The read_network_packet function in ntp_io.c in ntpd in NTP 4.x before 4.2.8p1 on Linux and OS X does not properly determine whether a source IP address is an IPv6 loopback address, which makes it easier for remote attackers to spoof restricted packets, and read or write to the runtime state, by leveraging the ability to reach the ntpd machine's network interface with a packet from the ::1 address.
References
Link | Resource |
---|---|
http://bugs.ntp.org/show_bug.cgi?id=2672 | Issue Tracking Patch Vendor Advisory |
http://rhn.redhat.com/errata/RHSA-2015-1459.html | Third Party Advisory |
http://support.ntp.org/bin/view/Main/SecurityNotice#December_2014_NTP_Security_Vulne | Vendor Advisory |
http://www.debian.org/security/2015/dsa-3388 | Third Party Advisory |
http://www.kb.cert.org/vuls/id/852879 | Third Party Advisory US Government Resource |
http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html | Third Party Advisory |
http://www.securityfocus.com/bid/72584 | Third Party Advisory VDB Entry |
https://bugzilla.redhat.com/show_bug.cgi?id=1184572 | Issue Tracking Third Party Advisory |
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03886en_us | Third Party Advisory |
History
No history.
MITRE Information
Status: PUBLISHED
Assigner: mitre
Published: 2015-10-04T20:00:00
Updated: 2018-08-28T09:57:01
Reserved: 2015-10-04T00:00:00
Link: CVE-2014-9751
JSON object: View
NVD Information
Status : Analyzed
Published: 2015-10-06T01:59:02.610
Modified: 2021-09-08T17:19:31.060
Link: CVE-2014-9751
JSON object: View
Redhat Information
No data.
CWE