Technical Support Bulletins

Technical Support Bulletin TSB 2015-212-A [1]

Description: This bulletin provides information regarding a vulnerability in the Network Time Protocol (NTP) Project NTP daemon (ntpd) documented by CVE-2014-9296. The ntpd version 4.2.7 and previous versions allow attackers to overflow several buffers in a way that may allow malicious code to be executed. The NTP Project daemon implementation is widely used in operating system distributions and network products. This vulnerability affects ntpd acting as a server or client on a system in which not only is authentication configured, but an authentication error occurs.
Release Date:
January 29, 2015
Edit Date:

Applicable To The Following Products

Working...Please wait

This is here to prevent you from accidentally submitting twice.

The page will automatically refresh.

Alert!!

Close