CVE-2014-9751: Input Validation
First published: Tue Oct 06 2015(Updated: )
The read_network_packet function in ntp_io.c in ntpd in NTP 4.x before 4.2.8p1 on Linux and OS X does not properly determine whether a source IP address is an IPv6 loopback address, which makes it easier for remote attackers to spoof restricted packets, and read or write to the runtime state, by leveraging the ability to reach the ntpd machine's network interface with a packet from the ::1 address.
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| NTP ntp | >=4.2.0<4.2.8 | |
| NTP ntp | =4.2.8 | |
| Apple macOS | ||
| Linux Linux kernel | ||
| Redhat Enterprise Linux Desktop | =6.0 | |
| Redhat Enterprise Linux Server | =6.0 | |
| Redhat Enterprise Linux Workstation | =6.0 | |
| Debian Debian Linux | =7.0 | |
| Debian Debian Linux | =8.0 | |
| Debian Debian Linux | =9.0 | |
| Oracle Linux | =7 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://bugs.ntp.org/show_bug.cgi?id=2672
- http://rhn.redhat.com/errata/RHSA-2015-1459.html
- http://support.ntp.org/bin/view/Main/SecurityNotice#December_2014_NTP_Security_Vulne
- http://www.debian.org/security/2015/dsa-3388
- http://www.kb.cert.org/vuls/id/852879
- http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html
- http://www.securityfocus.com/bid/72584
- https://bugzilla.redhat.com/show_bug.cgi?id=1184572
- https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03886en_us
- collector/nvd-index
- agent/weakness
- agent/author
- agent/type
- agent/description
- agent/severity
- agent/references
- agent/tags
- agent/event
- agent/remedy
- agent/last-modified-date
- agent/softwarecombine
- agent/first-publish-date
- vendor/ntp
- canonical/ntp ntp
- version/ntp ntp/4.2.0
- version/ntp ntp/4.2.8
- vendor/apple
- canonical/apple macos
- vendor/linux
- canonical/linux linux kernel
- vendor/redhat
- canonical/redhat enterprise linux desktop
- version/redhat enterprise linux desktop/6.0
- canonical/redhat enterprise linux server
- version/redhat enterprise linux server/6.0
- canonical/redhat enterprise linux workstation
- version/redhat enterprise linux workstation/6.0
- vendor/debian
- canonical/debian debian linux
- version/debian debian linux/7.0
- version/debian debian linux/8.0
- version/debian debian linux/9.0
- vendor/oracle
- canonical/oracle linux
- version/oracle linux/7