CVE-2014-9750 — Vulnetix

Try Vulnetix Request Demo

CVE-2014-9750 PUBLISHED

Reported by mitre · Published October 4, 2015

ntp_crypto.c in ntpd in NTP 4.x before 4.2.8p1, when Autokey Authentication is enabled, allows remote attackers to obtain sensitive information from process memory or cause a denial of service (daemon crash) via a packet containing an extension field with an invalid value for the length of its value field.

Affected Products

Vendor	Product	Versions
n/a	n/a	n/a
n/a	n/a	n/a

Timeline

Oct 4, 2015 CVE Published
Feb 4, 2022 EPSS Score
Mar 28, 2022 EPSS Score
Jul 10, 2022 EPSS Score
Sep 1, 2022 EPSS Score
Oct 23, 2022 EPSS Score
Feb 4, 2023 EPSS Score
Mar 7, 2023 EPSS Score
Mar 28, 2023 EPSS Score
Jul 10, 2023 EPSS Score
Aug 31, 2023 EPSS Score
Oct 22, 2023 EPSS Score

References

VU#852879 third-party-advisoryx_refsource_CERT-VN
x_refsource_CONFIRM
72583 vdb-entryx_refsource_BID
x_refsource_CONFIRM
x_refsource_CONFIRM
DSA-3388 vendor-advisoryx_refsource_DEBIAN
RHSA-2015:1459 vendor-advisoryx_refsource_REDHAT
x_refsource_CONFIRM
x_refsource_CONFIRM

Open in Interactive Console →