• Tenable
  • CVEs
  • Settings
    Links
    Tenable Cloud Tenable Community & Support Tenable University
    Severity
    Theme
  • Tenable
  • Plugins
  • Overview
  • Plugins Pipeline
  • Newest
  • Updated
  • Search
  • Nessus Families
  • WAS Families
  • NNM Families
  • LCE Families
  • Tenable OT Security Families
  • About Plugin Families
  • Release Notes
  • Audits
  • Overview
  • Newest
  • Updated
  • Search Audit Files
  • Search Items
  • References
  • Authorities
  • Documentation
  • Download All Audit Files
  • Policies
  • Overview
  • Search
  • AWS Resources
  • Azure Resources
  • GCP Resources
  • Kubernetes Resources
  • Indicators
  • Overview
  • Search
  • Indicators of Attack
  • Indicators of Exposure
  • CVEs
  • Overview
  • Newest
  • Search
  • Attack Path Techniques
  • Overview
  • Search
    • Links
    • Tenable Cloud
    • Tenable Community & Support
    • Tenable University
    • Settings
    • Severity
    • Theme
Detections
  • Plugins
  • Overview
  • Plugins Pipeline
  • Release Notes
  • Newest
  • Updated
  • Search
  • Nessus Families
  • WAS Families
  • NNM Families
  • LCE Families
  • Tenable OT Security Families
  • About Plugin Families
  • Audits
  • Overview
  • Newest
  • Updated
  • Search Audit Files
  • Search Items
  • References
  • Authorities
  • Documentation
  • Download All Audit Files
  • Policies
  • Overview
  • Search
  • AWS Resources
  • Azure Resources
  • GCP Resources
  • Kubernetes Resources
  • Indicators
  • Overview
  • Search
  • Indicators of Attack
  • Indicators of Exposure
Analytics
  • CVEs
  • Overview
  • Newest
  • Search
  • Attack Path Techniques
  • Overview
  • Search
  1. CVEs
  2. CVE-2014-9294
  1. CVEs

CVE-2014-9294

high
  • Information
  • CPEs
  • Plugins

Description

util/ntp-keygen.c in ntp-keygen in NTP before 4.2.7p230 uses a weak RNG seed, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via a brute-force attack.

References

http://advisories.mageia.org/MGASA-2014-0541.html

http://marc.info/?l=bugtraq&m=142469153211996&w=2

http://marc.info/?l=bugtraq&m=142590659431171&w=2

http://marc.info/?l=bugtraq&m=142853370924302&w=2

http://marc.info/?l=bugtraq&m=144182594518755&w=2

http://rhn.redhat.com/errata/RHSA-2014-2025.html

http://rhn.redhat.com/errata/RHSA-2015-0104.html

https://bugzilla.redhat.com/show_bug.cgi?id=1176035

http://secunia.com/advisories/62209

https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04790232

https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04916783

https://kc.mcafee.com/corporate/index?page=content&id=SB10103

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20141222-ntpd

http://www.kb.cert.org/vuls/id/852879

http://www.mandriva.com/security/advisories?name=MDVSA-2015:003

http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html

Details

Published: 2014-12-20

Risk Information

CVSS v2

Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

Severity: High

  • Tenable.com
  • Community & Support
  • Documentation
  • Education
  • © 2023 Tenable®, Inc. All Rights Reserved
  • Privacy Policy
  • Legal
  • 508 Compliance