Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
cve[email protected]CVE-2014-9750
HistoryOct 06, 2015 - 1:59 a.m.

CVE-2014-9750

2015-10-0601:59:00
CWE-20
[email protected]
web.nvd.nist.gov
139
cve-2014-9750
ntp
4.x
4.2.8p1
autokey authentication
remote attackers
sensitive information
denial of service

5.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:N/A:P

6.8 Medium

AI Score

Confidence

High

0.01 Low

EPSS

Percentile

83.4%

JSON

ntp_crypto.c in ntpd in NTP 4.x before 4.2.8p1, when Autokey Authentication is enabled, allows remote attackers to obtain sensitive information from process memory or cause a denial of service (daemon crash) via a packet containing an extension field with an invalid value for the length of its value field.

Affected configurations

NVD
Node
ntpntpRange4.2.04.2.8
OR
ntpntpMatch4.2.8-
Node
redhatenterprise_linux_desktopMatch6.0
OR
redhatenterprise_linux_serverMatch6.0
OR
redhatenterprise_linux_workstationMatch6.0
Node
debiandebian_linuxMatch7.0
OR
debiandebian_linuxMatch8.0
OR
debiandebian_linuxMatch9.0
Node
oraclelinuxMatch7-
CPENameOperatorVersion
ntp:ntpntplt4.2.8

Related

prion 6
debiancve 4
nvd 6
cvelist 4
veracode 4
ibm 4
osv 4
f5 3
cve 5
openvas 16
nessus 26
ubuntucve 4
centos 4
redhat 4
oraclelinux 1
amazon 1
freebsd_advisory 1
slackware 1
debian 2
prion
prion
Authentication flaw
2015-10-06 01:59:00
Code injection
2017-08-07 20:29:00
Code injection
2017-08-07 20:29:00
debiancve
debiancve
CVE-2014-9750
2015-10-06 01:59:00
CVE-2015-7702
2017-08-07 20:29:00
CVE-2015-7691
2017-08-07 20:29:00
nvd
nvd
CVE-2014-9750
2015-10-06 01:59:00
CVE-2015-7691
2017-08-07 20:29:00
CVE-2015-7702
2017-08-07 20:29:00
cvelist
cvelist
CVE-2014-9750
2015-10-04 20:00:00
CVE-2015-7692
2017-08-07 20:00:00
CVE-2015-7691
2017-08-07 20:00:00
veracode
veracode
Sensitive Information Leak
2019-05-02 05:41:07
Denial Of Service (DoS)
2019-05-02 05:29:36
Denial Of Service (DoS)
2019-05-02 05:29:36
ibm
ibm
Security Bulletin: IBM Pure Power Integrated Manager (PPIM) is affected by vulnerabilities in ntp (CVE-2014-9750, CVE-2014-9751)
2018-06-18 01:30:30
Security Bulletin: Multiple Security Vulnerabilities affecting IBM Netezza Host Management
2019-10-18 03:10:29
Security Bulletin: Vulnerabilities in NTP affect IBM Flex System FC3171 8Gb SAN Switch & SAN Pass-thru Firmware, QLogic 8Gb Intelligent Pass-thru Module & SAN Switch Module and QLogic Virtual Fabric Extension Module for IBM BladeCenter
2023-04-14 14:32:25
osv
osv
ntp - security update
2015-02-05 00:00:00
ntp - incomplete fix
2015-02-05 00:00:00
ntp - security update
2015-11-01 00:00:00
f5
f5
SOL16392 - NTP vulnerability CVE-2014-9750
2015-04-09 00:00:00
K16392 : NTP vulnerability CVE-2014-9750
2015-11-07 00:00:00
K17530 : NTP vulnerabilities CVE-2015-7691, CVE-2015-7692, and CVE-2015-7702
2015-11-05 00:00:00
cve
cve
CVE-2015-7691
2017-08-07 20:29:00
CVE-2015-7692
2017-08-07 20:29:00
CVE-2015-7702
2017-08-07 20:29:00
openvas
openvas
NTP.org 'ntpd' Multiple Vulnerabilities
2017-01-05 00:00:00
Debian: Security Advisory (DSA-3154-2)
2015-02-04 00:00:00
Debian: Security Advisory (DLA-149-1)
2023-03-08 00:00:00
nessus
nessus
Debian DSA-3154-1 : ntp - security update
2015-02-06 00:00:00
F5 Networks BIG-IP : NTP vulnerability (SOL16392)
2015-09-16 00:00:00
F5 Networks BIG-IP : NTP vulnerabilities (K17530)
2015-11-06 00:00:00
ubuntucve
ubuntucve
CVE-2014-9750
2015-10-06 00:00:00
CVE-2015-7691
2015-10-22 00:00:00
CVE-2015-7702
2015-10-22 00:00:00
centos
centos
ntp, ntpdate security update
2015-07-26 14:13:05
ntp, ntpdate, sntp security update
2015-11-30 19:45:44
ntp, ntpdate security update
2016-05-16 10:19:19
redhat
redhat
(RHSA-2015:1459) Moderate: ntp security, bug fix, and enhancement update
2015-07-22 00:00:00
(RHSA-2015:2231) Moderate: ntp security, bug fix, and enhancement update
2015-11-19 14:42:12
(RHSA-2016:0780) Moderate: ntp security and bug fix update
2016-05-10 06:42:20
oraclelinux
oraclelinux
ntp security, bug fix, and enhancement update
2015-11-23 00:00:00
amazon
amazon
Important: ntp
2015-10-27 16:42:00
freebsd_advisory
freebsd_advisory
FreeBSD-SA-15:25.ntp
2015-10-26 00:00:00
slackware
slackware
[slackware-security] ntp
2015-10-29 22:49:05
debian
debian
[SECURITY] [DLA 335-1] ntp security update
2015-10-28 20:45:05
[SECURITY] [DSA 3388-1] ntp security update
2015-11-01 22:20:55

5.8 Medium

CVSS2

Attack Vector

NETWORK

Attack Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:N/A:P

6.8 Medium

AI Score

Confidence

High

0.01 Low

EPSS

Percentile

83.4%

JSON
Related for CVE-2014-9750
prion6debiancve4nvd6cvelist4veracode4ibm4osv4f53cve5openvas16nessus26ubuntucve4centos4redhat4oraclelinux1amazon1freebsd_advisory1slackware1debian2