Weak RNG Seed in NTP Key Generation Allows Brute-Force Attack

Weak RNG Seed in NTP Key Generation Allows Brute-Force Attack

CVE-2014-9294 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

util/ntp-keygen.c in ntp-keygen in NTP before 4.2.7p230 uses a weak RNG seed, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via a brute-force attack.

Learn more about our Web Application Penetration Testing UK.