11 matches found
SUSE CVE-2014-9296
The receive function in ntpproto.c in ntpd in NTP before 4.2.8 continues to execute after detecting a certain authentication error, which might allow remote attackers to trigger an unintended association change via crafted packets...
Oracle Solaris Third-Party Patch Update : ntp (multiple_vulnerabilities_in_ntp)
The remote Solaris system is missing necessary patches to address security updates : - Multiple stack-based buffer overflows in ntpd in NTP before 4.2.8 allow remote attackers to execute arbitrary code via a crafted packet, related to 1 the cryptorecv function when the Autokey Authentication...
ntp: multiple issues
Keys explicitly generated by "ntp-keygen -M" should be regenerated. - CVE-2014-9293 weak key generation ntpd generated a weak key for its internal use, with full administrative privileges. Attackers could use this key to reconfigure ntpd or to exploit other vulnerabilities. - CVE-2014-9294 weak k...
CVE-2014-9296
The receive function in ntpproto.c in ntpd in NTP before 4.2.8 continues to execute after detecting a certain authentication error, which might allow remote attackers to trigger an unintended association change via crafted packets...
DEBIAN-CVE-2014-9296
The receive function in ntpproto.c in ntpd in NTP before 4.2.8 continues to execute after detecting a certain authentication error, which might allow remote attackers to trigger an unintended association change via crafted packets...
CVE-2014-9296
The receive function in ntpproto.c in ntpd in NTP before 4.2.8 continues to execute after detecting a certain authentication error, which might allow remote attackers to trigger an unintended association change via crafted packets...
Authentication flaw
The receive function in ntpproto.c in ntpd in NTP before 4.2.8 continues to execute after detecting a certain authentication error, which might allow remote attackers to trigger an unintended association change via crafted packets...
CVE-2014-9296
The receive function in ntpproto.c in ntpd in NTP before 4.2.8 continues to execute after detecting a certain authentication error, which might allow remote attackers to trigger an unintended association change via crafted packets...
CVE-2014-9296
The receive function in ntpproto.c in ntpd in NTP before 4.2.8 continues to execute after detecting a certain authentication error, which might allow remote attackers to trigger an unintended association change via crafted packets...
CVE-2014-9296
CVE-2014-9296 affects ntpd in NTP up to version 4.2.8, arising from a missing return on error in receive() (ntp_proto.c). This could allow remote attackers to trigger an unintended association change by sending crafted packets. The connected advisories indicate affected deployments include multip...
CVE-2014-9296
The receive function in ntpproto.c in ntpd in NTP before 4.2.8 continues to execute after detecting a certain authentication error, which might allow remote attackers to trigger an unintended association change via crafted packets...