RETIRED: Network Time Protocol CVE-2014-9298 Authentication Bypass Vulnerability

Network Time Protocol is prone to an authentication-bypass vulnerability.

An attacker can exploit this issue to bypass the authentication mechanism and perform unauthorized actions. This may lead to further attacks.

Versions prior to NTP 4.2.8p1 are vulnerable.

Note: This BID is being retired as CVE-2014-9298 (Network Time Protocol CVE-2014-9298 Authentication Bypass Vulnerability) is rejected. The following individual record exists to better document the issue:

72583 NTP 'ntp_crypto.c' Information Disclosure Vulnerability
72584 NTP 'ntp_io.c' Authentication Security Bypass Vulnerability


Privacy Statement
Copyright 2010, SecurityFocus