IBM Security Bulletin: Vulnerability in NTP affects Real-time Compression Appliance (CVE-2014-9295)
|
System information
|
|
|
Affected software |
IBM |
Description
|
This ntp update fixes the following critical security issue: * A potential remote code execution problem was found inside ntpd. The functions crypto_recv() (when using autokey authentication) and ctl_putdata() where updated to avoid buffer overflows that could have been exploited. CVE(s): CVE-2014-9295 Affected product(s) and affected version(s): Real-time Compression Appliance R3.8 Real-time Compression Appliance R3.9 Refer to the following reference URLs for remediation and
More info:
https://www-304.ibm.com/connections/blogs/PSIRT/entry/ibm_security_bulletin_vulnerability_in_ntp_affects_real_time_compression_appliance_cve_2014_9295?lang=en_us |
Standar resources
|
Property |
Value |
CVE |
CVE-2014-9295 ,CVE-2015-0286 ,CVE-2015-0287 ,CVE-2015-0289 ,CVE-2015-0292 ,CVE-2015-0293 ,CVE-2015-0209 ,CVE-2015-0288 and CVE-2015-0208. |