Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
1.8
CVSSv2

CVE-2015-1798

Published: 08/04/2015 Updated: 12/02/2023
CVSS v2 Base Score: 1.8 | Impact Score: 2.9 | Exploitability Score: 3.2
VMScore: 160
Vector: AV:A/AC:H/Au:N/C:N/I:P/A:N
Subscribe to Ntp

Vulnerability Summary

The symmetric-key feature in the receive function in ntp_proto.c in ntpd in NTP 4.x prior to 4.2.8p2 requires a correct MAC only if the MAC field has a nonzero length, which makes it easier for man-in-the-middle malicious users to spoof packets by omitting the MAC.

Vulnerable Product Search on Vulmon Subscribe to Product

ntp ntp

Vendor Advisories

Red Hat: Moderate: ntp security, bug fix, and enhancement update
Synopsis Moderate: ntp security, bug fix, and enhancement update Type/Severity Security Advisory: Moderate Topic Updated ntp packages that fix multiple security issues, several bugs, andadd various enhancements are now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update a ...
Debian CVElist Bug Report Logs: ntp: CVE-2015-1798 CVE-2015-1799
Debian Bug report logs - #782095 ntp: CVE-2015-1798 CVE-2015-1799 Package: src:ntp; Maintainer for src:ntp is Debian NTP Team <ntp@packagesdebianorg>; Reported by: Salvatore Bonaccorso <carnil@debianorg> Date: Tue, 7 Apr 2015 20:12:02 UTC Severity: important Tags: fixed-upstream, security, upstream Found in vers ...
Ubuntu Security Notice: ntp vulnerabilities
Several security issues were fixed in NTP ...
Debian Security Advisories: DSA-3223-1 ntp -- security update
Multiple vulnerabilities were discovered in ntp, an implementation of the Network Time Protocol: CVE-2015-1798 When configured to use a symmetric key with an NTP peer, ntpd would accept packets without MAC as if they had a valid MAC This could allow a remote attacker to bypass the packet authentication and send malicious packets w ...
Amazon Linux AMI: ALAS-2015-520
The symmetric-key feature in the receive function in ntp_protoc in ntpd in NTP 4x before 428p2 requires a correct MAC only if the MAC field has a nonzero length, which makes it easier for man-in-the-middle attackers to spoof packets by omitting the MAC (CVE-2015-1798) The symmetric-key feature in the receive function in ntp_protoc in ntpd in ...
Red Hat: CVE-2015-1798
It was found that ntpd did not check whether a Message Authentication Code (MAC) was present in a received packet when ntpd was configured to use symmetric cryptographic keys A man-in-the-middle attacker could use this flaw to send crafted packets that would be accepted by a client or a peer without the attacker knowing the symmetric key ...
Cisco: Multiple Vulnerabilities in ntpd (April 2015) Affecting Cisco Products
Multiple Cisco products incorporate a version of the ntpd package Versions of this package are affected by one or more vulnerabilities that could allow an unauthenticated, remote attacker to bypass authentication controls or to create a denial of service (DoS) condition On April 7, 2015, NTPorg and US-CERT released a security advisory dealing w ...

Recent Articles

Denial of service attacks pour through rift in Network Time Protocol
The Register • Darren Pauli • 09 Apr 2015

Mismatched clocks allow poison packets to prevent synching, and sink you

Red Hat security chap Miroslav Lichvar has revealed two vulnerabilities in the widely used and open-source Network Time Protocol daemon (NTPd) that allow attackers to mess up people's clocks. Lichvar reported the two since-patched holes in which packets without proper message authentication codes are accepted regardless (CVE-2015-1798), and a denial of service condition is triggered when spoofed packets are sent between synchronized hosts (CVE-2015-1799). The latter flaw affects NTP installation...

Read more...
Cisco security software needs security patch
The Register • Richard Chirgwin • 09 Apr 2015

You will be assimilated if you don't apply the fix, say Borg

Cisco's ASA FirePOWER services and ASA CX Services are vulnerable to a denial of service (DoS) bug in the virtualisation layer. The just-updated ASA FirePOWER threat-detection platform and ASA CX (which adds application and user ID awareness to the system) could be forced to reload by an attacker hosing their management interfaces with a high rate of crafted packets. As well as a DoS condition, Cisco says user traffic sent from ASA to FirePOWER and CX could be dropped. If FirePOWER or CX are con...

Read more...

References

CWE-17http://bugs.ntp.org/show_bug.cgi?id=2779http://support.ntp.org/bin/view/Main/SecurityNotice#Recent_Vulnerabilitieshttp://www.kb.cert.org/vuls/id/374268http://tools.cisco.com/security/center/viewAlert.x?alertId=38276http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150408-ntpdhttp://www.securitytracker.com/id/1032032http://www.mandriva.com/security/advisories?name=MDVSA-2015:202http://www.securityfocus.com/bid/73951http://www.debian.org/security/2015/dsa-3223http://www.ubuntu.com/usn/USN-2567-1http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155863.htmlhttps://kc.mcafee.com/corporate/index?page=content&id=SB10114http://lists.opensuse.org/opensuse-updates/2015-04/msg00052.htmlhttp://lists.fedoraproject.org/pipermail/package-announce/2015-April/155864.htmlhttp://lists.apple.com/archives/security-announce/2015/Jun/msg00002.htmlhttp://support.apple.com/kb/HT204942http://marc.info/?l=bugtraq&m=143213867103400&w=2http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.htmlhttp://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.htmlhttps://security.gentoo.org/glsa/201509-01http://rhn.redhat.com/errata/RHSA-2015-1459.htmlhttps://access.redhat.com/errata/RHSA-2015:2231https://usn.ubuntu.com/2567-1/https://nvd.nist.govhttps://access.redhat.com/security/cve/cve-2015-1798
VMScore
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-47626CVE-2024-3400physicalCVE-2024-31426CVE-2024-22423CVE-2024-22438injectlocal usersCVE-2024-3797
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook