Unrated severityNVD Advisory· Published Oct 6, 2015· Updated May 6, 2026
CVE-2014-9750
CVE-2014-9750
Description
ntp_crypto.c in ntpd in NTP 4.x before 4.2.8p1, when Autokey Authentication is enabled, allows remote attackers to obtain sensitive information from process memory or cause a denial of service (daemon crash) via a packet containing an extension field with an invalid value for the length of its value field.
Affected products
9cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*+ 2 more
- cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*
- cpe:2.3:o:oracle:linux:7:-:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
Patches
0No patches discovered yet.
Vulnerability mechanics
AI mechanics synthesis has not run for this CVE yet.
References
9- bugs.ntp.org/show_bug.cginvdIssue TrackingPatchVendor Advisory
- bugzilla.redhat.com/show_bug.cginvdIssue TrackingPatchThird Party Advisory
- rhn.redhat.com/errata/RHSA-2015-1459.htmlnvdThird Party Advisory
- support.ntp.org/bin/view/Main/SecurityNoticenvdRelease NotesVendor Advisory
- www.debian.org/security/2015/dsa-3388nvdThird Party Advisory
- www.kb.cert.org/vuls/id/852879nvdThird Party AdvisoryUS Government Resource
- www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.htmlnvdThird Party Advisory
- www.securityfocus.com/bid/72583nvdThird Party AdvisoryVDB Entry
- support.hpe.com/hpsc/doc/public/displaynvdThird Party Advisory
News mentions
0No linked articles in our index yet.