Vulnerability Details : CVE-2014-9750
ntp_crypto.c in ntpd in NTP 4.x before 4.2.8p1, when Autokey Authentication is enabled, allows remote attackers to obtain sensitive information from process memory or cause a denial of service (daemon crash) via a packet containing an extension field with an invalid value for the length of its value field.
Vulnerability category: Input validationDenial of service
Exploit prediction scoring system (EPSS) score for CVE-2014-9750
Probability of exploitation activity in the next 30 days: 0.97%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 81 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2014-9750
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
|---|---|---|---|---|---|
|
5.8
|
MEDIUM | AV:N/AC:M/Au:N/C:P/I:N/A:P |
8.6
|
4.9
|
NIST |
CWE ids for CVE-2014-9750
-
The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.Assigned by: nvd@nist.gov (Primary)
References for CVE-2014-9750
-
http://rhn.redhat.com/errata/RHSA-2015-1459.html
RHSA-2015:1459 - Security Advisory - Red Hat Customer PortalThird Party Advisory
-
http://www.securityfocus.com/bid/72583
NTP 'ntp_crypto.c' Information Disclosure VulnerabilityThird Party Advisory;VDB Entry
-
http://www.debian.org/security/2015/dsa-3388
Debian -- Security Information -- DSA-3388-1 ntpThird Party Advisory
-
http://bugs.ntp.org/show_bug.cgi?id=2671
Bug 2671 – vallen is not validated, leading to potential info leakIssue Tracking;Patch;Vendor Advisory
-
http://support.ntp.org/bin/view/Main/SecurityNotice#December_2014_NTP_Security_Vulne
SecurityNotice < Main < NTPRelease Notes;Vendor Advisory
-
http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html
Oracle Linux Bulletin - October 2015Third Party Advisory
-
http://www.kb.cert.org/vuls/id/852879
VU#852879 - NTP Project Network Time Protocol daemon (ntpd) contains multiple vulnerabilities (Updated)Third Party Advisory;US Government Resource
-
https://bugzilla.redhat.com/show_bug.cgi?id=1184573
1184573 – (CVE-2014-9297, CVE-2014-9750) CVE-2014-9297 CVE-2014-9750 ntp: vallen in extension fields are not validatedIssue Tracking;Patch;Third Party Advisory
-
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03886en_us
HPESBHF03886 rev.1 - HPE Comware 5 and Comware 7 Switches and Routers using NTP, Remote Denial of ServiceThird Party Advisory
Products affected by CVE-2014-9750
- cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
- cpe:2.3:o:oracle:linux:7:-:*:*:*:*:*:*
- cpe:2.3:a:ntp:ntp:*:*:*:*:*:*:*:*
- cpe:2.3:a:ntp:ntp:4.2.8:-:*:*:*:*:*:*