Published: 09/08/2017 Updated: 13/02/2023

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

CVSS v3 Base Score: 7.5 | Impact Score: 3.6 | Exploitability Score: 3.9

VMScore: 445

Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N

ntp-keygen in ntp 4.2.8px prior to 4.2.8p2-RC2 and 4.3.x prior to 4.3.12 does not generate MD5 keys with sufficient entropy on big endian machines when the lowest order byte of the temp variable is between 0x20 and 0x7f and not #, which might allow remote malicious users to obtain the value of generated MD5 keys via a brute force attack with the 93 possible keys.

Vulnerable Product	Search on Vulmon	Subscribe to Product
ntp ntp 4.3.1
ntp ntp 4.2.8
ntp ntp 4.3.6
ntp ntp 4.3.2
ntp ntp 4.3.10
ntp ntp 4.3.11
ntp ntp 4.3.9
ntp ntp 4.3.4
ntp ntp 4.3.0
ntp ntp 4.3.3
ntp ntp 4.3.7
ntp ntp 4.3.5
ntp ntp 4.3.8
debian debian linux 8.0
debian debian linux 7.0
suse suse linux enterprise server 11.0
opensuse project suse linux enterprise desktop 11.0
opensuse suse linux enterprise server 11.0
fedoraproject fedora 21
redhat enterprise linux for scientific computing 6.0
redhat enterprise linux server from rhui 6 6.0
redhat enterprise linux for ibm z systems 6.0
redhat enterprise linux desktop 6.0
redhat enterprise linux server 6.0
redhat enterprise linux for power big endian 6.0
redhat enterprise linux workstation 6.0

Synopsis Moderate: ntp security, bug fix, and enhancement update Type/Severity Security Advisory: Moderate Topic Updated ntp packages that fix multiple security issues, several bugs, andadd various enhancements are now available for Red Hat Enterprise Linux 7Red Hat Product Security has rated this update a ...

Multiple vulnerabilities were discovered in ntp, an implementation of the Network Time Protocol: CVE-2015-1798 When configured to use a symmetric key with an NTP peer, ntpd would accept packets without MAC as if they had a valid MAC This could allow a remote attacker to bypass the packet authentication and send malicious packets w ...

Several vulnerabilities were discovered in the Network Time Protocol daemon and utility programs: CVE-2015-5146 A flaw was found in the way ntpd processed certain remote configuration packets An attacker could use a specially crafted package to cause ntpd to crash if: ntpd enabled remote configuration The attacker had the ...

As <a href="supportntporg/bin/view/Main/SecurityNotice#June_2015_NTP_Security_Vulnerabi">discussed upstream</a>, a flaw was found in the way ntpd processed certain remote configuration packets Note that remote configuration is disabled by default in NTP (CVE-2015-5146) It was found that the :config command can be used to se ...

A flaw was found in the way the ntp-keygen utility generated MD5 symmetric keys on big-endian systems An attacker could possibly use this flaw to guess generated MD5 keys, which could then be used to spoof an NTP client or server ...

CWE-331 https://bugzilla.redhat.com/show_bug.cgi?id=1210324 https://bugs.ntp.org/show_bug.cgi?id=2797 http://www.securityfocus.com/bid/74045 http://www.openwall.com/lists/oss-security/2015/04/23/14 http://www.debian.org/security/2015/dsa-3388 http://www.debian.org/security/2015/dsa-3223 http://rhn.redhat.com/errata/RHSA-2015-2231.html http://rhn.redhat.com/errata/RHSA-2015-1459.html http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00000.html http://lists.fedoraproject.org/pipermail/package-announce/2015-April/156248.html http://bk1.ntp.org/ntp-stable/?PAGE=patch&REV=55199296N2gFqH1Hm5GOnhrk9Ypygg http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03886en_us https://access.redhat.com/errata/RHSA-2015:2231 https://nvd.nist.gov https://www.debian.org/security/./dsa-3223

CVE-2015-3405

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect