Notified: December 18, 2014 Updated: December 18, 2014
Unknown
No statement is currently available from the vendor regarding this vulnerability.
Notified: December 18, 2014 Updated: December 18, 2014
Unknown
No statement is currently available from the vendor regarding this vulnerability.
Notified: December 18, 2014 Updated: December 23, 2014
Affected
From the Apple support advisory: "OS X NTP Security Update - ntpd Available for: OS X Mountain Lion v10.8.5, OS X Mavericks v10.9.5, OS X Yosemite v10.10.1 Impact: A remote attacker may be able to execute arbitrary code Description: Several issues existed in ntpd that would have allowed an attacker to trigger buffer overflows. These issues were addressed through improved error checking. To verify the ntpd version, type the following command in Terminal: what /usr/sbin/ntpd. This update includes the following versions: Mountain Lion: ntp-77.1.1 Mavericks: ntp-88.1.1 Yosemite: ntp-92.5.1 CVE-ID CVE-2014-9295 : Stephen Roettger of the Google Security Team"
We are not aware of further vendor information regarding this vulnerability.
Notified: December 19, 2014 Updated: December 19, 2014
Unknown
No statement is currently available from the vendor regarding this vulnerability.
Notified: December 18, 2014 Updated: December 18, 2014
Unknown
No statement is currently available from the vendor regarding this vulnerability.
Notified: December 18, 2014 Updated: December 18, 2014
Unknown
No statement is currently available from the vendor regarding this vulnerability.
Notified: December 18, 2014 Updated: December 18, 2014
Unknown
No statement is currently available from the vendor regarding this vulnerability.
Notified: December 18, 2014 Updated: March 05, 2015
Statement Date: March 05, 2015
Not Affected
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Notified: December 18, 2014 Updated: December 18, 2014
Unknown
No statement is currently available from the vendor regarding this vulnerability.
Notified: December 18, 2014 Updated: December 18, 2014
Unknown
No statement is currently available from the vendor regarding this vulnerability.
Notified: December 18, 2014 Updated: December 18, 2014
Unknown
No statement is currently available from the vendor regarding this vulnerability.
Notified: December 18, 2014 Updated: December 18, 2014
Unknown
No statement is currently available from the vendor regarding this vulnerability.
Notified: December 18, 2014 Updated: January 13, 2015
Statement Date: January 13, 2015
Affected
No statement is currently available from the vendor regarding this vulnerability.
Cisco Systems has released a Cisco Security Advisory on their products, available at the URL: http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20141222-ntpd
Notified: December 18, 2014 Updated: December 18, 2014
Unknown
No statement is currently available from the vendor regarding this vulnerability.
Notified: December 18, 2014 Updated: December 18, 2014
Unknown
No statement is currently available from the vendor regarding this vulnerability.
Notified: December 18, 2014 Updated: December 18, 2014
Unknown
No statement is currently available from the vendor regarding this vulnerability.
Notified: December 18, 2014 Updated: December 18, 2014
Unknown
No statement is currently available from the vendor regarding this vulnerability.
Updated: December 24, 2014
Statement Date: December 24, 2014
Affected
"All versions are affected by CWE-389 (CVE-2014-9296). Upgrade to the latest patch of your release: 5.0.4.p1a, 5.0.3.p4a or 4.0.2p13d. Available releases can be downloaded at: http://www.efficientip.com/support-services/"
CVE-2014-9296 covers this vulnerability for ntpd.
Notified: December 18, 2014 Updated: December 18, 2014
Unknown
No statement is currently available from the vendor regarding this vulnerability.
Notified: December 18, 2014 Updated: December 18, 2014
Unknown
No statement is currently available from the vendor regarding this vulnerability.
Notified: December 18, 2014 Updated: December 18, 2014
Unknown
No statement is currently available from the vendor regarding this vulnerability.
Notified: December 18, 2014 Updated: December 18, 2014
Unknown
No statement is currently available from the vendor regarding this vulnerability.
Notified: December 18, 2014 Updated: December 18, 2014
Unknown
No statement is currently available from the vendor regarding this vulnerability.
Notified: December 18, 2014 Updated: December 18, 2014
Unknown
No statement is currently available from the vendor regarding this vulnerability.
Notified: December 18, 2014 Updated: January 13, 2015
Statement Date: January 13, 2015
Affected
No statement is currently available from the vendor regarding this vulnerability.
F5 has released a security advisory for its products at the URL: https://support.f5.com/kb/en-us/solutions/public/15000/900/sol15936.html
Notified: December 18, 2014 Updated: December 18, 2014
Unknown
No statement is currently available from the vendor regarding this vulnerability.
Notified: December 18, 2014 Updated: December 18, 2014
Unknown
No statement is currently available from the vendor regarding this vulnerability.
Notified: December 18, 2014 Updated: December 24, 2014
Statement Date: December 24, 2014
Not Affected
"Fortigate products are not vulnerable."
We are not aware of further vendor information regarding this vulnerability.
Notified: December 19, 2014 Updated: December 19, 2014
Unknown
No statement is currently available from the vendor regarding this vulnerability.
Notified: December 18, 2014 Updated: April 10, 2015
Statement Date: December 19, 2014
Affected
"All currently supported FreeBSD releases (8.4, 9.1, 9.2, 9.3, 10.0 and 10.1) include vulnerable versions of ntpd."
FreeBSD has released advisories with patches; please see the Advisory URLs below.
Notified: December 18, 2014 Updated: December 18, 2014
Unknown
No statement is currently available from the vendor regarding this vulnerability.
Notified: December 18, 2014 Updated: December 18, 2014
Unknown
No statement is currently available from the vendor regarding this vulnerability.
Notified: December 18, 2014 Updated: December 18, 2014
Unknown
No statement is currently available from the vendor regarding this vulnerability.
Notified: December 18, 2014 Updated: December 18, 2014
Unknown
No statement is currently available from the vendor regarding this vulnerability.
Notified: December 18, 2014 Updated: December 18, 2014
Unknown
No statement is currently available from the vendor regarding this vulnerability.
Notified: December 18, 2014 Updated: December 18, 2014
Unknown
No statement is currently available from the vendor regarding this vulnerability.
Updated: December 23, 2014
Statement Date: December 23, 2014
Affected
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Notified: December 18, 2014 Updated: December 18, 2014
Unknown
No statement is currently available from the vendor regarding this vulnerability.
Notified: December 18, 2014 Updated: December 18, 2014
Unknown
No statement is currently available from the vendor regarding this vulnerability.
Notified: December 18, 2014 Updated: December 18, 2014
Unknown
No statement is currently available from the vendor regarding this vulnerability.
Notified: December 18, 2014 Updated: December 18, 2014
Unknown
No statement is currently available from the vendor regarding this vulnerability.
Notified: December 18, 2014 Updated: December 18, 2014
Unknown
No statement is currently available from the vendor regarding this vulnerability.
Notified: December 18, 2014 Updated: December 18, 2014
Unknown
No statement is currently available from the vendor regarding this vulnerability.
Notified: December 18, 2014 Updated: December 18, 2014
Unknown
No statement is currently available from the vendor regarding this vulnerability.
Notified: December 18, 2014 Updated: December 19, 2014
Statement Date: December 19, 2014
Not Affected
"m0n0wall does not include ntpd and is therefore not affected.".
We are not aware of further vendor information regarding this vulnerability.
Notified: December 18, 2014 Updated: December 18, 2014
Unknown
No statement is currently available from the vendor regarding this vulnerability.
Notified: December 18, 2014 Updated: December 18, 2014
Unknown
No statement is currently available from the vendor regarding this vulnerability.
Notified: December 23, 2014 Updated: December 23, 2014
Unknown
No statement is currently available from the vendor regarding this vulnerability.
We are not aware of further vendor information regarding this vulnerability.
Notified: December 18, 2014 Updated: December 18, 2014
Unknown
No statement is currently available from the vendor regarding this vulnerability.
Notified: December 19, 2014 Updated: December 19, 2014
Unknown
No statement is currently available from the vendor regarding this vulnerability.
Updated: October 26, 2015
Affected
We provide information on this issue at the following URL
We are not aware of further vendor information regarding this vulnerability.
Notified: December 18, 2014 Updated: December 18, 2014
Unknown
No statement is currently available from the vendor regarding this vulnerability.
Notified: December 18, 2014 Updated: December 18, 2014
Unknown
No statement is currently available from the vendor regarding this vulnerability.
Notified: December 18, 2014 Updated: December 18, 2014
Unknown
No statement is currently available from the vendor regarding this vulnerability.
Notified: December 18, 2014 Updated: December 18, 2014
Unknown
No statement is currently available from the vendor regarding this vulnerability.
Notified: December 18, 2014 Updated: December 18, 2014
Unknown
No statement is currently available from the vendor regarding this vulnerability.
Notified: December 03, 2014 Updated: December 22, 2014
Statement Date: December 19, 2014
Affected
No statement is currently available from the vendor regarding this vulnerability.
Please see the vendor Security Notice at the URL below.
Notified: December 20, 2014 Updated: December 22, 2014
Statement Date: December 20, 2014
Affected
"Affected, but Update now available"
We are not aware of further vendor information regarding this vulnerability.
Notified: December 18, 2014 Updated: December 19, 2014
Statement Date: December 19, 2014
Not Affected
"OpenBSD does not use ntp.org code."
We are not aware of further vendor information regarding this vulnerability.
Notified: December 18, 2014 Updated: December 21, 2014
Statement Date: December 20, 2014
Not Affected
"Openwall GNU/*/Linux is not affected. We use OpenNTPD."
We are not aware of further vendor information regarding this vulnerability.
Notified: December 18, 2014 Updated: December 18, 2014
Unknown
No statement is currently available from the vendor regarding this vulnerability.
Notified: December 18, 2014 Updated: December 18, 2014
Unknown
No statement is currently available from the vendor regarding this vulnerability.
Notified: December 18, 2014 Updated: December 18, 2014
Unknown
No statement is currently available from the vendor regarding this vulnerability.
Notified: December 18, 2014 Updated: December 18, 2014
Unknown
No statement is currently available from the vendor regarding this vulnerability.
Notified: December 18, 2014 Updated: December 18, 2014
Unknown
No statement is currently available from the vendor regarding this vulnerability.
Notified: December 18, 2014 Updated: December 18, 2014
Unknown
No statement is currently available from the vendor regarding this vulnerability.
Notified: December 19, 2014 Updated: December 19, 2014
Unknown
No statement is currently available from the vendor regarding this vulnerability.
Notified: December 18, 2014 Updated: December 30, 2014
Affected
No statement is currently available from the vendor regarding this vulnerability.
Red Hat has released updated packages for ntpd to address these vulnerabilities. You may find information about the vulnerabilities and the updated packages at the link below: https://rhn.redhat.com/errata/RHSA-2014-2024.html
Notified: December 18, 2014 Updated: December 18, 2014
Unknown
No statement is currently available from the vendor regarding this vulnerability.
Notified: December 18, 2014 Updated: December 18, 2014
Unknown
No statement is currently available from the vendor regarding this vulnerability.
Notified: December 18, 2014 Updated: December 18, 2014
Unknown
No statement is currently available from the vendor regarding this vulnerability.
Notified: December 18, 2014 Updated: December 18, 2014
Unknown
No statement is currently available from the vendor regarding this vulnerability.
Notified: December 18, 2014 Updated: December 18, 2014
Unknown
No statement is currently available from the vendor regarding this vulnerability.
Notified: December 18, 2014 Updated: December 18, 2014
Unknown
No statement is currently available from the vendor regarding this vulnerability.
Notified: December 19, 2014 Updated: December 19, 2014
Unknown
No statement is currently available from the vendor regarding this vulnerability.
Notified: December 18, 2014 Updated: December 18, 2014
Unknown
No statement is currently available from the vendor regarding this vulnerability.
Notified: December 18, 2014 Updated: December 18, 2014
Unknown
No statement is currently available from the vendor regarding this vulnerability.
Notified: December 18, 2014 Updated: December 18, 2014
Unknown
No statement is currently available from the vendor regarding this vulnerability.
Notified: December 18, 2014 Updated: December 18, 2014
Unknown
No statement is currently available from the vendor regarding this vulnerability.
Notified: December 18, 2014 Updated: December 18, 2014
Unknown
No statement is currently available from the vendor regarding this vulnerability.
Notified: December 18, 2014 Updated: December 18, 2014
Unknown
No statement is currently available from the vendor regarding this vulnerability.
Notified: December 18, 2014 Updated: December 18, 2014
Unknown
No statement is currently available from the vendor regarding this vulnerability.
Notified: December 18, 2014 Updated: December 18, 2014
Unknown
No statement is currently available from the vendor regarding this vulnerability.
Notified: December 19, 2014 Updated: December 19, 2014
Unknown
No statement is currently available from the vendor regarding this vulnerability.
Notified: December 18, 2014 Updated: December 19, 2014
Statement Date: December 19, 2014
Affected
"Our XTM and Firebox appliances (our main products) are not vulnerable to these flaws, since we use openntpd rather than ntpd. Our wireless access points are not vulnerable since they only use the basic ntpclient. However, our XCS appliances (mail security) are vulnerable to the ntpd flaws. We will be releasing a firmware update to fix these flaws as soon as practical. However, in the meantime, we are sharing simple steps to mitigate this issue (use out firewall to block NTP, and point to an internal, updated NTP server instead)."
We are not aware of further vendor information regarding this vulnerability.
Notified: December 18, 2014 Updated: December 18, 2014
Unknown
No statement is currently available from the vendor regarding this vulnerability.
Notified: December 18, 2014 Updated: December 18, 2014
Unknown
No statement is currently available from the vendor regarding this vulnerability.