Lucene search
Ubuntu.comUB:CVE-2015-1798HistoryApr 08, 2015 - 12:00 a.m.
CVE-2015-1798
2015-04-0800:00:00
ubuntu.com
ubuntu.com
13
1.8 Low
CVSS2
Access Vector
ADJACENT_NETWORK
Access Complexity
HIGH
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:A/AC:H/Au:N/C:N/I:P/A:N
0.008 Low
EPSS
Percentile
81.4%
The symmetric-key feature in the receive function in ntp_proto.c in ntpd in
NTP 4.x before 4.2.8p2 requires a correct MAC only if the MAC field has a
nonzero length, which makes it easier for man-in-the-middle attackers to
spoof packets by omitting the MAC.
Bugs
Notes
| Author | Note |
|---|---|
| mdeslaur | 4.2.5p99+ only |
Related
prion
prion
Design/Logic Flaw
2015-04-08 10:59:00
f5
f5
K16505 : NTP vulnerability CVE-2015-1798
2015-11-07 00:00:00
SOL16505 - NTP vulnerability CVE-2015-1798
2015-04-23 00:00:00
debiancve
debiancve
CVE-2015-1798
2015-04-08 10:59:00
threatpost
threatpost
NTP Symmetric Key Authentication Security Vulnerabilities Patched
2015-04-08 11:37:31
nessus
nessus
F5 Networks BIG-IP : NTP vulnerability (K16505)
2015-04-24 00:00:00
Rockwell Automation Stratix NTP Authentication bypass (CVE-2015-1798)
2023-11-15 00:00:00
cisco
cisco
cve
cve
CVE-2015-1798
2015-04-08 10:59:00
mageia
mageia
Updated ntp packages fix security vulnerabilities
2015-04-15 12:01:28
freebsd
freebsd
ntp -- multiple vulnerabilities
2015-04-07 00:00:00
openvas
openvas
Slackware: Security Advisory (SSA:2015-111-08)
2022-04-21 00:00:00
Debian Security Advisory DSA 3223-1 (ntp - security update)
2015-04-12 00:00:00
NTP < 4.2.8p2 Multiple Vulnerabilities
2021-06-21 00:00:00
slackware
slackware
[slackware-security] ntp
2015-04-22 01:21:55
amazon
amazon
Important: ntp
2015-05-05 15:56:00
securityvulns
securityvulns
ntpd restrictions bypass
2015-04-08 00:00:00
FreeBSD Security Advisory FreeBSD-SA-15:07.ntp
2015-04-08 00:00:00
Apple Mac OS X / EFI multiple security vulnerabilities
2015-07-05 00:00:00
debian
debian
[SECURITY] [DSA 3223-1] ntp security update
2015-04-12 16:29:16
[SECURITY] [DLA 192-1] ntp security update
2015-04-10 21:52:54
cert
cert
NTP Project ntpd reference implementation contains multiple vulnerabilities
2015-04-07 00:00:00
ubuntu
ubuntu
NTP vulnerabilities
2015-04-13 00:00:00
archlinux
archlinux
ntp: multiple issues
2015-04-08 00:00:00
fedora
fedora
[SECURITY] Fedora 22 Update: ntp-4.2.6p5-30.fc22
2015-04-22 22:56:05
[SECURITY] Fedora 20 Update: ntp-4.2.6p5-22.fc20
2015-04-22 22:55:51
[SECURITY] Fedora 21 Update: ntp-4.2.6p5-30.fc21
2015-04-28 13:01:04
ibm
ibm
osv
osv
ntp - security update
2015-04-10 00:00:00
ntp - security update
2015-04-12 00:00:00
gentoo
gentoo
NTP: Multiple vulnerablities
2015-09-24 00:00:00
freebsd_advisory
freebsd_advisory
FreeBSD-SA-15:07.ntp
2015-04-07 00:00:00
veracode
veracode
Man-in-the-Middle (MitM)
2019-05-02 05:41:08
Man-In-The-Middle (MitM)
2019-05-02 05:41:08
Insufficient Entropy In Key Generation Algorithm
2019-05-02 05:41:08
oraclelinux
oraclelinux
ntp security, bug fix, and enhancement update
2015-07-28 00:00:00
ntp security, bug fix, and enhancement update
2015-11-23 00:00:00
redhat
redhat
(RHSA-2015:2231) Moderate: ntp security, bug fix, and enhancement update
2015-11-19 14:42:12
(RHSA-2015:1459) Moderate: ntp security, bug fix, and enhancement update
2015-07-22 00:00:00
centos
centos
ntp, ntpdate, sntp security update
2015-11-30 19:45:44
ntp, ntpdate security update
2015-07-26 14:13:05
suse
suse
Security update for ntp (important)
2016-07-29 19:08:48
Security update for yast2-ntp-client (important)
2016-08-17 21:08:25
ics
ics
Rockwell Automation Stratix 5900
2017-05-10 12:00:00
1.8 Low
CVSS2
Access Vector
ADJACENT_NETWORK
Access Complexity
HIGH
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:A/AC:H/Au:N/C:N/I:P/A:N
0.008 Low
EPSS
Percentile
81.4%
Related for UB:CVE-2015-1798