FreeBSDEBD84C96-DD7E-11E4-854E-3C970E169BC2

HistoryApr 07, 2015 - 12:00 a.m.

ntp -- multiple vulnerabilities

2015-04-0700:00:00

vuxml.freebsd.org

4.3 Medium

CVSS2

Access Vector

ADJACENT_NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:A/AC:M/Au:N/C:N/I:P/A:P

0.008 Low

EPSS

Percentile

81.4%

JSON

ntp.org reports:

[Sec 2779] ntpd accepts unauthenticated packets
with symmetric key crypto.
[Sec 2781] Authentication doesn’t protect symmetric
associations against DoS attacks.

OSVersionArchitecturePackageVersionFilename
FreeBSDanynoarchntp< 4.2.8p2UNKNOWN
FreeBSDanynoarchntp-devel< 4.3.14UNKNOWN
FreeBSDanynoarchfreebsd= 10.1UNKNOWN
FreeBSDanynoarchfreebsd< 10.1_9UNKNOWN

OS	Version	Architecture	Package	Version	Filename
FreeBSD	any	noarch	ntp	< 4.2.8p2	UNKNOWN
FreeBSD	any	noarch	ntp-devel	< 4.3.14	UNKNOWN
FreeBSD	any	noarch	freebsd	= 10.1	UNKNOWN
FreeBSD	any	noarch	freebsd	< 10.1_9	UNKNOWN

References

archive.ntp.org/ntp4/ChangeLog-stable

openvas 25

mageia 1

nessus 43

securityvulns 4

slackware 1

cisco 3

amazon 1

archlinux 2

fedora 3

cert 1

ubuntu 1

debian 2

ibm 12

osv 2

gentoo 1

freebsd_advisory 1

veracode 5

oraclelinux 2

cve 2

prion 2

f5 4

aix 2

debiancve 2

ubuntucve 2

threatpost 1

redhat 2

centos 2

suse 3

ics 1

openvas

Slackware: Security Advisory (SSA:2015-111-08)

2022-04-21 00:00:00

Debian Security Advisory DSA 3223-1 (ntp - security update)

2015-04-12 00:00:00

NTP < 4.2.8p2 Multiple Vulnerabilities

2021-06-21 00:00:00

mageia

Updated ntp packages fix security vulnerabilities

2015-04-15 12:01:28

nessus

openSUSE Security Update : ntp (openSUSE-2015-330)

2015-04-28 00:00:00

Fedora 22 : ntp-4.2.6p5-30.fc22 (2015-5761)

2015-04-23 00:00:00

Amazon Linux AMI : ntp (ALAS-2015-520)

2015-05-07 00:00:00

securityvulns

ntpd restrictions bypass

2015-04-08 00:00:00

FreeBSD Security Advisory FreeBSD-SA-15:07.ntp

2015-04-08 00:00:00

Apple Mac OS X / EFI multiple security vulnerabilities

2015-07-05 00:00:00

slackware

[slackware-security] ntp

2015-04-22 01:21:55

cisco

Multiple Vulnerabilities in ntpd (April 2015) Affecting Cisco Products

2015-04-08 16:00:00

Network Time Protocol Daemon Symmetric Mode Packet Processing Denial of Service Vulnerability

2015-04-08 16:41:16

Network Time Protocol Daemon MAC Checking Failure Authentication Bypass Vulnerability

2015-04-08 17:05:12

amazon

Important: ntp

2015-05-05 15:56:00

archlinux

ntp: multiple issues

2015-04-08 00:00:00

chrony: denial of service

2015-04-08 00:00:00

fedora

[SECURITY] Fedora 22 Update: ntp-4.2.6p5-30.fc22

2015-04-22 22:56:05

[SECURITY] Fedora 20 Update: ntp-4.2.6p5-22.fc20

2015-04-22 22:55:51

[SECURITY] Fedora 21 Update: ntp-4.2.6p5-30.fc21

2015-04-28 13:01:04

cert

NTP Project ntpd reference implementation contains multiple vulnerabilities

2015-04-07 00:00:00

ubuntu

NTP vulnerabilities

2015-04-13 00:00:00

debian

[SECURITY] [DLA 192-1] ntp security update

2015-04-10 21:52:54

[SECURITY] [DSA 3223-1] ntp security update

2015-04-12 16:29:16

ibm

Security Bulletin: Vulnerabilities in NTP affect IBM Security Network Protection (CVE-2015-1798, CVE-2015-1799, and CVE-2015-3405)

2018-06-16 21:30:32

Security Bulletin: Vulnerabilities in ntp affect Power Hardware Management Console (CVE-2015-1798 CVE-2015-1799 CVE-2015-3405)

2021-09-23 01:31:39

Security Bulletin: IBM Security Access Manager for Mobile is affected by multiple NTP vulnerabilities

2018-06-16 21:39:29

osv

ntp - security update

2015-04-10 00:00:00

ntp - security update

2015-04-12 00:00:00

gentoo

NTP: Multiple vulnerablities

2015-09-24 00:00:00

freebsd_advisory

FreeBSD-SA-15:07.ntp

2015-04-07 00:00:00

veracode

Man-In-The-Middle (MitM)

2019-05-02 05:41:08

Man-in-the-Middle (MitM)

2019-05-02 05:41:08

Improper Input Validation And Arbitary Code Injection

2019-05-02 05:41:07

oraclelinux

ntp security, bug fix, and enhancement update

2015-07-28 00:00:00

ntp security, bug fix, and enhancement update

2015-11-23 00:00:00

cve

CVE-2015-1799

2015-04-08 10:59:00

CVE-2015-1798

2015-04-08 10:59:00

prion

Design/Logic Flaw

2015-04-08 10:59:00

Design/Logic Flaw

2015-04-08 10:59:00

SOL16506 - NTP vulnerability CVE-2015-1799

2015-04-24 00:00:00

K16506 : NTP vulnerability CVE-2015-1799

2015-09-18 00:00:00

K16505 : NTP vulnerability CVE-2015-1798

2015-11-07 00:00:00

aix

Vulnerability in NTPv3 affects AIX,Vulnerability in NTPv3 affects VIOS

2015-08-21 09:06:03

Vulnerabilities in NTPv4 affect AIX,Vulnerabilities in NTPv4 affect VIOS

2015-06-29 10:00:16

debiancve

CVE-2015-1799

2015-04-08 10:59:00

CVE-2015-1798

2015-04-08 10:59:00

ubuntucve

CVE-2015-1799

2015-04-08 00:00:00

CVE-2015-1798

2015-04-08 00:00:00

threatpost

NTP Symmetric Key Authentication Security Vulnerabilities Patched

2015-04-08 11:37:31

redhat

(RHSA-2015:2231) Moderate: ntp security, bug fix, and enhancement update

2015-11-19 14:42:12

(RHSA-2015:1459) Moderate: ntp security, bug fix, and enhancement update

2015-07-22 00:00:00

centos

ntp, ntpdate, sntp security update

2015-11-30 19:45:44

ntp, ntpdate security update

2015-07-26 14:13:05

suse

Security update for ntp (important)

2015-07-02 17:05:24

Security update for ntp (important)

2016-07-29 19:08:48

Security update for yast2-ntp-client (important)

2016-08-17 21:08:25

ics

Rockwell Automation Stratix 5900

2017-05-10 12:00:00

Products

Security Intelligence
Non-intrusive assessment
Developers SDK
Windows scanner
Linux scanner
Perimeter control tool
MSSP

Database

Vulnerabilities
Exploits
IOC
Security News
BugBounty
Popular
Wild Exploited
Top Vulnerabilities

Tools

Linux Security Scanner
API integration
Subscriptions
Plugins
Manual Audit

Learn More

Stats
API
Docs
Api-keys
License
Pricing
Glossary
FAQ

Company

Blog
Contacts
About Us
OpenSource
EULA
Brand Guideline
Privacy Policy

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply. All product names, logos, and brands are property of their respective owners. All company, product and service names used in this website are for identification purposes only. Use of these names, logos, and brands does not imply endorsement.If you are an owner of some content and want it to be removed, please contact us. Using Vulners services you are accepting Vulners services end-user license agreement

@2024 Vulners Inc

4.3 Medium

CVSS2

Access Vector

ADJACENT_NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:A/AC:M/Au:N/C:N/I:P/A:P

0.008 Low

EPSS

Percentile

81.4%

JSON

Related for EBD84C96-DD7E-11E4-854E-3C970E169BC2