The receive function in ntp_proto.c in ntpd in NTP before 4.2.8 continues to execute after detecting a certain authentication error, which might allow remote attackers to trigger an unintended association change via crafted packets.
References
Configurations
History
17 Nov 2021, 22:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
10 Nov 2021, 01:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
05 Nov 2021, 17:15
Type | Values Removed | Values Added |
---|---|---|
References |
|
Information
Published : 2014-12-20 02:59
Updated : 2023-12-10 11:31
NVD link : CVE-2014-9296
Mitre link : CVE-2014-9296
CVE.ORG link : CVE-2014-9296
JSON object : View
Products Affected
ntp
- ntp
CWE
CWE-17
DEPRECATED: Code