The config_auth function in ntpd in NTP before 4.2.7p11, when an auth key is not configured, improperly generates a key, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via a brute-force attack.
References
Configurations
History
17 Nov 2021, 22:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
10 Nov 2021, 01:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
05 Nov 2021, 17:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
Information
Published : 2014-12-20 02:59
Updated : 2023-12-10 11:31
NVD link : CVE-2014-9293
Mitre link : CVE-2014-9293
CVE.ORG link : CVE-2014-9293
JSON object : View
Products Affected
ntp
- ntp
CWE