ntp is vulnerable to denial of service (DoS) attacks. The vulnerability exists as a stack-based buffer overflow was found in the way the NTP autokey protocol was implemented. When an NTP client decrypted a secret received from an NTP server, it could cause that client to crash.
CPE | Name | Operator | Version |
---|---|---|---|
ntp | eq | 4.2.4p8__2.el6 | |
ntp | eq | 4.2.6p5__1.el6 | |
ntp | eq | 4.2.4p8__3.el6 | |
ntp | eq | 4.2.6p5__2.el6_5 | |
ntp | eq | 4.2.6p5__2.el6_6 | |
ntp | eq | 4.2.6p5__3.el6_6 |
access.redhat.com/security/cve/CVE-2014-9750
access.redhat.com/security/cve/CVE-2014-9751
access.redhat.com/security/updates/classification/#moderate
bugzilla.redhat.com/show_bug.cgi?id=1045376
bugzilla.redhat.com/show_bug.cgi?id=1117704
bugzilla.redhat.com/show_bug.cgi?id=1122015
bugzilla.redhat.com/show_bug.cgi?id=1165141
bugzilla.redhat.com/show_bug.cgi?id=1166596
bugzilla.redhat.com/show_bug.cgi?id=1171630
bugzilla.redhat.com/show_bug.cgi?id=1190619
bugzilla.redhat.com/show_bug.cgi?id=1193849
bugzilla.redhat.com/show_bug.cgi?id=1193850
bugzilla.redhat.com/show_bug.cgi?id=995134
rhn.redhat.com/errata/RHSA-2015-1459.html