Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2014-9751
HistoryOct 06, 2015 - 1:59 a.m.

CVE-2014-9751

2015-10-0601:59:00
CWE-20
[email protected]
web.nvd.nist.gov
166
ntp
ntp 4.x
cve-2014-9751
network packet
spoofing
remote attack
ipv6
loopback address
nvd

7.2 High

AI Score

Confidence

High

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.014 Low

EPSS

Percentile

86.3%

JSON

The read_network_packet function in ntp_io.c in ntpd in NTP 4.x before 4.2.8p1 on Linux and OS X does not properly determine whether a source IP address is an IPv6 loopback address, which makes it easier for remote attackers to spoof restricted packets, and read or write to the runtime state, by leveraging the ability to reach the ntpd machine’s network interface with a packet from the ::1 address.

Related

prion 3
f5 2
debiancve 1
osv 2
nessus 11
openvas 7
ibm 4
ubuntucve 1
cve 2
veracode 1
redhat 2
centos 2
oraclelinux 1
debian 1
prion
prion
Authentication flaw
2015-10-06 01:59:00
Design/Logic Flaw
2015-10-06 01:59:00
Design/Logic Flaw
2015-10-06 01:59:00
f5
f5
SOL16393 - NTP vulnerability CVE-2014-9751
2015-04-09 00:00:00
K16393 : NTP vulnerability CVE-2014-9751
2015-11-07 00:00:00
debiancve
debiancve
CVE-2014-9751
2015-10-06 01:59:00
osv
osv
ntp - security update
2015-02-05 00:00:00
ntp - incomplete fix
2015-02-05 00:00:00
nessus
nessus
F5 Networks BIG-IP : NTP vulnerability (K16393)
2015-10-05 00:00:00
Debian DSA-3154-1 : ntp - security update
2015-02-06 00:00:00
Scientific Linux Security Update : ntp on SL7.x x86_64 (20151119)
2015-12-22 00:00:00
openvas
openvas
Debian: Security Advisory (DSA-3154-2)
2015-02-04 00:00:00
NTP.org 'ntpd' Multiple Vulnerabilities
2017-01-05 00:00:00
Debian: Security Advisory (DLA-149-1)
2023-03-08 00:00:00
ibm
ibm
Security Bulletin: IBM Pure Power Integrated Manager (PPIM) is affected by vulnerabilities in ntp (CVE-2014-9750, CVE-2014-9751)
2018-06-18 01:30:30
Security Bulletin: Multiple Security Vulnerabilities affecting IBM Netezza Host Management
2019-10-18 03:10:29
Security Bulletin: Vulnerabilities in NTP affect IBM Flex System FC3171 8Gb SAN Switch & SAN Pass-thru Firmware, QLogic 8Gb Intelligent Pass-thru Module & SAN Switch Module and QLogic Virtual Fabric Extension Module for IBM BladeCenter
2023-04-14 14:32:25
ubuntucve
ubuntucve
CVE-2014-9751
2015-10-06 00:00:00
cve
cve
CVE-2014-9298
2015-10-06 01:59:00
CVE-2014-9297
2015-10-06 01:59:00
veracode
veracode
Denial Of Service (DoS)
2019-05-02 05:41:07
redhat
redhat
(RHSA-2015:1459) Moderate: ntp security, bug fix, and enhancement update
2015-07-22 00:00:00
(RHSA-2015:2231) Moderate: ntp security, bug fix, and enhancement update
2015-11-19 14:42:12
centos
centos
ntp, ntpdate security update
2015-07-26 14:13:05
ntp, ntpdate, sntp security update
2015-11-30 19:45:44
oraclelinux
oraclelinux
ntp security, bug fix, and enhancement update
2015-11-23 00:00:00
debian
debian
[SECURITY] [DSA 3388-1] ntp security update
2015-11-01 22:20:55

7.2 High

AI Score

Confidence

High

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.014 Low

EPSS

Percentile

86.3%

JSON
Related for CVE-2014-9751
prion3f52debiancve1osv2nessus11openvas7ibm4ubuntucve1cve2veracode1redhat2centos2oraclelinux1debian1