SUSE CVE-2014-9296

🗓️ 15 Feb 2023 05:25:07Reported by Suse CVEType

susecve

susecve🔗 www.suse.com👁 2 Views

NTP daemon may trigger unauthorized association changes after an auth error in ntpd before 4.2.8.

Reporter	Title	Published	Views	Family All 137
IBM Security Bulletins	Security Bulletin: IBM Netezza Host Management NTP vulnerabilities (CVE-2014-9293, CVE-2014-9294, CVE-2014-9295, CVE-2014-9296)	18 Oct 201903:10	–	ibm
IBM Security Bulletins	Security Bulletin: Multiple Vulnerabilities in Network Time Protocol (NTP) Affect Power Hardware Management Console (CVE-2014-9293, CVE-2014-9294, CVE-2014-9295, CVE-2014-9296)	23 Sep 202101:31	–	ibm
IBM Security Bulletins	Security Bulletin: IBM Smart Analytics System 7600, 7700, 7710 and IBM PureData System for Operational Analytics is affected by multiple vulnerabilities in Network Time Protocol	18 Oct 201903:50	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerabilities in Network Time Protocol (NTP) affect IBM SONAS (CVE-2014-9293, CVE-2014-9294, CVE-2014-9295, and CVE-2014-9296)	18 Jun 201800:09	–	ibm
IBM Security Bulletins	Security Bulletin: Vulnerabilities in Network Time Protocol (NTP) affect IBM Storwize V7000 Unified (CVE-2014-9293, CVE-2014-9294, CVE-2014-9295, and CVE-2014-9296)	18 Jun 201800:09	–	ibm
IBM Security Bulletins	Security Bulletin: Security Vulnerabilities in Network Time Protocol Daemon affect Intel Manycore Platform Software Stack for use on Intel Xeon Phi 3120A, Intel Xeon Phi 5110P, Intel Xeon Phi 7120A, and Intel Xeon Phi 7120P PCI-Express add-in cards	31 Jan 201901:45	–	ibm
FreeBSD	ntp -- multiple vulnerabilities	19 Dec 201400:00	–	freebsd
Amazon	Important: ntp	19 Dec 201400:00	–	amazon
Tenable Nessus	Amazon Linux AMI : ntp (ALAS-2014-462)	22 Dec 201400:00	–	nessus
Tenable Nessus	CentOS 6 / 7 : ntp (CESA-2014:2024)	22 Dec 201400:00	–	nessus

OS	OS Version	Architecture	Package	Package Version	Filename
SUSE Linux Enterprise Desktop	12	any	ntp	4.2.6p5-31.1	ntp-4.2.6p5-31.1.noarch.rpm
SUSE Linux Enterprise Server	12	any	ntp	4.2.6p5-31.1	ntp-4.2.6p5-31.1.noarch.rpm
SUSE Linux Enterprise Server for SAP applications	12	any	ntp	4.2.6p5-31.1	ntp-4.2.6p5-31.1.noarch.rpm
SUSE Linux Enterprise Desktop	12.3	any	ntp	4.2.8p10-63.3	ntp-4.2.8p10-63.3.noarch.rpm
SUSE Linux Enterprise Server	12.3	any	ntp	4.2.8p10-63.3	ntp-4.2.8p10-63.3.noarch.rpm
SUSE Linux Enterprise Server	15	any	ntp	4.2.8p11-2.12	ntp-4.2.8p11-2.12.noarch.rpm
SUSE Linux Enterprise Server for SAP applications	15	any	ntp	4.2.8p11-2.12	ntp-4.2.8p11-2.12.noarch.rpm
SUSE Linux Enterprise Desktop	12.4	any	ntp	4.2.8p12-64.8.2	ntp-4.2.8p12-64.8.2.noarch.rpm
SUSE Linux Enterprise Server	12.4	any	ntp	4.2.8p12-64.8.2	ntp-4.2.8p12-64.8.2.noarch.rpm
SUSE Linux Enterprise Server	15.1	any	ntp	4.2.8p13-4.6.1	ntp-4.2.8p13-4.6.1.noarch.rpm

Source	Link
suse	www.suse.com/security/cve/CVE-2014-9296
suse	www.suse.com/support/security/rating/
bugzilla	www.bugzilla.suse.com/910764
bugzilla	www.bugzilla.suse.com/911053
bugzilla	www.bugzilla.suse.com/911792
bugzilla	www.bugzilla.suse.com/959243
bugzilla	www.bugzilla.suse.com/992991
lists	www.lists.suse.com/pipermail/sle-security-updates/2014-December/001121.html
lists	www.lists.opensuse.org/archives/list/[email protected]/thread/Z3CJ74QOTG6ZYFZGEQJ3URMLZV2MGDIB/
lists	www.lists.opensuse.org/archives/list/[email protected]/thread/XSEFAFOY6EQWWDGJFALQRZFKCS25V7RT/

17 Jul 2025 01:04Current

9.5High risk

Vulners AI Score9.5

CVSS 25

EPSS0.24613

network time protocol authentication error remote association change crafted packets suse