CVE-2014-9751

medium
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

The read_network_packet function in ntp_io.c in ntpd in NTP 4.x before 4.2.8p1 on Linux and OS X does not properly determine whether a source IP address is an IPv6 loopback address, which makes it easier for remote attackers to spoof restricted packets, and read or write to the runtime state, by leveraging the ability to reach the ntpd machine's network interface with a packet from the ::1 address.

References

http://bugs.ntp.org/show_bug.cgi?id=2672

http://www.kb.cert.org/vuls/id/852879

http://support.ntp.org/bin/view/Main/SecurityNotice#December_2014_NTP_Security_Vulne

https://bugzilla.redhat.com/show_bug.cgi?id=1184572

http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html

http://www.securityfocus.com/bid/72584

http://www.debian.org/security/2015/dsa-3388

http://rhn.redhat.com/errata/RHSA-2015-1459.html

https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03886en_us

Details

Source: MITRE

Published: 2015-10-06

Updated: 2021-09-08

Type: CWE-20

Risk Information

CVSS v2

Base Score: 6.8

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

Impact Score: 6.4

Exploitability Score: 8.6

Severity: MEDIUM

Tenable Plugins

View all (11 total)

IDNameProductFamilySeverity
87564Scientific Linux Security Update : ntp on SL7.x x86_64 (20151119)NessusScientific Linux Local Security Checks
high
87143CentOS 7 : ntp (CESA-2015:2231)NessusCentOS Local Security Checks
high
87030Oracle Linux 7 : ntp (ELSA-2015-2231)NessusOracle Linux Local Security Checks
high
86975RHEL 7 : ntp (RHSA-2015:2231)NessusRed Hat Local Security Checks
high
86682Debian DSA-3388-1 : ntp - security updateNessusDebian Local Security Checks
critical
86257F5 Networks BIG-IP : NTP vulnerability (K16393)NessusF5 Networks Local Security Checks
medium
85111Oracle Linux 6 : ntp (ELSA-2015-1459)NessusOracle Linux Local Security Checks
high
85025CentOS 6 : ntp (CESA-2015:1459)NessusCentOS Local Security Checks
high
84951RHEL 6 : ntp (RHSA-2015:1459)NessusRed Hat Local Security Checks
high
81981Network Time Protocol Daemon (ntpd) 4.x < 4.2.8p1 Multiple VulnerabilitiesNessusMisc.
critical
81189Debian DSA-3154-1 : ntp - security updateNessusDebian Local Security Checks
medium