CVE-2014-9296 (retired)

Priority
Description
The receive function in ntp_proto.c in ntpd in NTP before 4.2.8 continues
to execute after detecting a certain authentication error, which might
allow remote attackers to trigger an unintended association change via
crafted packets.
Assigned-to
mdeslaur
Package
Source: ntp (LP Ubuntu Debian)
Upstream:released (4.2.8)
Ubuntu 14.04 LTS (Trusty Tahr):released (1:4.2.6.p5+dfsg-3ubuntu2.14.04.1)
Patches:
Upstream:http://bk1.ntp.org/ntp-dev/?PAGE=patch&REV=548ad06feXHK1HlZoY-WZVyynwvwAg
More Information

Updated: 2019-03-26 12:13:50 UTC (commit ccdecfcf0fead22bd291e5f4ea745a46872dcb15)