Description: This bulletin provides information regarding a vulnerability in the Network Time Protocol (NTP) Project NTP daemon (ntpd) documented by CVE-2014-9296. The ntpd version 4.2.7 and previous versions allow attackers to overflow several buffers in a way that may allow malicious code to be executed.
The NTP Project daemon implementation is widely used in operating system distributions and network products. This vulnerability affects ntpd acting as a server or client on a system in which not only is authentication configured, but an authentication error occurs.
Release Date:
January 29, 2015
Edit Date:
Applicable To The Following Products
Working...Please wait
This is here to prevent you from accidentally submitting twice.