what you don't know can hurt you
Showing 1 - 10 of 10 RSS Feed

CVE-2015-1798

Status Candidate

Overview

The symmetric-key feature in the receive function in ntp_proto.c in ntpd in NTP 4.x before 4.2.8p2 requires a correct MAC only if the MAC field has a nonzero length, which makes it easier for man-in-the-middle attackers to spoof packets by omitting the MAC.

Related Files

Red Hat Security Advisory 2015-2231-04
Posted Nov 20, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-2231-04 - The Network Time Protocol is used to synchronize a computer's time with another referenced time source. These packages include the ntpd service which continuously adjusts system time and utilities used to query and configure the ntpd service. It was found that because NTP's access control was based on a source IP address, an attacker could bypass source IP restrictions and send malicious control and configuration packets by spoofing ::1 addresses. A denial of service flaw was found in the way NTP hosts that were peering with each other authenticated themselves before updating their internal state variables. An attacker could send packets to one peer host, which could cascade to other peers, and stop the synchronization process among the reached peers.

tags | advisory, denial of service, spoof, protocol
systems | linux, redhat
advisories | CVE-2014-9297, CVE-2014-9298, CVE-2014-9750, CVE-2014-9751, CVE-2015-1798, CVE-2015-1799, CVE-2015-3405
MD5 | 738d8a326cd620fcecec2cb10f69355b
Gentoo Linux Security Advisory 201509-01
Posted Sep 25, 2015
Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201509-1 - Multiple vulnerabilities have been found in NTP, the worst of which could lead to arbitrary code execution. Versions less than 4.2.8_p3 are affected.

tags | advisory, arbitrary, vulnerability, code execution
systems | linux, gentoo
advisories | CVE-2015-1798, CVE-2015-1799, CVE-2015-5146
MD5 | 690cff39099f7954c4d025d1c4f49fca
Red Hat Security Advisory 2015-1459-01
Posted Jul 22, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-1459-01 - The Network Time Protocol is used to synchronize a computer's time with another referenced time source. It was found that because NTP's access control was based on a source IP address, an attacker could bypass source IP restrictions and send malicious control and configuration packets by spoofing ::1 addresses. A denial of service flaw was found in the way NTP hosts that were peering with each other authenticated themselves before updating their internal state variables. An attacker could send packets to one peer host, which could cascade to other peers, and stop the synchronization process among the reached peers.

tags | advisory, denial of service, spoof, protocol
systems | linux, redhat
advisories | CVE-2014-9297, CVE-2014-9298, CVE-2015-1798, CVE-2015-1799, CVE-2015-3405
MD5 | fae2ba19f95684d8408b3bc551cf47ea
Apple Security Advisory 2015-06-30-2
Posted Jul 1, 2015
Authored by Apple | Site apple.com

Apple Security Advisory 2015-06-30-2 - OS X Yosemite 10.10.4 and Security Update 2015-005 are now available and address privilege escalation, arbitrary code execution, access bypass, and various other vulnerabilities.

tags | advisory, arbitrary, vulnerability, code execution
systems | apple, osx
advisories | CVE-2013-1741, CVE-2014-8127, CVE-2014-8128, CVE-2014-8129, CVE-2014-8130, CVE-2014-8139, CVE-2014-8140, CVE-2014-8141, CVE-2015-0209, CVE-2015-0235, CVE-2015-0273, CVE-2015-0286, CVE-2015-0287, CVE-2015-0288, CVE-2015-0289, CVE-2015-0293, CVE-2015-1157, CVE-2015-1798, CVE-2015-1799, CVE-2015-3661, CVE-2015-3662, CVE-2015-3663, CVE-2015-3666, CVE-2015-3667, CVE-2015-3668, CVE-2015-3671, CVE-2015-3672, CVE-2015-3673
MD5 | 32e0fef51b76ce3c73ed6338172843e8
HP Security Bulletin HPSBUX03333 SSRT102029 1
Posted May 20, 2015
Authored by HP | Site hp.com

HP Security Bulletin HPSBUX03333 SSRT102029 1 - Potential security vulnerabilities have been identified with HP-UX running NTP. These could be exploited remotely to create a Denial of Service (DoS), or other vulnerabilities. Revision 1 of this advisory.

tags | advisory, denial of service, vulnerability
systems | hpux
advisories | CVE-2015-1798, CVE-2015-1799
MD5 | 883d246475dafdf0ffa4a74f99eb6cad
Slackware Security Advisory - ntp Updates
Posted Apr 22, 2015
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New ntp packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix security issues.

tags | advisory
systems | linux, slackware
advisories | CVE-2015-1798, CVE-2015-1799
MD5 | 3f19233335ccc5a990ba56407940e259
Ubuntu Security Notice USN-2567-1
Posted Apr 14, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2567-1 - Miroslav Lichvar discovered that NTP incorrectly validated MAC fields. A remote attacker could possibly use this issue to bypass authentication and spoof packets. Miroslav Lichvar discovered that NTP incorrectly handled certain invalid packets. A remote attacker could possibly use this issue to cause a denial of service. Juergen Perlinger discovered that NTP incorrectly generated MD5 keys on big-endian platforms. This issue could either cause ntp-keygen to hang, or could result in non-random keys. Various other issues were also addressed.

tags | advisory, remote, denial of service, spoof
systems | linux, ubuntu
advisories | CVE-2015-1798, CVE-2015-1799
MD5 | 68e74f99cc5e8560803ab798f05835a7
Debian Security Advisory 3223-1
Posted Apr 13, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3223-1 - Multiple vulnerabilities were discovered in ntp, an implementation of the Network Time Protocol.

tags | advisory, vulnerability, protocol
systems | linux, debian
advisories | CVE-2015-1798, CVE-2015-1799
MD5 | 5d125f426d730e60a372a5c7035a715c
Mandriva Linux Security Advisory 2015-202
Posted Apr 13, 2015
Authored by Mandriva | Site mandriva.com

Mandriva Linux Security Advisory 2015-202 - The symmetric-key feature in the receive function in ntp_proto.c in ntpd in NTP before 4.2.8p2 requires a correct MAC only if the MAC field has a nonzero length, which makes it easier for man-in-the-middle attackers to spoof packets by omitting the MAC. The symmetric-key feature in the receive function in ntp_proto.c in ntpd in NTP before 4.2.8p2 performs state-variable updates upon receiving certain invalid packets, which makes it easier for man-in-the-middle attackers to cause a denial of service by spoofing the source IP address of a peer. The updated packages provides a solution for these security issues.

tags | advisory, denial of service, spoof
systems | linux, mandriva
advisories | CVE-2015-1798, CVE-2015-1799
MD5 | 7a8c01f594afc03d69e3c421ba97bc4a
FreeBSD Security Advisory - ntp Issues
Posted Apr 8, 2015
Site security.freebsd.org

FreeBSD Security Advisory - The ntpd(8) daemon is an implementation of the Network Time Protocol (NTP) used to synchronize the time of a computer system to a reference time source. The vallen packet value is not validated in several code paths in ntp_crypto.c. When ntpd(8) is configured to use a symmetric key to authenticate a remote NTP server/peer, it checks if the NTP message authentication code (MAC) in received packets is valid, but not that there actually is any MAC included, and packets without a MAC are accepted as if they had a valid MAC. NTP state variables are updated prior to validating the received packets.

tags | advisory, remote, protocol
systems | freebsd
advisories | CVE-2014-9297, CVE-2015-1798, CVE-2015-1799
MD5 | 6b5b2146b2f3da2a6ba4207a596fe02f
Page 1 of 1
Back1Next

File Archive:

June 2020

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Jun 1st
    10 Files
  • 2
    Jun 2nd
    9 Files
  • 3
    Jun 3rd
    0 Files
  • 4
    Jun 4th
    0 Files
  • 5
    Jun 5th
    0 Files
  • 6
    Jun 6th
    0 Files
  • 7
    Jun 7th
    0 Files
  • 8
    Jun 8th
    0 Files
  • 9
    Jun 9th
    0 Files
  • 10
    Jun 10th
    0 Files
  • 11
    Jun 11th
    0 Files
  • 12
    Jun 12th
    0 Files
  • 13
    Jun 13th
    0 Files
  • 14
    Jun 14th
    0 Files
  • 15
    Jun 15th
    0 Files
  • 16
    Jun 16th
    0 Files
  • 17
    Jun 17th
    0 Files
  • 18
    Jun 18th
    0 Files
  • 19
    Jun 19th
    0 Files
  • 20
    Jun 20th
    0 Files
  • 21
    Jun 21st
    0 Files
  • 22
    Jun 22nd
    0 Files
  • 23
    Jun 23rd
    0 Files
  • 24
    Jun 24th
    0 Files
  • 25
    Jun 25th
    0 Files
  • 26
    Jun 26th
    0 Files
  • 27
    Jun 27th
    0 Files
  • 28
    Jun 28th
    0 Files
  • 29
    Jun 29th
    0 Files
  • 30
    Jun 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2020 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close