Description: This bulletin provides information regarding a vulnerability in the Network Time Protocol (NTP) Project NTP daemon (ntpd) documented by CVE-2014-9296. The ntpd version 4.2.7 and previous versions allow attackers to overflow several buffers in a way that may allow malicious code to be executed.
The NTP Project daemon implementation is widely used in operating system distributions and network products. This vulnerability affects ntpd acting as a server or client.
January 16, 2015
Applicable To The Following Products
This is here to prevent you from accidentally submitting twice.