be bypassed. The ntp package has been patched to fix these issues.

tags | advisory, remote, denial of service, overflow, arbitrary
systems | linux, suse, mandriva
advisories | CVE-2014-9293, CVE-2014-9294, CVE-2014-9295, CVE-2014-9296, CVE-2014-9297, CVE-2014-9298
MD5 | 63eace47c4bb590165b141e4cf13cf56
HP Security Bulletin HPSBUX03240 SSRT101872
Posted Feb 19, 2015
Authored by HP | Site hp.com

HP Security Bulletin HPSBUX03240 SSRT101872 - Potential security vulnerabilities have been identified with HP-UX running NTP. These could be exploited remotely to execute code, create a Denial of Service (DoS), or other vulnerabilities. Revision 1 of this advisory.

tags | advisory, denial of service, vulnerability
systems | hpux
advisories | CVE-2014-9293, CVE-2014-9294, CVE-2014-9295, CVE-2014-9296, CVE-2014-9297
MD5 | 5c4a66b3cb7e2dd8edd7d99f81147e16
Mandriva Linux Security Advisory 2015-046
Posted Feb 12, 2015
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2015-046 - Stephen Roettger of the Google Security Team, Sebastian Krahmer of the SUSE Security Team and Harlan Stenn of Network Time Foundation discovered that the length value in extension fields is not properly validated in several code paths in ntp_crypto.c, which could lead to information leakage or denial of service. Stephen Roettger of the Google Security Team reported that ACLs based on IPv6 ::1 addresses can be bypassed.

tags | advisory, denial of service
systems | linux, suse, mandriva
advisories | CVE-2014-9297, CVE-2014-9298
MD5 | 96c786831d217fa6fc18b336957264a6
Ubuntu Security Notice USN-2497-1
Posted Feb 9, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2497-1 - Stephen Roettger, Sebastian Krahmer, and Harlan Stenn discovered that NTP incorrectly handled the length value in extension fields. A remote attacker could use this issue to possibly obtain leaked information, or cause the NTP daemon to crash, resulting in a denial of service. Stephen Roettger discovered that NTP incorrectly handled ACLs based on certain IPv6 addresses.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2014-9297, CVE-2014-9298
MD5 | 1c1066ed5e8e2f1c780fd8a97e9661fc
Debian Security Advisory 3154-2
Posted Feb 9, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3154-2 - Marc Deslauriers reported that the patch applied to ntp for CVE-2014-9297 in DSA 3154-1 was incomplete. This update corrects that problem.

tags | advisory
systems | linux, debian
advisories | CVE-2014-9297
MD5 | 16064b875ef57548fef793ffbc6fe7cf
Debian Security Advisory 3154-1
Posted Feb 9, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3154-1 - Several vulnerabilities were discovered in the ntp package, an implementation of the Network Time Protocol.

tags | advisory, vulnerability, protocol
systems | linux, debian
advisories | CVE-2014-9297, CVE-2014-9298
MD5 | f07a488f03e2076e30703631a2ce8016
Page 1 of 1
Back1Next

File Archive:

November 2017

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    22 Files
  • 2
    Nov 2nd
    28 Files
  • 3
    Nov 3rd
    10 Files
  • 4
    Nov 4th
    1 Files
  • 5
    Nov 5th
    5 Files
  • 6
    Nov 6th
    15 Files
  • 7
    Nov 7th
    15 Files
  • 8
    Nov 8th
    13 Files
  • 9
    Nov 9th
    9 Files
  • 10
    Nov 10th
    9 Files
  • 11
    Nov 11th
    3 Files
  • 12
    Nov 12th
    2 Files
  • 13
    Nov 13th
    15 Files
  • 14
    Nov 14th
    17 Files
  • 15
    Nov 15th
    19 Files
  • 16
    Nov 16th
    15 Files
  • 17
    Nov 17th
    19 Files
  • 18
    Nov 18th
    4 Files
  • 19
    Nov 19th
    2 Files
  • 20
    Nov 20th
    9 Files
  • 21
    Nov 21st
    15 Files
  • 22
    Nov 22nd
    23 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2016 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close