Vulnerability Note VU#852879
NTP Project Network Time Protocol daemon (ntpd) contains multiple vulnerabilities (Updated)
The NTP Project ntpd version 4.2.7 and pervious versions contain several vulnerabilities. ntp-keygen prior to version 4.2.7p230 also uses a non-cryptographic random number generator when generating symmetric keys. These vulnerabilities may affect ntpd acting as a server or client.
The Network Time Protocol (NTP) provides networked systems and devices with a way to synchronize time for various services and applications. The reference implementation produced by the NTP Project (ntp.org) contains several vulnerabilities.
CWE-290: Authentication Bypass by Spoofing - CVE-2014-9298
The buffer overflow vulnerabilities in ntpd may allow a remote unauthenticated attacker to execute arbitrary malicious code with the privilege level of the ntpd process. The weak default key and non-cryptographic random number generator in ntp-keygen may allow an attacker to gain information regarding the integrity checking and authentication encryption schemes. More specifically, the weak default key allows access to private mode and control mode queries that require authentication, if not restricted by the configuration.
Apply an update
Restrict status queries
Vendor Information (Learn More)
|Vendor||Status||Date Notified||Date Updated|
|Apple||Affected||18 Dec 2014||23 Dec 2014|
|Cisco Systems, Inc.||Affected||18 Dec 2014||13 Jan 2015|
|EfficientIP||Affected||-||24 Dec 2014|
|F5 Networks, Inc.||Affected||18 Dec 2014||13 Jan 2015|
|FreeBSD Project||Affected||18 Dec 2014||10 Apr 2015|
|Huawei Technologies||Affected||-||23 Dec 2014|
|NEC Corporation||Affected||-||26 Oct 2015|
|NTP Project||Affected||03 Dec 2014||22 Dec 2014|
|OmniTI||Affected||19 Dec 2014||22 Dec 2014|
|Red Hat, Inc.||Affected||18 Dec 2014||30 Dec 2014|
|Watchguard Technologies, Inc.||Affected||18 Dec 2014||19 Dec 2014|
|Belkin, Inc.||Not Affected||18 Dec 2014||05 Mar 2015|
|Fortinet, Inc.||Not Affected||18 Dec 2014||24 Dec 2014|
|m0n0wall||Not Affected||18 Dec 2014||19 Dec 2014|
|OpenBSD||Not Affected||18 Dec 2014||19 Dec 2014|
CVSS Metrics (Learn More)
The NTP Project credits Stephen Roettger and Neel Mehta of the Google Security Team for discovering these vulnerabilities.
This document was written by Garret Wassermann.
- CVE IDs: CVE-2014-9293 CVE-2014-9294 CVE-2014-9295 CVE-2014-9296 CVE-2014-9297 CVE-2014-9298
- Date Public: 19 Dec 2014
- Date First Published: 19 Dec 2014
- Date Last Updated: 26 Oct 2015
- Document Revision: 123
If you have feedback, comments, or additional information about this vulnerability, please send us email.