{"id":"UBUNTU-CVE-2014-5209","details":"An Information Disclosure vulnerability exists in NTP 4.2.7p25 private (mode 6/7) messages via a GET_RESTRICT control message, which could let a malicious user obtain sensitive information.","modified":"2025-09-08T16:43:12Z","published":"2020-01-08T01:15:00Z","upstream":["CVE-2014-5209"],"references":[{"type":"REPORT","url":"https://ubuntu.com/security/CVE-2014-5209"},{"type":"REPORT","url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/95841"},{"type":"REPORT","url":"https://support.f5.com/csp/article/K44942017"},{"type":"REPORT","url":"https://support.f5.com/csp/article/K44942017?utm_source=f5support&utm_medium=RSS"},{"type":"REPORT","url":"https://www.cve.org/CVERecord?id=CVE-2014-5209"}],"affected":[{"package":{"name":"ntp","ecosystem":"Ubuntu:Pro:14.04:LTS","purl":"pkg:deb/ubuntu/ntp@1:4.2.6.p5+dfsg-3ubuntu2.14.04.13+esm1?arch=source&distro=esm-infra-legacy/trusty"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"}]}],"versions":["1:4.2.6.p5+dfsg-3ubuntu2","1:4.2.6.p5+dfsg-3ubuntu2.14.04.1","1:4.2.6.p5+dfsg-3ubuntu2.14.04.2","1:4.2.6.p5+dfsg-3ubuntu2.14.04.3","1:4.2.6.p5+dfsg-3ubuntu2.14.04.5","1:4.2.6.p5+dfsg-3ubuntu2.14.04.6","1:4.2.6.p5+dfsg-3ubuntu2.14.04.7","1:4.2.6.p5+dfsg-3ubuntu2.14.04.8","1:4.2.6.p5+dfsg-3ubuntu2.14.04.10","1:4.2.6.p5+dfsg-3ubuntu2.14.04.11","1:4.2.6.p5+dfsg-3ubuntu2.14.04.12","1:4.2.6.p5+dfsg-3ubuntu2.14.04.13","1:4.2.6.p5+dfsg-3ubuntu2.14.04.13+esm1"],"ecosystem_specific":{"binaries":[{"binary_version":"1:4.2.6.p5+dfsg-3ubuntu2.14.04.13+esm1","binary_name":"ntp"},{"binary_version":"1:4.2.6.p5+dfsg-3ubuntu2.14.04.13+esm1","binary_name":"ntpdate"}]},"database_specific":{"source":"https://github.com/canonical/ubuntu-security-notices/blob/main/osv/cve/2014/UBUNTU-CVE-2014-5209.json"}}],"schema_version":"1.7.3","severity":[{"type":"CVSS_V3","score":"CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N"},{"type":"Ubuntu","score":"low"}]}