Wind River Support Network

HomeDefectsLIN6-9090

Fixed

LIN6-9090 : Security Advisory - ntp - CVE-2014-9295

Created: Dec 21, 2014 Updated: Dec 3, 2018

Resolved Date: Dec 22, 2014

Previous ID: LIN4-32116

Found In Version: 6.0.0.15

Fix Version: 6.0.0.16

Severity: Standard

Applicable for: Wind River Linux 6

Component/s: Userspace

Description

Multiple stack-based buffer overflows in ntpd in NTP before 4.2.8 allow remote attackers to execute arbitrary code via a crafted packet, related to (1) the crypto_recv function when the Autokey Authentication feature is used, (2) the ctl_putdata function, and (3) the configure function.


http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9295

Other Downloads

Wind River Linux 6.0.0.29
Wind River Linux 6.0.0.30
Wind River Linux 6.0.0.31
Wind River Linux 6.0.0.32
Wind River Linux 6.0.0.33
Wind River Linux 6.0.0.34
Wind River Linux 6.0.0.35
Wind River Linux 6.0.0.36
Wind River Linux 6.0.0.37
Wind River Linux 6.0.0.38