VyOS Networks Blog

Building an open source network OS for the people, together.

CVE-2014-9295: arbitrary code execution in NTPd

Daniil Baturin
Posted 23 Dec, 2014

A recently discovered vulnerability in NTPd allows remote code execution.

VyOS currently uses 4.2.6 and therefore is vulnerable. We are working in updating the package. Until we resolve it, the best temporary solution is to block NTP traffic from untrusted hosts.

The post categories: