Action not permitted
Modal body text goes here.
Modal Title
Modal Body
icsa-21-103-11
Vulnerability from csaf_cisa
Published
2021-04-13 00:00
Modified
2025-06-10 00:00
Summary
Siemens TIM 4R-IE Devices
Notes
Summary
TIM 4R-IE devices contain multiple vulnerabilities in the integrated NTP component as listed below.
Siemens recommends specific countermeasures for products where fixes are not, or not yet available.
General Recommendations
As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens' operational guidelines for Industrial Security (Download:
https://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.
Additional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity
Additional Resources
For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories
Terms of Use
The use of Siemens Security Advisories is subject to the terms and conditions listed on: https://www.siemens.com/productcert/terms-of-use.
Legal Notice
All information products included in https://us-cert.cisa.gov/ics are provided "as is" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.
Advisory Conversion Disclaimer
This ICSA is a verbatim republication of Siemens ProductCERT SSA-497656 from a direct conversion of their vendor's Common Security Advisory Framework (CSAF) advisory. This is republished to CISA's website as a means of increasing visibility and is provided "as-is" for informational purposes only. CISA is not responsible for the editorial or technical accuracy of republished advisories and provides no warranties of any kind regarding any information contained within this advisory. Further, CISA does not endorse any commercial product or service. Please contact Siemens ProductCERT directly for any questions regarding this advisory.
Critical infrastructure sectors
Critical Manufacturing
Countries/areas deployed
Worldwide
Company headquarters location
Germany
Recommended Practices
CISA recommends users take defensive measures to minimize the exploitation risk of this vulnerability.
Recommended Practices
Minimize network exposure for all control system devices and/or systems, and ensure they are not accessible from the internet.
Recommended Practices
Locate control system networks and remote devices behind firewalls and isolate them from business networks.
Recommended Practices
When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most recent version available. Also recognize VPN is only as secure as its connected devices.
Recommended Practices
CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.
Recommended Practices
CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.
Recommended Practices
CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets. Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.
Recommended Practices
Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.
{ "document": { "acknowledgments": [ { "organization": "Siemens ProductCERT", "summary": "reporting these vulnerabilities to CISA." } ], "category": "csaf_security_advisory", "csaf_version": "2.0", "distribution": { "text": "Disclosure is not limited", "tlp": { "label": "WHITE", "url": "https://us-cert.cisa.gov/tlp/" } }, "lang": "en", "notes": [ { "category": "summary", "text": "TIM 4R-IE devices contain multiple vulnerabilities in the integrated NTP component as listed below.\n\nSiemens recommends specific countermeasures for products where fixes are not, or not yet available.", "title": "Summary" }, { "category": "general", "text": "As a general security measure, Siemens strongly recommends to protect network access to devices with appropriate mechanisms. In order to operate the devices in a protected IT environment, Siemens recommends to configure the environment according to Siemens\u0027 operational guidelines for Industrial Security (Download: \nhttps://www.siemens.com/cert/operational-guidelines-industrial-security), and to follow the recommendations in the product manuals.\nAdditional information on Industrial Security by Siemens can be found at: https://www.siemens.com/industrialsecurity", "title": "General Recommendations" }, { "category": "general", "text": "For further inquiries on security vulnerabilities in Siemens products and solutions, please contact the Siemens ProductCERT: https://www.siemens.com/cert/advisories", "title": "Additional Resources" }, { "category": "legal_disclaimer", "text": "The use of Siemens Security Advisories is subject to the terms and conditions listed on: https://www.siemens.com/productcert/terms-of-use.", "title": "Terms of Use" }, { "category": "legal_disclaimer", "text": "All information products included in https://us-cert.cisa.gov/ics are provided \"as is\" for informational purposes only. The Department of Homeland Security (DHS) does not provide any warranties of any kind regarding any information contained within. DHS does not endorse any commercial product or service, referenced in this product or otherwise. Further dissemination of this product is governed by the Traffic Light Protocol (TLP) marking in the header. For more information about TLP, see https://us-cert.cisa.gov/tlp/.", "title": "Legal Notice" }, { "category": "other", "text": "This ICSA is a verbatim republication of Siemens ProductCERT SSA-497656 from a direct conversion of their vendor\u0027s Common Security Advisory Framework (CSAF) advisory. This is republished to CISA\u0027s website as a means of increasing visibility and is provided \"as-is\" for informational purposes only. CISA is not responsible for the editorial or technical accuracy of republished advisories and provides no warranties of any kind regarding any information contained within this advisory. Further, CISA does not endorse any commercial product or service. Please contact Siemens ProductCERT directly for any questions regarding this advisory.", "title": "Advisory Conversion Disclaimer" }, { "category": "other", "text": "Critical Manufacturing", "title": "Critical infrastructure sectors" }, { "category": "other", "text": "Worldwide", "title": "Countries/areas deployed" }, { "category": "other", "text": "Germany", "title": "Company headquarters location" }, { "category": "general", "text": "CISA recommends users take defensive measures to minimize the exploitation risk of this vulnerability.", "title": "Recommended Practices" }, { "category": "general", "text": "Minimize network exposure for all control system devices and/or systems, and ensure they are not accessible from the internet.", "title": "Recommended Practices" }, { "category": "general", "text": "Locate control system networks and remote devices behind firewalls and isolate them from business networks.", "title": "Recommended Practices" }, { "category": "general", "text": "When remote access is required, use more secure methods, such as Virtual Private Networks (VPNs), recognizing VPNs may have vulnerabilities and should be updated to the most recent version available. Also recognize VPN is only as secure as its connected devices.", "title": "Recommended Practices" }, { "category": "general", "text": "CISA reminds organizations to perform proper impact analysis and risk assessment prior to deploying defensive measures.", "title": "Recommended Practices" }, { "category": "general", "text": "CISA also provides a section for control systems security recommended practices on the ICS webpage on cisa.gov. Several CISA products detailing cyber defense best practices are available for reading and download, including Improving Industrial Control Systems Cybersecurity with Defense-in-Depth Strategies.", "title": "Recommended Practices" }, { "category": "general", "text": "CISA encourages organizations to implement recommended cybersecurity strategies for proactive defense of ICS assets. Additional mitigation guidance and recommended practices are publicly available on the ICS webpage at cisa.gov in the technical information paper, ICS-TIP-12-146-01B--Targeted Cyber Intrusion Detection and Mitigation Strategies.", "title": "Recommended Practices" }, { "category": "general", "text": "Organizations observing suspected malicious activity should follow established internal procedures and report findings to CISA for tracking and correlation against other incidents.", "title": "Recommended Practices" } ], "publisher": { "category": "other", "contact_details": "central@cisa.dhs.gov", "name": "CISA", "namespace": "https://www.cisa.gov/" }, "references": [ { "category": "self", "summary": "SSA-497656: Multiple NTP Vulnerabilities in TIM 4R-IE Devices - CSAF Version", "url": "https://cert-portal.siemens.com/productcert/csaf/ssa-497656.json" }, { "category": "self", "summary": "SSA-497656: Multiple NTP Vulnerabilities in TIM 4R-IE Devices - HTML Version", "url": "https://cert-portal.siemens.com/productcert/html/ssa-497656.html" }, { "category": "self", "summary": "ICS Advisory ICSA-21-103-11 JSON", "url": "https://raw.githubusercontent.com/cisagov/CSAF/develop/csaf_files/OT/white/2021/icsa-21-103-11.json" }, { "category": "self", "summary": "ICS Advisory ICSA-21-103-11 - Web Version", "url": "https://www.cisa.gov/news-events/ics-advisories/icsa-21-103-11" }, { "category": "external", "summary": "Recommended Practices", "url": "https://www.cisa.gov/uscert/ics/alerts/ICS-ALERT-10-301-01" }, { "category": "external", "summary": "Recommended Practices", "url": "https://www.cisa.gov/resources-tools/resources/ics-recommended-practices" }, { "category": "external", "summary": "Recommended Practices", "url": "https://www.cisa.gov/topics/industrial-control-systems" }, { "category": "external", "summary": "Recommended Practices", "url": "https://us-cert.cisa.gov/sites/default/files/recommended_practices/NCCIC_ICS-CERT_Defense_in_Depth_2016_S508C.pdf" }, { "category": "external", "summary": "Recommended Practices", "url": "https://www.cisa.gov/sites/default/files/publications/Cybersecurity_Best_Practices_for_Industrial_Control_Systems.pdf" }, { "category": "external", "summary": "Recommended Practices", "url": "https://www.cisa.gov/uscert/ics/tips/ICS-TIP-12-146-01B" } ], "title": "Siemens TIM 4R-IE Devices", "tracking": { "current_release_date": "2025-06-10T00:00:00.000000Z", "generator": { "date": "2025-06-12T16:06:28.183821Z", "engine": { "name": "CISA CSAF Generator", "version": "1.0.0" } }, "id": "ICSA-21-103-11", "initial_release_date": "2021-04-13T00:00:00.000000Z", "revision_history": [ { "date": "2021-04-13T00:00:00.000000Z", "legacy_version": "1.0", "number": "1", "summary": "Publication Date" }, { "date": "2025-06-10T00:00:00.000000Z", "legacy_version": "1.1", "number": "2", "summary": "Expanded affected TIM 4R-IE product families to individual products, incl. MLFB IDs; CVE-2015-5219: changed CWE from CWE-704 to CWE-681; CVE-2015-7973: changed CWE from CWE-254 to CWE-294; CVE-2015-7979: changed CWE from CWE-19 to CWE-821; CVE-2016-1547: changed CWE from CWE-20 to CWE-821; CVE-2016-1548: changed CWE from CWE-19 to CWE-290" } ], "status": "final", "version": "2" } }, "product_tree": { "branches": [ { "branches": [ { "branches": [ { "category": "product_version_range", "name": "vers:all/*", "product": { "name": "SIPLUS NET TIM 4R-IE (6AG1800-4BA00-7AA0)", "product_id": "CSAFPID-0001", "product_identification_helper": { "model_numbers": [ "6AG1800-4BA00-7AA0" ] } } } ], "category": "product_name", "name": "SIPLUS NET TIM 4R-IE (6AG1800-4BA00-7AA0)" }, { "branches": [ { "category": "product_version_range", "name": "vers:all/*", "product": { "name": "SIPLUS NET TIM 4R-IE DNP3 (6AG1803-4BA00-7AA0)", "product_id": "CSAFPID-0002", "product_identification_helper": { "model_numbers": [ "6AG1803-4BA00-7AA0" ] } } } ], "category": "product_name", "name": "SIPLUS NET TIM 4R-IE DNP3 (6AG1803-4BA00-7AA0)" }, { "branches": [ { "category": "product_version_range", "name": "vers:all/*", "product": { "name": "TIM 4R-IE (6NH7800-4BA00)", "product_id": "CSAFPID-0003", "product_identification_helper": { "model_numbers": [ "6NH7800-4BA00" ] } } } ], "category": "product_name", "name": "TIM 4R-IE (6NH7800-4BA00)" }, { "branches": [ { "category": "product_version_range", "name": "vers:all/*", "product": { "name": "TIM 4R-IE DNP3 (6NH7803-4BA00-0AA0)", "product_id": "CSAFPID-0004", "product_identification_helper": { "model_numbers": [ "6NH7803-4BA00-0AA0" ] } } } ], "category": "product_name", "name": "TIM 4R-IE DNP3 (6NH7803-4BA00-0AA0)" } ], "category": "vendor", "name": "Siemens" } ] }, "vulnerabilities": [ { "cve": "CVE-2015-5219", "cwe": { "id": "CWE-681", "name": "Incorrect Conversion between Numeric Types" }, "notes": [ { "category": "summary", "text": "The ULOGTOD function in ntp.d in SNTP before 4.2.7p366 does not properly perform type conversions from a precision value to a double, which allows remote attackers to cause a denial of service (infinite loop) via a crafted NTP packet.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004" ] }, "remediations": [ { "category": "no_fix_planned", "details": "Currently no fix is planned", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004" ] }, { "category": "workaround", "details": "Deactivate NTP-based time syncronization of the device, if enabled. The feature is disabled by default.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004" ] }, { "category": "workaround", "details": "Configure an additional firewall to prevent communication to the port udp/123 of an affected device.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004" ] } ], "title": "CVE-2015-5219" }, { "cve": "CVE-2015-7705", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "notes": [ { "category": "summary", "text": "The rate limiting feature in NTP 4.x before 4.2.8p4 and 4.3.x before 4.3.77 allows remote attackers to have unspecified impact via a large number of crafted requests.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004" ] }, "remediations": [ { "category": "no_fix_planned", "details": "Currently no fix is planned", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004" ] }, { "category": "workaround", "details": "Deactivate NTP-based time syncronization of the device, if enabled. The feature is disabled by default.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004" ] }, { "category": "workaround", "details": "Configure an additional firewall to prevent communication to the port udp/123 of an affected device.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004" ] } ], "scores": [ { "cvss_v3": { "baseScore": 9.8, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004" ] } ], "title": "CVE-2015-7705" }, { "cve": "CVE-2015-7855", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "notes": [ { "category": "summary", "text": "The decodenetnum function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (assertion failure) via a 6 or mode 7 packet containing a long data value.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004" ] }, "remediations": [ { "category": "no_fix_planned", "details": "Currently no fix is planned", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004" ] }, { "category": "workaround", "details": "Deactivate NTP-based time syncronization of the device, if enabled. The feature is disabled by default.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004" ] }, { "category": "workaround", "details": "Configure an additional firewall to prevent communication to the port udp/123 of an affected device.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004" ] } ], "scores": [ { "cvss_v3": { "baseScore": 6.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004" ] } ], "title": "CVE-2015-7855" }, { "cve": "CVE-2015-7871", "cwe": { "id": "CWE-287", "name": "Improper Authentication" }, "notes": [ { "category": "summary", "text": "Crypto-NAK packets in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to bypass authentication.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004" ] }, "remediations": [ { "category": "no_fix_planned", "details": "Currently no fix is planned", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004" ] }, { "category": "workaround", "details": "Deactivate NTP-based time syncronization of the device, if enabled. The feature is disabled by default.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004" ] }, { "category": "workaround", "details": "Configure an additional firewall to prevent communication to the port udp/123 of an affected device.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004" ] } ], "scores": [ { "cvss_v3": { "baseScore": 9.8, "baseSeverity": "CRITICAL", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004" ] } ], "title": "CVE-2015-7871" }, { "cve": "CVE-2015-7973", "cwe": { "id": "CWE-294", "name": "Authentication Bypass by Capture-replay" }, "notes": [ { "category": "summary", "text": "NTP before 4.2.8p6 and 4.3.x before 4.3.90, when configured in broadcast mode, allows man-in-the-middle attackers to conduct replay attacks by sniffing the network.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004" ] }, "remediations": [ { "category": "no_fix_planned", "details": "Currently no fix is planned", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004" ] }, { "category": "workaround", "details": "Deactivate NTP-based time syncronization of the device, if enabled. The feature is disabled by default.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004" ] }, { "category": "workaround", "details": "Configure an additional firewall to prevent communication to the port udp/123 of an affected device.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004" ] } ], "scores": [ { "cvss_v3": { "baseScore": 6.5, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004" ] } ], "title": "CVE-2015-7973" }, { "cve": "CVE-2015-7974", "cwe": { "id": "CWE-287", "name": "Improper Authentication" }, "notes": [ { "category": "summary", "text": "NTP 4.x before 4.2.8p6 and 4.3.x before 4.3.90 do not verify peer associations of symmetric keys when authenticating packets, which might allow remote attackers to conduct impersonation attacks via an arbitrary trusted key, aka a \"skeleton key.\"", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004" ] }, "remediations": [ { "category": "no_fix_planned", "details": "Currently no fix is planned", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004" ] }, { "category": "workaround", "details": "Deactivate NTP-based time syncronization of the device, if enabled. The feature is disabled by default.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004" ] }, { "category": "workaround", "details": "Configure an additional firewall to prevent communication to the port udp/123 of an affected device.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.7, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:N", "version": "3.1" }, "products": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004" ] } ], "title": "CVE-2015-7974" }, { "cve": "CVE-2015-7977", "cwe": { "id": "CWE-476", "name": "NULL Pointer Dereference" }, "notes": [ { "category": "summary", "text": "ntpd in NTP before 4.2.8p6 and 4.3.x before 4.3.90 allows remote attackers to cause a denial of service (NULL pointer dereference) via a ntpdc reslist command.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004" ] }, "remediations": [ { "category": "no_fix_planned", "details": "Currently no fix is planned", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004" ] }, { "category": "workaround", "details": "Deactivate NTP-based time syncronization of the device, if enabled. The feature is disabled by default.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004" ] }, { "category": "workaround", "details": "Configure an additional firewall to prevent communication to the port udp/123 of an affected device.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.9, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004" ] } ], "title": "CVE-2015-7977" }, { "cve": "CVE-2015-7979", "cwe": { "id": "CWE-821", "name": "Incorrect Synchronization" }, "notes": [ { "category": "summary", "text": "NTP before 4.2.8p6 and 4.3.x before 4.3.90 allows remote attackers to cause a denial of service (client-server association tear down) by sending broadcast packets with invalid authentication to a broadcast client.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004" ] }, "remediations": [ { "category": "no_fix_planned", "details": "Currently no fix is planned", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004" ] }, { "category": "workaround", "details": "Deactivate NTP-based time syncronization of the device, if enabled. The feature is disabled by default.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004" ] }, { "category": "workaround", "details": "Configure an additional firewall to prevent communication to the port udp/123 of an affected device.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004" ] } ], "title": "CVE-2015-7979" }, { "cve": "CVE-2015-8138", "cwe": { "id": "CWE-20", "name": "Improper Input Validation" }, "notes": [ { "category": "summary", "text": "NTP before 4.2.8p6 and 4.3.x before 4.3.90 allows remote attackers to bypass the origin timestamp validation via a packet with an origin timestamp set to zero.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004" ] }, "remediations": [ { "category": "no_fix_planned", "details": "Currently no fix is planned", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004" ] }, { "category": "workaround", "details": "Deactivate NTP-based time syncronization of the device, if enabled. The feature is disabled by default.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004" ] }, { "category": "workaround", "details": "Configure an additional firewall to prevent communication to the port udp/123 of an affected device.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N", "version": "3.1" }, "products": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004" ] } ], "title": "CVE-2015-8138" }, { "cve": "CVE-2016-1547", "cwe": { "id": "CWE-821", "name": "Incorrect Synchronization" }, "notes": [ { "category": "summary", "text": "An off-path attacker can cause a preemptible client association to be demobilized in NTP 4.2.8p4 and earlier and NTPSec a5fb34b9cc89b92a8fef2f459004865c93bb7f92 by sending a crypto NAK packet to a victim client with a spoofed source address of an existing associated peer. This is true even if authentication is enabled.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004" ] }, "remediations": [ { "category": "no_fix_planned", "details": "Currently no fix is planned", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004" ] }, { "category": "workaround", "details": "Deactivate NTP-based time syncronization of the device, if enabled. The feature is disabled by default.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004" ] }, { "category": "workaround", "details": "Configure an additional firewall to prevent communication to the port udp/123 of an affected device.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L", "version": "3.1" }, "products": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004" ] } ], "title": "CVE-2016-1547" }, { "cve": "CVE-2016-1548", "cwe": { "id": "CWE-290", "name": "Authentication Bypass by Spoofing" }, "notes": [ { "category": "summary", "text": "An attacker can spoof a packet from a legitimate ntpd server with an origin timestamp that matches the peer-\u003edst timestamp recorded for that server. After making this switch, the client in NTP 4.2.8p4 and earlier and NTPSec aa48d001683e5b791a743ec9c575aaf7d867a2b0c will reject all future legitimate server responses. It is possible to force the victim client to move time after the mode has been changed. ntpq gives no indication that the mode has been switched.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004" ] }, "remediations": [ { "category": "no_fix_planned", "details": "Currently no fix is planned", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004" ] }, { "category": "workaround", "details": "Deactivate NTP-based time syncronization of the device, if enabled. The feature is disabled by default.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004" ] }, { "category": "workaround", "details": "Configure an additional firewall to prevent communication to the port udp/123 of an affected device.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.2, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:L", "version": "3.1" }, "products": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004" ] } ], "title": "CVE-2016-1548" }, { "cve": "CVE-2016-1550", "cwe": { "id": "CWE-200", "name": "Exposure of Sensitive Information to an Unauthorized Actor" }, "notes": [ { "category": "summary", "text": "An exploitable vulnerability exists in the message authentication functionality of libntp in ntp 4.2.8p4 and NTPSec a5fb34b9cc89b92a8fef2f459004865c93bb7f92. An attacker can send a series of crafted messages to attempt to recover the message digest key.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004" ] }, "remediations": [ { "category": "no_fix_planned", "details": "Currently no fix is planned", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004" ] }, { "category": "workaround", "details": "Deactivate NTP-based time syncronization of the device, if enabled. The feature is disabled by default.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004" ] }, { "category": "workaround", "details": "Configure an additional firewall to prevent communication to the port udp/123 of an affected device.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004" ] } ], "scores": [ { "cvss_v3": { "baseScore": 5.3, "baseSeverity": "MEDIUM", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N", "version": "3.1" }, "products": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004" ] } ], "title": "CVE-2016-1550" }, { "cve": "CVE-2016-4953", "cwe": { "id": "CWE-287", "name": "Improper Authentication" }, "notes": [ { "category": "summary", "text": "ntpd in NTP 4.x before 4.2.8p8 allows remote attackers to cause a denial of service (ephemeral-association demobilization) by sending a spoofed crypto-NAK packet with incorrect authentication data at a certain time.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004" ] }, "remediations": [ { "category": "no_fix_planned", "details": "Currently no fix is planned", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004" ] }, { "category": "workaround", "details": "Deactivate NTP-based time syncronization of the device, if enabled. The feature is disabled by default.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004" ] }, { "category": "workaround", "details": "Configure an additional firewall to prevent communication to the port udp/123 of an affected device.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004" ] } ], "title": "CVE-2016-4953" }, { "cve": "CVE-2016-4954", "cwe": { "id": "CWE-362", "name": "Concurrent Execution using Shared Resource with Improper Synchronization (\u0027Race Condition\u0027)" }, "notes": [ { "category": "summary", "text": "The process_packet function in ntp_proto.c in ntpd in NTP 4.x before 4.2.8p8 allows remote attackers to cause a denial of service (peer-variable modification) by sending spoofed packets from many source IP addresses in a certain scenario, as demonstrated by triggering an incorrect leap indication.", "title": "Summary" } ], "product_status": { "known_affected": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004" ] }, "remediations": [ { "category": "no_fix_planned", "details": "Currently no fix is planned", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004" ] }, { "category": "workaround", "details": "Deactivate NTP-based time syncronization of the device, if enabled. The feature is disabled by default.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004" ] }, { "category": "workaround", "details": "Configure an additional firewall to prevent communication to the port udp/123 of an affected device.", "product_ids": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004" ] } ], "scores": [ { "cvss_v3": { "baseScore": 7.5, "baseSeverity": "HIGH", "vectorString": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H", "version": "3.1" }, "products": [ "CSAFPID-0001", "CSAFPID-0002", "CSAFPID-0003", "CSAFPID-0004" ] } ], "title": "CVE-2016-4954" } ] }
CVE-2016-1550 (GCVE-0-2016-1550)
Vulnerability from cvelistv5
Published
2017-01-06 21:00
Modified
2024-08-05 23:02
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- unspecified
Summary
An exploitable vulnerability exists in the message authentication functionality of libntp in ntp 4.2.8p4 and NTPSec a5fb34b9cc89b92a8fef2f459004865c93bb7f92. An attacker can send a series of crafted messages to attempt to recover the message digest key.
References
Impacted products
Vendor | Product | Version | |||||||
---|---|---|---|---|---|---|---|---|---|
▼ | NTP Project | NTP |
Version: 4.2.8p3 Version: 4.2.8p4 |
||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T23:02:11.957Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "USN-3096-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "http://www.ubuntu.com/usn/USN-3096-1" }, { "name": "DSA-3629", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2016/dsa-3629" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html" }, { "name": "RHSA-2016:1141", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2016:1141" }, { "name": "SUSE-SU-2016:1912", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00026.html" }, { "name": "VU#718152", "tags": [ "third-party-advisory", "x_refsource_CERT-VN", "x_transferred" ], "url": "https://www.kb.cert.org/vuls/id/718152" }, { "name": "RHSA-2016:1552", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-1552.html" }, { "name": "1035705", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1035705" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20171004-0002/" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://www.talosintelligence.com/reports/TALOS-2016-0084/" }, { "name": "20160428 Multiple Vulnerabilities in Network Time Protocol Daemon Affecting Cisco Products: April 2016", "tags": [ "vendor-advisory", "x_refsource_CISCO", "x_transferred" ], "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160428-ntpd" }, { "name": "FreeBSD-SA-16:16", "tags": [ "vendor-advisory", "x_refsource_FREEBSD", "x_transferred" ], "url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-16:16.ntp.asc" }, { "name": "88261", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/88261" }, { "name": "SUSE-SU-2016:2094", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00042.html" }, { "name": "openSUSE-SU-2016:1423", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-updates/2016-05/msg00114.html" }, { "name": "GLSA-201607-15", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201607-15" }, { "name": "openSUSE-SU-2016:1329", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00052.html" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://packetstormsecurity.com/files/136864/Slackware-Security-Advisory-ntp-Updates.html" }, { "name": "SUSE-SU-2016:1471", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00001.html" }, { "name": "FEDORA-2016-5b2eb0bf9c", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/184669.html" }, { "name": "SUSE-SU-2016:1291", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00037.html" }, { "name": "DSA-3629", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "https://www.debian.org/security/2016/dsa-3629" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2016-0084" }, { "name": "20160429 [slackware-security] ntp (SSA:2016-120-01)", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/538233/100/0/threaded" }, { "name": "SUSE-SU-2016:1568", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00020.html" }, { "name": "20160429 [slackware-security] ntp (SSA:2016-120-01)", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/archive/1/538233/100/0/threaded" }, { "name": "SUSE-SU-2016:1278", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00034.html" }, { "name": "FEDORA-2016-ed8c6c0426", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183647.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-497656.pdf" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-103-11" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-211752.pdf" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-159-11" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1332-security-advisory-19" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "NTP", "vendor": "NTP Project", "versions": [ { "status": "affected", "version": "4.2.8p3" }, { "status": "affected", "version": "4.2.8p4" } ] }, { "product": "NTPSec", "vendor": "NTPsec Project", "versions": [ { "status": "affected", "version": "a5fb34b9cc89b92a8fef2f459004865c93bb7f92" } ] } ], "datePublic": "2016-04-26T00:00:00", "descriptions": [ { "lang": "en", "value": "An exploitable vulnerability exists in the message authentication functionality of libntp in ntp 4.2.8p4 and NTPSec a5fb34b9cc89b92a8fef2f459004865c93bb7f92. An attacker can send a series of crafted messages to attempt to recover the message digest key." } ], "problemTypes": [ { "descriptions": [ { "description": "unspecified", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2021-11-05T17:25:28", "orgId": "37e5125f-f79b-445b-8fad-9564f167944b", "shortName": "certcc" }, "references": [ { "name": "USN-3096-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "http://www.ubuntu.com/usn/USN-3096-1" }, { "name": "DSA-3629", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2016/dsa-3629" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html" }, { "name": "RHSA-2016:1141", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2016:1141" }, { "name": "SUSE-SU-2016:1912", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00026.html" }, { "name": "VU#718152", "tags": [ "third-party-advisory", "x_refsource_CERT-VN" ], "url": "https://www.kb.cert.org/vuls/id/718152" }, { "name": "RHSA-2016:1552", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-1552.html" }, { "name": "1035705", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1035705" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://security.netapp.com/advisory/ntap-20171004-0002/" }, { "tags": [ "x_refsource_MISC" ], "url": "http://www.talosintelligence.com/reports/TALOS-2016-0084/" }, { "name": "20160428 Multiple Vulnerabilities in Network Time Protocol Daemon Affecting Cisco Products: April 2016", "tags": [ "vendor-advisory", "x_refsource_CISCO" ], "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160428-ntpd" }, { "name": "FreeBSD-SA-16:16", "tags": [ "vendor-advisory", "x_refsource_FREEBSD" ], "url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-16:16.ntp.asc" }, { "name": "88261", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/88261" }, { "name": "SUSE-SU-2016:2094", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00042.html" }, { "name": "openSUSE-SU-2016:1423", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-updates/2016-05/msg00114.html" }, { "name": "GLSA-201607-15", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201607-15" }, { "name": "openSUSE-SU-2016:1329", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00052.html" }, { "tags": [ "x_refsource_MISC" ], "url": "http://packetstormsecurity.com/files/136864/Slackware-Security-Advisory-ntp-Updates.html" }, { "name": "SUSE-SU-2016:1471", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00001.html" }, { "name": "FEDORA-2016-5b2eb0bf9c", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/184669.html" }, { "name": "SUSE-SU-2016:1291", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00037.html" }, { "name": "DSA-3629", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "https://www.debian.org/security/2016/dsa-3629" }, { "tags": [ "x_refsource_MISC" ], "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2016-0084" }, { "name": "20160429 [slackware-security] ntp (SSA:2016-120-01)", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://www.securityfocus.com/archive/1/538233/100/0/threaded" }, { "name": "SUSE-SU-2016:1568", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00020.html" }, { "name": "20160429 [slackware-security] ntp (SSA:2016-120-01)", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://www.securityfocus.com/archive/1/archive/1/538233/100/0/threaded" }, { "name": "SUSE-SU-2016:1278", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00034.html" }, { "name": "FEDORA-2016-ed8c6c0426", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183647.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-497656.pdf" }, { "tags": [ "x_refsource_MISC" ], "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-103-11" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-211752.pdf" }, { "tags": [ "x_refsource_MISC" ], "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-159-11" }, { "tags": [ "x_refsource_MISC" ], "url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1332-security-advisory-19" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cert@cert.org", "ID": "CVE-2016-1550", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "NTP", "version": { "version_data": [ { "version_value": "4.2.8p3" }, { "version_value": "4.2.8p4" } ] } } ] }, "vendor_name": "NTP Project" }, { "product": { "product_data": [ { "product_name": "NTPSec", "version": { "version_data": [ { "version_value": "a5fb34b9cc89b92a8fef2f459004865c93bb7f92" } ] } } ] }, "vendor_name": "NTPsec Project" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "An exploitable vulnerability exists in the message authentication functionality of libntp in ntp 4.2.8p4 and NTPSec a5fb34b9cc89b92a8fef2f459004865c93bb7f92. An attacker can send a series of crafted messages to attempt to recover the message digest key." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "unspecified" } ] } ] }, "references": { "reference_data": [ { "name": "USN-3096-1", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/USN-3096-1" }, { "name": "DSA-3629", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2016/dsa-3629" }, { "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", "refsource": "CONFIRM", "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html" }, { "name": "RHSA-2016:1141", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2016:1141" }, { "name": "SUSE-SU-2016:1912", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00026.html" }, { "name": "VU#718152", "refsource": "CERT-VN", "url": "https://www.kb.cert.org/vuls/id/718152" }, { "name": "RHSA-2016:1552", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-1552.html" }, { "name": "1035705", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1035705" }, { "name": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", "refsource": "CONFIRM", "url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html" }, { "name": "https://security.netapp.com/advisory/ntap-20171004-0002/", "refsource": "CONFIRM", "url": "https://security.netapp.com/advisory/ntap-20171004-0002/" }, { "name": "http://www.talosintelligence.com/reports/TALOS-2016-0084/", "refsource": "MISC", "url": "http://www.talosintelligence.com/reports/TALOS-2016-0084/" }, { "name": "20160428 Multiple Vulnerabilities in Network Time Protocol Daemon Affecting Cisco Products: April 2016", "refsource": "CISCO", "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160428-ntpd" }, { "name": "FreeBSD-SA-16:16", "refsource": "FREEBSD", "url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-16:16.ntp.asc" }, { "name": "88261", "refsource": "BID", "url": "http://www.securityfocus.com/bid/88261" }, { "name": "SUSE-SU-2016:2094", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00042.html" }, { "name": "openSUSE-SU-2016:1423", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-updates/2016-05/msg00114.html" }, { "name": "GLSA-201607-15", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201607-15" }, { "name": "openSUSE-SU-2016:1329", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00052.html" }, { "name": "http://packetstormsecurity.com/files/136864/Slackware-Security-Advisory-ntp-Updates.html", "refsource": "MISC", "url": "http://packetstormsecurity.com/files/136864/Slackware-Security-Advisory-ntp-Updates.html" }, { "name": "SUSE-SU-2016:1471", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00001.html" }, { "name": "FEDORA-2016-5b2eb0bf9c", "refsource": "FEDORA", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/184669.html" }, { "name": "SUSE-SU-2016:1291", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00037.html" }, { "name": "DSA-3629", "refsource": "DEBIAN", "url": "https://www.debian.org/security/2016/dsa-3629" }, { "name": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2016-0084", "refsource": "MISC", "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2016-0084" }, { "name": "20160429 [slackware-security] ntp (SSA:2016-120-01)", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/538233/100/0/threaded" }, { "name": "SUSE-SU-2016:1568", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00020.html" }, { "name": "20160429 [slackware-security] ntp (SSA:2016-120-01)", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/archive/1/538233/100/0/threaded" }, { "name": "SUSE-SU-2016:1278", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00034.html" }, { "name": "FEDORA-2016-ed8c6c0426", "refsource": "FEDORA", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183647.html" }, { "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-497656.pdf", "refsource": "CONFIRM", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-497656.pdf" }, { "name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-103-11", "refsource": "MISC", "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-103-11" }, { "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-211752.pdf", "refsource": "CONFIRM", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-211752.pdf" }, { "name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-159-11", "refsource": "MISC", "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-159-11" }, { "name": "https://www.arista.com/en/support/advisories-notices/security-advisories/1332-security-advisory-19", "refsource": "MISC", "url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1332-security-advisory-19" } ] } } } }, "cveMetadata": { "assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b", "assignerShortName": "certcc", "cveId": "CVE-2016-1550", "datePublished": "2017-01-06T21:00:00", "dateReserved": "2016-01-07T00:00:00", "dateUpdated": "2024-08-05T23:02:11.957Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2015-8138 (GCVE-0-2015-8138)
Vulnerability from cvelistv5
Published
2017-01-30 21:00
Modified
2024-08-06 08:13
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
NTP before 4.2.8p6 and 4.3.x before 4.3.90 allows remote attackers to bypass the origin timestamp validation via a packet with an origin timestamp set to zero.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T08:13:31.677Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "20160120 Multiple Vulnerabilities in Network Time Protocol Daemon Affecting Cisco Products - January 2016", "tags": [ "vendor-advisory", "x_refsource_CISCO", "x_transferred" ], "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160127-ntpd" }, { "name": "USN-3096-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "http://www.ubuntu.com/usn/USN-3096-1" }, { "name": "SUSE-SU-2016:1177", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00060.html" }, { "name": "DSA-3629", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2016/dsa-3629" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03766en_us" }, { "name": "SUSE-SU-2016:1912", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00026.html" }, { "name": "1034782", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1034782" }, { "name": "openSUSE-SU-2016:1292", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00038.html" }, { "name": "VU#718152", "tags": [ "third-party-advisory", "x_refsource_CERT-VN", "x_transferred" ], "url": "https://www.kb.cert.org/vuls/id/718152" }, { "name": "SUSE-SU-2016:1247", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00020.html" }, { "name": "RHSA-2016:0063", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0063.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03750en_us" }, { "name": "FEDORA-2016-8bb1932088", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/176434.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20171004-0002/" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20171031-0001/" }, { "name": "SUSE-SU-2016:1311", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00048.html" }, { "name": "20160428 Multiple Vulnerabilities in Network Time Protocol Daemon Affecting Cisco Products: April 2016", "tags": [ "vendor-advisory", "x_refsource_CISCO", "x_transferred" ], "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160428-ntpd" }, { "name": "20161123 Multiple Vulnerabilities in Network Time Protocol Daemon Affecting Cisco Products: November 2016", "tags": [ "vendor-advisory", "x_refsource_CISCO", "x_transferred" ], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161123-ntpd" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://support.ntp.org/bin/view/Main/SecurityNotice#April_2016_NTP_4_2_8p7_Security" }, { "name": "FEDORA-2016-34bc10a2c8", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177507.html" }, { "name": "SUSE-SU-2016:2094", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00042.html" }, { "name": "SUSE-SU-2016:1175", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00059.html" }, { "name": "81811", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/81811" }, { "name": "FreeBSD-SA-16:09", "tags": [ "vendor-advisory", "x_refsource_FREEBSD", "x_transferred" ], "url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-16:09.ntp.asc" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://bto.bluecoat.com/security-advisory/sa113" }, { "name": "openSUSE-SU-2016:1423", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-updates/2016-05/msg00114.html" }, { "name": "GLSA-201607-15", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201607-15" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-497656.pdf" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-103-11" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-211752.pdf" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1332-security-advisory-19" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-01-27T00:00:00", "descriptions": [ { "lang": "en", "value": "NTP before 4.2.8p6 and 4.3.x before 4.3.90 allows remote attackers to bypass the origin timestamp validation via a packet with an origin timestamp set to zero." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2021-11-05T17:23:16", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "20160120 Multiple Vulnerabilities in Network Time Protocol Daemon Affecting Cisco Products - January 2016", "tags": [ "vendor-advisory", "x_refsource_CISCO" ], "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160127-ntpd" }, { "name": "USN-3096-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "http://www.ubuntu.com/usn/USN-3096-1" }, { "name": "SUSE-SU-2016:1177", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00060.html" }, { "name": "DSA-3629", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2016/dsa-3629" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03766en_us" }, { "name": "SUSE-SU-2016:1912", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00026.html" }, { "name": "1034782", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1034782" }, { "name": "openSUSE-SU-2016:1292", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00038.html" }, { "name": "VU#718152", "tags": [ "third-party-advisory", "x_refsource_CERT-VN" ], "url": "https://www.kb.cert.org/vuls/id/718152" }, { "name": "SUSE-SU-2016:1247", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00020.html" }, { "name": "RHSA-2016:0063", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0063.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03750en_us" }, { "name": "FEDORA-2016-8bb1932088", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/176434.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://security.netapp.com/advisory/ntap-20171004-0002/" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://security.netapp.com/advisory/ntap-20171031-0001/" }, { "name": "SUSE-SU-2016:1311", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00048.html" }, { "name": "20160428 Multiple Vulnerabilities in Network Time Protocol Daemon Affecting Cisco Products: April 2016", "tags": [ "vendor-advisory", "x_refsource_CISCO" ], "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160428-ntpd" }, { "name": "20161123 Multiple Vulnerabilities in Network Time Protocol Daemon Affecting Cisco Products: November 2016", "tags": [ "vendor-advisory", "x_refsource_CISCO" ], "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161123-ntpd" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://support.ntp.org/bin/view/Main/SecurityNotice#April_2016_NTP_4_2_8p7_Security" }, { "name": "FEDORA-2016-34bc10a2c8", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177507.html" }, { "name": "SUSE-SU-2016:2094", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00042.html" }, { "name": "SUSE-SU-2016:1175", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00059.html" }, { "name": "81811", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/81811" }, { "name": "FreeBSD-SA-16:09", "tags": [ "vendor-advisory", "x_refsource_FREEBSD" ], "url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-16:09.ntp.asc" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://bto.bluecoat.com/security-advisory/sa113" }, { "name": "openSUSE-SU-2016:1423", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-updates/2016-05/msg00114.html" }, { "name": "GLSA-201607-15", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201607-15" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-497656.pdf" }, { "tags": [ "x_refsource_MISC" ], "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-103-11" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-211752.pdf" }, { "tags": [ "x_refsource_MISC" ], "url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1332-security-advisory-19" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2015-8138", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "NTP before 4.2.8p6 and 4.3.x before 4.3.90 allows remote attackers to bypass the origin timestamp validation via a packet with an origin timestamp set to zero." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "20160120 Multiple Vulnerabilities in Network Time Protocol Daemon Affecting Cisco Products - January 2016", "refsource": "CISCO", "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160127-ntpd" }, { "name": "USN-3096-1", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/USN-3096-1" }, { "name": "SUSE-SU-2016:1177", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00060.html" }, { "name": "DSA-3629", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2016/dsa-3629" }, { "name": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03766en_us", "refsource": "CONFIRM", "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03766en_us" }, { "name": "SUSE-SU-2016:1912", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00026.html" }, { "name": "1034782", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1034782" }, { "name": "openSUSE-SU-2016:1292", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00038.html" }, { "name": "VU#718152", "refsource": "CERT-VN", "url": "https://www.kb.cert.org/vuls/id/718152" }, { "name": "SUSE-SU-2016:1247", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00020.html" }, { "name": "RHSA-2016:0063", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-0063.html" }, { "name": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03750en_us", "refsource": "CONFIRM", "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03750en_us" }, { "name": "FEDORA-2016-8bb1932088", "refsource": "FEDORA", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/176434.html" }, { "name": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", "refsource": "CONFIRM", "url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html" }, { "name": "https://security.netapp.com/advisory/ntap-20171004-0002/", "refsource": "CONFIRM", "url": "https://security.netapp.com/advisory/ntap-20171004-0002/" }, { "name": "https://security.netapp.com/advisory/ntap-20171031-0001/", "refsource": "CONFIRM", "url": "https://security.netapp.com/advisory/ntap-20171031-0001/" }, { "name": "SUSE-SU-2016:1311", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00048.html" }, { "name": "20160428 Multiple Vulnerabilities in Network Time Protocol Daemon Affecting Cisco Products: April 2016", "refsource": "CISCO", "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160428-ntpd" }, { "name": "20161123 Multiple Vulnerabilities in Network Time Protocol Daemon Affecting Cisco Products: November 2016", "refsource": "CISCO", "url": "https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20161123-ntpd" }, { "name": "http://support.ntp.org/bin/view/Main/SecurityNotice#April_2016_NTP_4_2_8p7_Security", "refsource": "CONFIRM", "url": "http://support.ntp.org/bin/view/Main/SecurityNotice#April_2016_NTP_4_2_8p7_Security" }, { "name": "FEDORA-2016-34bc10a2c8", "refsource": "FEDORA", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177507.html" }, { "name": "SUSE-SU-2016:2094", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00042.html" }, { "name": "SUSE-SU-2016:1175", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00059.html" }, { "name": "81811", "refsource": "BID", "url": "http://www.securityfocus.com/bid/81811" }, { "name": "FreeBSD-SA-16:09", "refsource": "FREEBSD", "url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-16:09.ntp.asc" }, { "name": "https://bto.bluecoat.com/security-advisory/sa113", "refsource": "CONFIRM", "url": "https://bto.bluecoat.com/security-advisory/sa113" }, { "name": "openSUSE-SU-2016:1423", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-updates/2016-05/msg00114.html" }, { "name": "GLSA-201607-15", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201607-15" }, { "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-497656.pdf", "refsource": "CONFIRM", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-497656.pdf" }, { "name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-103-11", "refsource": "MISC", "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-103-11" }, { "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-211752.pdf", "refsource": "CONFIRM", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-211752.pdf" }, { "name": "https://www.arista.com/en/support/advisories-notices/security-advisories/1332-security-advisory-19", "refsource": "MISC", "url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1332-security-advisory-19" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2015-8138", "datePublished": "2017-01-30T21:00:00", "dateReserved": "2015-11-13T00:00:00", "dateUpdated": "2024-08-06T08:13:31.677Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2015-7855 (GCVE-0-2015-7855)
Vulnerability from cvelistv5
Published
2017-08-07 20:00
Modified
2024-08-06 08:06
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The decodenetnum function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (assertion failure) via a 6 or mode 7 packet containing a long data value.
References
▼ | URL | Tags |
---|---|---|
https://www.exploit-db.com/exploits/40840/ | exploit, x_refsource_EXPLOIT-DB | |
http://www.securityfocus.com/bid/77283 | vdb-entry, x_refsource_BID | |
http://www.securitytracker.com/id/1033951 | vdb-entry, x_refsource_SECTRACK | |
http://www.debian.org/security/2015/dsa-3388 | vendor-advisory, x_refsource_DEBIAN | |
https://bugzilla.redhat.com/show_bug.cgi?id=1274264 | x_refsource_CONFIRM | |
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05270839 | x_refsource_CONFIRM | |
http://support.ntp.org/bin/view/Main/NtpBug2922 | x_refsource_CONFIRM | |
https://security.gentoo.org/glsa/201607-15 | vendor-advisory, x_refsource_GENTOO | |
https://security.netapp.com/advisory/ntap-20171004-0001/ | x_refsource_CONFIRM | |
https://cert-portal.siemens.com/productcert/pdf/ssa-497656.pdf | x_refsource_CONFIRM | |
https://us-cert.cisa.gov/ics/advisories/icsa-21-103-11 | x_refsource_CONFIRM |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T08:06:29.899Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "40840", "tags": [ "exploit", "x_refsource_EXPLOIT-DB", "x_transferred" ], "url": "https://www.exploit-db.com/exploits/40840/" }, { "name": "77283", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/77283" }, { "name": "1033951", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1033951" }, { "name": "DSA-3388", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2015/dsa-3388" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1274264" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05270839" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://support.ntp.org/bin/view/Main/NtpBug2922" }, { "name": "GLSA-201607-15", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201607-15" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20171004-0001/" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-497656.pdf" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-103-11" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2015-10-21T00:00:00", "descriptions": [ { "lang": "en", "value": "The decodenetnum function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (assertion failure) via a 6 or mode 7 packet containing a long data value." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2021-04-15T20:37:11", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "40840", "tags": [ "exploit", "x_refsource_EXPLOIT-DB" ], "url": "https://www.exploit-db.com/exploits/40840/" }, { "name": "77283", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/77283" }, { "name": "1033951", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1033951" }, { "name": "DSA-3388", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2015/dsa-3388" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1274264" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05270839" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://support.ntp.org/bin/view/Main/NtpBug2922" }, { "name": "GLSA-201607-15", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201607-15" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://security.netapp.com/advisory/ntap-20171004-0001/" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-497656.pdf" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-103-11" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2015-7855", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "The decodenetnum function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (assertion failure) via a 6 or mode 7 packet containing a long data value." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "40840", "refsource": "EXPLOIT-DB", "url": "https://www.exploit-db.com/exploits/40840/" }, { "name": "77283", "refsource": "BID", "url": "http://www.securityfocus.com/bid/77283" }, { "name": "1033951", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1033951" }, { "name": "DSA-3388", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2015/dsa-3388" }, { "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1274264", "refsource": "CONFIRM", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1274264" }, { "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05270839", "refsource": "CONFIRM", "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05270839" }, { "name": "http://support.ntp.org/bin/view/Main/NtpBug2922", "refsource": "CONFIRM", "url": "http://support.ntp.org/bin/view/Main/NtpBug2922" }, { "name": "GLSA-201607-15", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201607-15" }, { "name": "https://security.netapp.com/advisory/ntap-20171004-0001/", "refsource": "CONFIRM", "url": "https://security.netapp.com/advisory/ntap-20171004-0001/" }, { "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-497656.pdf", "refsource": "CONFIRM", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-497656.pdf" }, { "name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-103-11", "refsource": "CONFIRM", "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-103-11" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2015-7855", "datePublished": "2017-08-07T20:00:00", "dateReserved": "2015-10-16T00:00:00", "dateUpdated": "2024-08-06T08:06:29.899Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2015-7979 (GCVE-0-2015-7979)
Vulnerability from cvelistv5
Published
2017-01-30 21:00
Modified
2024-08-06 08:06
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
NTP before 4.2.8p6 and 4.3.x before 4.3.90 allows remote attackers to cause a denial of service (client-server association tear down) by sending broadcast packets with invalid authentication to a broadcast client.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T08:06:31.532Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "20160120 Multiple Vulnerabilities in Network Time Protocol Daemon Affecting Cisco Products - January 2016", "tags": [ "vendor-advisory", "x_refsource_CISCO", "x_transferred" ], "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160127-ntpd" }, { "name": "USN-3096-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "http://www.ubuntu.com/usn/USN-3096-1" }, { "name": "SUSE-SU-2016:1177", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00060.html" }, { "name": "DSA-3629", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2016/dsa-3629" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03766en_us" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html" }, { "name": "RHSA-2016:1141", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2016:1141" }, { "name": "SUSE-SU-2016:1912", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00026.html" }, { "name": "1034782", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1034782" }, { "name": "openSUSE-SU-2016:1292", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00038.html" }, { "name": "VU#718152", "tags": [ "third-party-advisory", "x_refsource_CERT-VN", "x_transferred" ], "url": "https://www.kb.cert.org/vuls/id/718152" }, { "name": "SUSE-SU-2016:1247", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00020.html" }, { "name": "RHSA-2016:1552", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-1552.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03750en_us" }, { "name": "FEDORA-2016-8bb1932088", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/176434.html" }, { "name": "RHSA-2016:2583", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-2583.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20171031-0001/" }, { "name": "SUSE-SU-2016:1311", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00048.html" }, { "name": "81816", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/81816" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://support.ntp.org/bin/view/Main/SecurityNotice#April_2016_NTP_4_2_8p7_Security" }, { "name": "FEDORA-2016-34bc10a2c8", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177507.html" }, { "name": "SUSE-SU-2016:2094", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00042.html" }, { "name": "SUSE-SU-2016:1175", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00059.html" }, { "name": "FreeBSD-SA-16:09", "tags": [ "vendor-advisory", "x_refsource_FREEBSD", "x_transferred" ], "url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-16:09.ntp.asc" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://bto.bluecoat.com/security-advisory/sa113" }, { "name": "openSUSE-SU-2016:1423", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-updates/2016-05/msg00114.html" }, { "name": "GLSA-201607-15", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201607-15" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-497656.pdf" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-103-11" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-01-27T00:00:00", "descriptions": [ { "lang": "en", "value": "NTP before 4.2.8p6 and 4.3.x before 4.3.90 allows remote attackers to cause a denial of service (client-server association tear down) by sending broadcast packets with invalid authentication to a broadcast client." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2021-04-15T20:21:16", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "20160120 Multiple Vulnerabilities in Network Time Protocol Daemon Affecting Cisco Products - January 2016", "tags": [ "vendor-advisory", "x_refsource_CISCO" ], "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160127-ntpd" }, { "name": "USN-3096-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "http://www.ubuntu.com/usn/USN-3096-1" }, { "name": "SUSE-SU-2016:1177", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00060.html" }, { "name": "DSA-3629", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2016/dsa-3629" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03766en_us" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html" }, { "name": "RHSA-2016:1141", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2016:1141" }, { "name": "SUSE-SU-2016:1912", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00026.html" }, { "name": "1034782", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1034782" }, { "name": "openSUSE-SU-2016:1292", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00038.html" }, { "name": "VU#718152", "tags": [ "third-party-advisory", "x_refsource_CERT-VN" ], "url": "https://www.kb.cert.org/vuls/id/718152" }, { "name": "SUSE-SU-2016:1247", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00020.html" }, { "name": "RHSA-2016:1552", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-1552.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03750en_us" }, { "name": "FEDORA-2016-8bb1932088", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/176434.html" }, { "name": "RHSA-2016:2583", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-2583.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://security.netapp.com/advisory/ntap-20171031-0001/" }, { "name": "SUSE-SU-2016:1311", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00048.html" }, { "name": "81816", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/81816" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://support.ntp.org/bin/view/Main/SecurityNotice#April_2016_NTP_4_2_8p7_Security" }, { "name": "FEDORA-2016-34bc10a2c8", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177507.html" }, { "name": "SUSE-SU-2016:2094", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00042.html" }, { "name": "SUSE-SU-2016:1175", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00059.html" }, { "name": "FreeBSD-SA-16:09", "tags": [ "vendor-advisory", "x_refsource_FREEBSD" ], "url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-16:09.ntp.asc" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://bto.bluecoat.com/security-advisory/sa113" }, { "name": "openSUSE-SU-2016:1423", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-updates/2016-05/msg00114.html" }, { "name": "GLSA-201607-15", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201607-15" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-497656.pdf" }, { "tags": [ "x_refsource_MISC" ], "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-103-11" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2015-7979", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "NTP before 4.2.8p6 and 4.3.x before 4.3.90 allows remote attackers to cause a denial of service (client-server association tear down) by sending broadcast packets with invalid authentication to a broadcast client." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "20160120 Multiple Vulnerabilities in Network Time Protocol Daemon Affecting Cisco Products - January 2016", "refsource": "CISCO", "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160127-ntpd" }, { "name": "USN-3096-1", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/USN-3096-1" }, { "name": "SUSE-SU-2016:1177", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00060.html" }, { "name": "DSA-3629", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2016/dsa-3629" }, { "name": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03766en_us", "refsource": "CONFIRM", "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03766en_us" }, { "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", "refsource": "CONFIRM", "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html" }, { "name": "RHSA-2016:1141", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2016:1141" }, { "name": "SUSE-SU-2016:1912", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00026.html" }, { "name": "1034782", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1034782" }, { "name": "openSUSE-SU-2016:1292", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00038.html" }, { "name": "VU#718152", "refsource": "CERT-VN", "url": "https://www.kb.cert.org/vuls/id/718152" }, { "name": "SUSE-SU-2016:1247", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00020.html" }, { "name": "RHSA-2016:1552", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-1552.html" }, { "name": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03750en_us", "refsource": "CONFIRM", "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03750en_us" }, { "name": "FEDORA-2016-8bb1932088", "refsource": "FEDORA", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/176434.html" }, { "name": "RHSA-2016:2583", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-2583.html" }, { "name": "https://security.netapp.com/advisory/ntap-20171031-0001/", "refsource": "CONFIRM", "url": "https://security.netapp.com/advisory/ntap-20171031-0001/" }, { "name": "SUSE-SU-2016:1311", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00048.html" }, { "name": "81816", "refsource": "BID", "url": "http://www.securityfocus.com/bid/81816" }, { "name": "http://support.ntp.org/bin/view/Main/SecurityNotice#April_2016_NTP_4_2_8p7_Security", "refsource": "CONFIRM", "url": "http://support.ntp.org/bin/view/Main/SecurityNotice#April_2016_NTP_4_2_8p7_Security" }, { "name": "FEDORA-2016-34bc10a2c8", "refsource": "FEDORA", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177507.html" }, { "name": "SUSE-SU-2016:2094", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00042.html" }, { "name": "SUSE-SU-2016:1175", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00059.html" }, { "name": "FreeBSD-SA-16:09", "refsource": "FREEBSD", "url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-16:09.ntp.asc" }, { "name": "https://bto.bluecoat.com/security-advisory/sa113", "refsource": "CONFIRM", "url": "https://bto.bluecoat.com/security-advisory/sa113" }, { "name": "openSUSE-SU-2016:1423", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-updates/2016-05/msg00114.html" }, { "name": "GLSA-201607-15", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201607-15" }, { "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-497656.pdf", "refsource": "CONFIRM", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-497656.pdf" }, { "name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-103-11", "refsource": "MISC", "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-103-11" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2015-7979", "datePublished": "2017-01-30T21:00:00", "dateReserved": "2015-10-23T00:00:00", "dateUpdated": "2024-08-06T08:06:31.532Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2015-5219 (GCVE-0-2015-5219)
Vulnerability from cvelistv5
Published
2017-07-21 14:00
Modified
2024-08-06 06:41
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The ULOGTOD function in ntp.d in SNTP before 4.2.7p366 does not properly perform type conversions from a precision value to a double, which allows remote attackers to cause a denial of service (infinite loop) via a crafted NTP packet.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T06:41:08.551Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://aix.software.ibm.com/aix/efixes/security/ntp_advisory4.asc" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://www-01.ibm.com/support/docview.wss?uid=isg3T1024157" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://github.com/ntp-project/ntp/commit/5f295cd05c3c136d39f5b3e500a2d781bdbb59c8" }, { "name": "openSUSE-SU:2016:3280", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-updates/2016-12/msg00153.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://www.ibm.com/support/home/docdisplay?lndocid=migr-5099409" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html" }, { "name": "USN-2783-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "http://www.ubuntu.com/usn/USN-2783-1" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://www-01.ibm.com/support/docview.wss?uid=swg21986956" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://www-01.ibm.com/support/docview.wss?uid=swg21988706" }, { "name": "RHSA-2016:2583", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-2583.html" }, { "name": "FEDORA-2015-77bfbc1bcd", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/170926.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://bk1.ntp.org/ntp-dev/?PAGE=patch\u0026REV=51786731Gr4-NOrTBC_a_uXO4wuGhg" }, { "name": "RHSA-2016:0780", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0780.html" }, { "name": "DSA-3388", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2015/dsa-3388" }, { "name": "[oss-security] 20150825 Several low impact ntp.org ntpd issues", "tags": [ "mailing-list", "x_refsource_MLIST", "x_transferred" ], "url": "http://www.openwall.com/lists/oss-security/2015/08/25/3" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1255118" }, { "name": "76473", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/76473" }, { "name": "SUSE-SU:2016:1311", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00048.html" }, { "name": "FEDORA-2015-14212", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/169167.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://www-01.ibm.com/support/docview.wss?uid=swg21989542" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://www-01.ibm.com/support/docview.wss?uid=swg21985122" }, { "name": "FEDORA-2015-14213", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-September/166992.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-497656.pdf" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-103-11" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2013-04-24T00:00:00", "descriptions": [ { "lang": "en", "value": "The ULOGTOD function in ntp.d in SNTP before 4.2.7p366 does not properly perform type conversions from a precision value to a double, which allows remote attackers to cause a denial of service (infinite loop) via a crafted NTP packet." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2021-04-15T20:35:47", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "http://aix.software.ibm.com/aix/efixes/security/ntp_advisory4.asc" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://www-01.ibm.com/support/docview.wss?uid=isg3T1024157" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://github.com/ntp-project/ntp/commit/5f295cd05c3c136d39f5b3e500a2d781bdbb59c8" }, { "name": "openSUSE-SU:2016:3280", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-updates/2016-12/msg00153.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://www.ibm.com/support/home/docdisplay?lndocid=migr-5099409" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html" }, { "name": "USN-2783-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "http://www.ubuntu.com/usn/USN-2783-1" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://www-01.ibm.com/support/docview.wss?uid=swg21986956" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://www-01.ibm.com/support/docview.wss?uid=swg21988706" }, { "name": "RHSA-2016:2583", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-2583.html" }, { "name": "FEDORA-2015-77bfbc1bcd", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-November/170926.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://bk1.ntp.org/ntp-dev/?PAGE=patch\u0026REV=51786731Gr4-NOrTBC_a_uXO4wuGhg" }, { "name": "RHSA-2016:0780", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0780.html" }, { "name": "DSA-3388", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2015/dsa-3388" }, { "name": "[oss-security] 20150825 Several low impact ntp.org ntpd issues", "tags": [ "mailing-list", "x_refsource_MLIST" ], "url": "http://www.openwall.com/lists/oss-security/2015/08/25/3" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1255118" }, { "name": "76473", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/76473" }, { "name": "SUSE-SU:2016:1311", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00048.html" }, { "name": "FEDORA-2015-14212", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-October/169167.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://www-01.ibm.com/support/docview.wss?uid=swg21989542" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://www-01.ibm.com/support/docview.wss?uid=swg21985122" }, { "name": "FEDORA-2015-14213", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-September/166992.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-497656.pdf" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-103-11" } ] } }, "cveMetadata": { "assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2015-5219", "datePublished": "2017-07-21T14:00:00", "dateReserved": "2015-07-01T00:00:00", "dateUpdated": "2024-08-06T06:41:08.551Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2016-4954 (GCVE-0-2016-4954)
Vulnerability from cvelistv5
Published
2016-07-05 01:00
Modified
2024-08-06 00:46
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The process_packet function in ntp_proto.c in ntpd in NTP 4.x before 4.2.8p8 allows remote attackers to cause a denial of service (peer-variable modification) by sending spoofed packets from many source IP addresses in a certain scenario, as demonstrated by triggering an incorrect leap indication.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T00:46:39.878Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "SUSE-SU-2016:1602", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00028.html" }, { "name": "USN-3096-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "http://www.ubuntu.com/usn/USN-3096-1" }, { "name": "FEDORA-2016-c3bd6a3496", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WNWGCQLW2VY72NIUYMJOCAKJKTXHDUK2/" }, { "name": "openSUSE-SU-2016:1583", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00023.html" }, { "name": "FreeBSD-SA-16:24", "tags": [ "vendor-advisory", "x_refsource_FREEBSD", "x_transferred" ], "url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-16:24.ntp.asc" }, { "name": "SUSE-SU-2016:1912", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00026.html" }, { "name": "FEDORA-2016-89e0874533", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ORAMN3Q7TVJ54MBYF75XCJOE3DP7LYHT/" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03757en_us" }, { "name": "1036037", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1036037" }, { "name": "SUSE-SU-2016:1584", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00024.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://support.ntp.org/bin/view/Main/NtpBug3044" }, { "name": "SUSE-SU-2016:2094", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00042.html" }, { "name": "VU#321640", "tags": [ "third-party-advisory", "x_refsource_CERT-VN", "x_transferred" ], "url": "http://www.kb.cert.org/vuls/id/321640" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://support.ntp.org/bin/view/Main/SecurityNotice" }, { "name": "FEDORA-2016-50b0066b7f", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/K3EYJQHJZ2KTVQ7ICEFHXTLZ36MRASWX/" }, { "name": "openSUSE-SU-2016:1636", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00040.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://bugs.ntp.org/3044" }, { "name": "SUSE-SU-2016:1563", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00018.html" }, { "name": "GLSA-201607-15", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201607-15" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://packetstormsecurity.com/files/137321/Slackware-Security-Advisory-ntp-Updates.html" }, { "name": "20160603 Multiple Vulnerabilities in Network Time Protocol Daemon Affecting Cisco Products: June 2016", "tags": [ "vendor-advisory", "x_refsource_CISCO", "x_transferred" ], "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160603-ntpd" }, { "name": "20170607 [security bulletin] HPESBHF03757 rev.1 - HPE Network Products including Comware 5 and Comware 7 running NTP, Remote Denial of Service (DoS)", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/540683/100/0/threaded" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://packetstormsecurity.com/files/137322/FreeBSD-Security-Advisory-FreeBSD-SA-16-24.ntp.html" }, { "name": "SUSE-SU-2016:1568", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00020.html" }, { "name": "20160604 [slackware-security] ntp (SSA:2016-155-01)", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/538599/100/0/threaded" }, { "name": "20170607 [security bulletin] HPESBHF03757 rev.1 - HPE Network Products including Comware 5 and Comware 7 running NTP, Remote Denial of Service (DoS)", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/archive/1/540683/100/0/threaded" }, { "name": "20160604 FreeBSD Security Advisory FreeBSD-SA-16:24.ntp", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/538600/100/0/threaded" }, { "name": "VU#321640", "tags": [ "third-party-advisory", "x_refsource_CERT-VN", "x_transferred" ], "url": "https://www.kb.cert.org/vuls/id/321640" }, { "name": "20160604 [slackware-security] ntp (SSA:2016-155-01)", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/archive/1/538599/100/0/threaded" }, { "name": "20160604 FreeBSD Security Advisory FreeBSD-SA-16:24.ntp", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/archive/1/538600/100/0/threaded" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-497656.pdf" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-103-11" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-211752.pdf" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-159-11" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-06-02T00:00:00", "descriptions": [ { "lang": "en", "value": "The process_packet function in ntp_proto.c in ntpd in NTP 4.x before 4.2.8p8 allows remote attackers to cause a denial of service (peer-variable modification) by sending spoofed packets from many source IP addresses in a certain scenario, as demonstrated by triggering an incorrect leap indication." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2021-07-16T11:59:55", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "SUSE-SU-2016:1602", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00028.html" }, { "name": "USN-3096-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "http://www.ubuntu.com/usn/USN-3096-1" }, { "name": "FEDORA-2016-c3bd6a3496", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/WNWGCQLW2VY72NIUYMJOCAKJKTXHDUK2/" }, { "name": "openSUSE-SU-2016:1583", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00023.html" }, { "name": "FreeBSD-SA-16:24", "tags": [ "vendor-advisory", "x_refsource_FREEBSD" ], "url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-16:24.ntp.asc" }, { "name": "SUSE-SU-2016:1912", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00026.html" }, { "name": "FEDORA-2016-89e0874533", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/ORAMN3Q7TVJ54MBYF75XCJOE3DP7LYHT/" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03757en_us" }, { "name": "1036037", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1036037" }, { "name": "SUSE-SU-2016:1584", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00024.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://support.ntp.org/bin/view/Main/NtpBug3044" }, { "name": "SUSE-SU-2016:2094", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00042.html" }, { "name": "VU#321640", "tags": [ "third-party-advisory", "x_refsource_CERT-VN" ], "url": "http://www.kb.cert.org/vuls/id/321640" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://support.ntp.org/bin/view/Main/SecurityNotice" }, { "name": "FEDORA-2016-50b0066b7f", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "https://lists.fedoraproject.org/archives/list/package-announce%40lists.fedoraproject.org/message/K3EYJQHJZ2KTVQ7ICEFHXTLZ36MRASWX/" }, { "name": "openSUSE-SU-2016:1636", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00040.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://bugs.ntp.org/3044" }, { "name": "SUSE-SU-2016:1563", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00018.html" }, { "name": "GLSA-201607-15", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201607-15" }, { "tags": [ "x_refsource_MISC" ], "url": "http://packetstormsecurity.com/files/137321/Slackware-Security-Advisory-ntp-Updates.html" }, { "name": "20160603 Multiple Vulnerabilities in Network Time Protocol Daemon Affecting Cisco Products: June 2016", "tags": [ "vendor-advisory", "x_refsource_CISCO" ], "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160603-ntpd" }, { "name": "20170607 [security bulletin] HPESBHF03757 rev.1 - HPE Network Products including Comware 5 and Comware 7 running NTP, Remote Denial of Service (DoS)", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://www.securityfocus.com/archive/1/540683/100/0/threaded" }, { "tags": [ "x_refsource_MISC" ], "url": "http://packetstormsecurity.com/files/137322/FreeBSD-Security-Advisory-FreeBSD-SA-16-24.ntp.html" }, { "name": "SUSE-SU-2016:1568", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00020.html" }, { "name": "20160604 [slackware-security] ntp (SSA:2016-155-01)", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://www.securityfocus.com/archive/1/538599/100/0/threaded" }, { "name": "20170607 [security bulletin] HPESBHF03757 rev.1 - HPE Network Products including Comware 5 and Comware 7 running NTP, Remote Denial of Service (DoS)", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://www.securityfocus.com/archive/1/archive/1/540683/100/0/threaded" }, { "name": "20160604 FreeBSD Security Advisory FreeBSD-SA-16:24.ntp", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://www.securityfocus.com/archive/1/538600/100/0/threaded" }, { "name": "VU#321640", "tags": [ "third-party-advisory", "x_refsource_CERT-VN" ], "url": "https://www.kb.cert.org/vuls/id/321640" }, { "name": "20160604 [slackware-security] ntp (SSA:2016-155-01)", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://www.securityfocus.com/archive/1/archive/1/538599/100/0/threaded" }, { "name": "20160604 FreeBSD Security Advisory FreeBSD-SA-16:24.ntp", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://www.securityfocus.com/archive/1/archive/1/538600/100/0/threaded" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-497656.pdf" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-103-11" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-211752.pdf" }, { "tags": [ "x_refsource_MISC" ], "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-159-11" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2016-4954", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "The process_packet function in ntp_proto.c in ntpd in NTP 4.x before 4.2.8p8 allows remote attackers to cause a denial of service (peer-variable modification) by sending spoofed packets from many source IP addresses in a certain scenario, as demonstrated by triggering an incorrect leap indication." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "SUSE-SU-2016:1602", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00028.html" }, { "name": "USN-3096-1", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/USN-3096-1" }, { "name": "FEDORA-2016-c3bd6a3496", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/WNWGCQLW2VY72NIUYMJOCAKJKTXHDUK2/" }, { "name": "openSUSE-SU-2016:1583", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00023.html" }, { "name": "FreeBSD-SA-16:24", "refsource": "FREEBSD", "url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-16:24.ntp.asc" }, { "name": "SUSE-SU-2016:1912", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00026.html" }, { "name": "FEDORA-2016-89e0874533", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/ORAMN3Q7TVJ54MBYF75XCJOE3DP7LYHT/" }, { "name": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03757en_us", "refsource": "CONFIRM", "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03757en_us" }, { "name": "1036037", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1036037" }, { "name": "SUSE-SU-2016:1584", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00024.html" }, { "name": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", "refsource": "CONFIRM", "url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html" }, { "name": "http://support.ntp.org/bin/view/Main/NtpBug3044", "refsource": "CONFIRM", "url": "http://support.ntp.org/bin/view/Main/NtpBug3044" }, { "name": "SUSE-SU-2016:2094", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00042.html" }, { "name": "VU#321640", "refsource": "CERT-VN", "url": "http://www.kb.cert.org/vuls/id/321640" }, { "name": "http://support.ntp.org/bin/view/Main/SecurityNotice", "refsource": "CONFIRM", "url": "http://support.ntp.org/bin/view/Main/SecurityNotice" }, { "name": "FEDORA-2016-50b0066b7f", "refsource": "FEDORA", "url": "https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/K3EYJQHJZ2KTVQ7ICEFHXTLZ36MRASWX/" }, { "name": "openSUSE-SU-2016:1636", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00040.html" }, { "name": "http://bugs.ntp.org/3044", "refsource": "CONFIRM", "url": "http://bugs.ntp.org/3044" }, { "name": "SUSE-SU-2016:1563", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00018.html" }, { "name": "GLSA-201607-15", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201607-15" }, { "name": "http://packetstormsecurity.com/files/137321/Slackware-Security-Advisory-ntp-Updates.html", "refsource": "MISC", "url": "http://packetstormsecurity.com/files/137321/Slackware-Security-Advisory-ntp-Updates.html" }, { "name": "20160603 Multiple Vulnerabilities in Network Time Protocol Daemon Affecting Cisco Products: June 2016", "refsource": "CISCO", "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160603-ntpd" }, { "name": "20170607 [security bulletin] HPESBHF03757 rev.1 - HPE Network Products including Comware 5 and Comware 7 running NTP, Remote Denial of Service (DoS)", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/540683/100/0/threaded" }, { "name": "http://packetstormsecurity.com/files/137322/FreeBSD-Security-Advisory-FreeBSD-SA-16-24.ntp.html", "refsource": "MISC", "url": "http://packetstormsecurity.com/files/137322/FreeBSD-Security-Advisory-FreeBSD-SA-16-24.ntp.html" }, { "name": "SUSE-SU-2016:1568", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00020.html" }, { "name": "20160604 [slackware-security] ntp (SSA:2016-155-01)", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/538599/100/0/threaded" }, { "name": "20170607 [security bulletin] HPESBHF03757 rev.1 - HPE Network Products including Comware 5 and Comware 7 running NTP, Remote Denial of Service (DoS)", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/archive/1/540683/100/0/threaded" }, { "name": "20160604 FreeBSD Security Advisory FreeBSD-SA-16:24.ntp", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/538600/100/0/threaded" }, { "name": "VU#321640", "refsource": "CERT-VN", "url": "https://www.kb.cert.org/vuls/id/321640" }, { "name": "20160604 [slackware-security] ntp (SSA:2016-155-01)", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/archive/1/538599/100/0/threaded" }, { "name": "20160604 FreeBSD Security Advisory FreeBSD-SA-16:24.ntp", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/archive/1/538600/100/0/threaded" }, { "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-497656.pdf", "refsource": "CONFIRM", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-497656.pdf" }, { "name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-103-11", "refsource": "CONFIRM", "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-103-11" }, { "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-211752.pdf", "refsource": "CONFIRM", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-211752.pdf" }, { "name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-159-11", "refsource": "MISC", "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-159-11" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2016-4954", "datePublished": "2016-07-05T01:00:00", "dateReserved": "2016-05-23T00:00:00", "dateUpdated": "2024-08-06T00:46:39.878Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2015-7977 (GCVE-0-2015-7977)
Vulnerability from cvelistv5
Published
2017-01-30 21:00
Modified
2024-08-06 08:06
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
ntpd in NTP before 4.2.8p6 and 4.3.x before 4.3.90 allows remote attackers to cause a denial of service (NULL pointer dereference) via a ntpdc reslist command.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T08:06:31.485Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "20160120 Multiple Vulnerabilities in Network Time Protocol Daemon Affecting Cisco Products - January 2016", "tags": [ "vendor-advisory", "x_refsource_CISCO", "x_transferred" ], "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160127-ntpd" }, { "name": "USN-3096-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "http://www.ubuntu.com/usn/USN-3096-1" }, { "name": "SUSE-SU-2016:1177", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00060.html" }, { "name": "DSA-3629", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2016/dsa-3629" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://support.ntp.org/bin/view/Main/NtpBug2939" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html" }, { "name": "SUSE-SU-2016:1912", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00026.html" }, { "name": "1034782", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1034782" }, { "name": "openSUSE-SU-2016:1292", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00038.html" }, { "name": "VU#718152", "tags": [ "third-party-advisory", "x_refsource_CERT-VN", "x_transferred" ], "url": "https://www.kb.cert.org/vuls/id/718152" }, { "name": "SUSE-SU-2016:1247", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00020.html" }, { "name": "FEDORA-2016-8bb1932088", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/176434.html" }, { "name": "RHSA-2016:2583", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-2583.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20171031-0001/" }, { "name": "81815", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/81815" }, { "name": "SUSE-SU-2016:1311", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00048.html" }, { "name": "RHSA-2016:0780", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0780.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://support.ntp.org/bin/view/Main/SecurityNotice#April_2016_NTP_4_2_8p7_Security" }, { "name": "FEDORA-2016-34bc10a2c8", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177507.html" }, { "name": "SUSE-SU-2016:2094", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00042.html" }, { "name": "SUSE-SU-2016:1175", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00059.html" }, { "name": "FreeBSD-SA-16:09", "tags": [ "vendor-advisory", "x_refsource_FREEBSD", "x_transferred" ], "url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-16:09.ntp.asc" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://bto.bluecoat.com/security-advisory/sa113" }, { "name": "openSUSE-SU-2016:1423", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-updates/2016-05/msg00114.html" }, { "name": "GLSA-201607-15", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201607-15" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-497656.pdf" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-103-11" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-01-27T00:00:00", "descriptions": [ { "lang": "en", "value": "ntpd in NTP before 4.2.8p6 and 4.3.x before 4.3.90 allows remote attackers to cause a denial of service (NULL pointer dereference) via a ntpdc reslist command." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2021-04-15T20:33:14", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "20160120 Multiple Vulnerabilities in Network Time Protocol Daemon Affecting Cisco Products - January 2016", "tags": [ "vendor-advisory", "x_refsource_CISCO" ], "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160127-ntpd" }, { "name": "USN-3096-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "http://www.ubuntu.com/usn/USN-3096-1" }, { "name": "SUSE-SU-2016:1177", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00060.html" }, { "name": "DSA-3629", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2016/dsa-3629" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://support.ntp.org/bin/view/Main/NtpBug2939" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html" }, { "name": "SUSE-SU-2016:1912", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00026.html" }, { "name": "1034782", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1034782" }, { "name": "openSUSE-SU-2016:1292", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00038.html" }, { "name": "VU#718152", "tags": [ "third-party-advisory", "x_refsource_CERT-VN" ], "url": "https://www.kb.cert.org/vuls/id/718152" }, { "name": "SUSE-SU-2016:1247", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00020.html" }, { "name": "FEDORA-2016-8bb1932088", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/176434.html" }, { "name": "RHSA-2016:2583", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-2583.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://security.netapp.com/advisory/ntap-20171031-0001/" }, { "name": "81815", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/81815" }, { "name": "SUSE-SU-2016:1311", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00048.html" }, { "name": "RHSA-2016:0780", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-0780.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://support.ntp.org/bin/view/Main/SecurityNotice#April_2016_NTP_4_2_8p7_Security" }, { "name": "FEDORA-2016-34bc10a2c8", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177507.html" }, { "name": "SUSE-SU-2016:2094", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00042.html" }, { "name": "SUSE-SU-2016:1175", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00059.html" }, { "name": "FreeBSD-SA-16:09", "tags": [ "vendor-advisory", "x_refsource_FREEBSD" ], "url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-16:09.ntp.asc" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://bto.bluecoat.com/security-advisory/sa113" }, { "name": "openSUSE-SU-2016:1423", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-updates/2016-05/msg00114.html" }, { "name": "GLSA-201607-15", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201607-15" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-497656.pdf" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-103-11" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2015-7977", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "ntpd in NTP before 4.2.8p6 and 4.3.x before 4.3.90 allows remote attackers to cause a denial of service (NULL pointer dereference) via a ntpdc reslist command." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "20160120 Multiple Vulnerabilities in Network Time Protocol Daemon Affecting Cisco Products - January 2016", "refsource": "CISCO", "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160127-ntpd" }, { "name": "USN-3096-1", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/USN-3096-1" }, { "name": "SUSE-SU-2016:1177", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00060.html" }, { "name": "DSA-3629", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2016/dsa-3629" }, { "name": "http://support.ntp.org/bin/view/Main/NtpBug2939", "refsource": "CONFIRM", "url": "http://support.ntp.org/bin/view/Main/NtpBug2939" }, { "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", "refsource": "CONFIRM", "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html" }, { "name": "SUSE-SU-2016:1912", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00026.html" }, { "name": "1034782", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1034782" }, { "name": "openSUSE-SU-2016:1292", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00038.html" }, { "name": "VU#718152", "refsource": "CERT-VN", "url": "https://www.kb.cert.org/vuls/id/718152" }, { "name": "SUSE-SU-2016:1247", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00020.html" }, { "name": "FEDORA-2016-8bb1932088", "refsource": "FEDORA", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-January/176434.html" }, { "name": "RHSA-2016:2583", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-2583.html" }, { "name": "https://security.netapp.com/advisory/ntap-20171031-0001/", "refsource": "CONFIRM", "url": "https://security.netapp.com/advisory/ntap-20171031-0001/" }, { "name": "81815", "refsource": "BID", "url": "http://www.securityfocus.com/bid/81815" }, { "name": "SUSE-SU-2016:1311", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00048.html" }, { "name": "RHSA-2016:0780", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-0780.html" }, { "name": "http://support.ntp.org/bin/view/Main/SecurityNotice#April_2016_NTP_4_2_8p7_Security", "refsource": "CONFIRM", "url": "http://support.ntp.org/bin/view/Main/SecurityNotice#April_2016_NTP_4_2_8p7_Security" }, { "name": "FEDORA-2016-34bc10a2c8", "refsource": "FEDORA", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177507.html" }, { "name": "SUSE-SU-2016:2094", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00042.html" }, { "name": "SUSE-SU-2016:1175", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00059.html" }, { "name": "FreeBSD-SA-16:09", "refsource": "FREEBSD", "url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-16:09.ntp.asc" }, { "name": "https://bto.bluecoat.com/security-advisory/sa113", "refsource": "CONFIRM", "url": "https://bto.bluecoat.com/security-advisory/sa113" }, { "name": "openSUSE-SU-2016:1423", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-updates/2016-05/msg00114.html" }, { "name": "GLSA-201607-15", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201607-15" }, { "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-497656.pdf", "refsource": "CONFIRM", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-497656.pdf" }, { "name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-103-11", "refsource": "CONFIRM", "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-103-11" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2015-7977", "datePublished": "2017-01-30T21:00:00", "dateReserved": "2015-10-23T00:00:00", "dateUpdated": "2024-08-06T08:06:31.485Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2016-1547 (GCVE-0-2016-1547)
Vulnerability from cvelistv5
Published
2017-01-06 21:00
Modified
2024-08-05 23:02
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- unspecified
Summary
An off-path attacker can cause a preemptible client association to be demobilized in NTP 4.2.8p4 and earlier and NTPSec a5fb34b9cc89b92a8fef2f459004865c93bb7f92 by sending a crypto NAK packet to a victim client with a spoofed source address of an existing associated peer. This is true even if authentication is enabled.
References
Impacted products
Vendor | Product | Version | |||||||
---|---|---|---|---|---|---|---|---|---|
▼ | NTP Project | NTP |
Version: 4.2.8p3 Version: 4.2.8p4 |
||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T23:02:11.962Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "88276", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/88276" }, { "name": "DSA-3629", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2016/dsa-3629" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html" }, { "name": "RHSA-2016:1141", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2016:1141" }, { "name": "RHSA-2016:1552", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-1552.html" }, { "name": "1035705", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1035705" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20171004-0002/" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://www.talosintelligence.com/reports/TALOS-2016-0081/" }, { "name": "FreeBSD-SA-16:16", "tags": [ "vendor-advisory", "x_refsource_FREEBSD", "x_transferred" ], "url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-16:16.ntp.asc" }, { "name": "GLSA-201607-15", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201607-15" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-497656.pdf" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-103-11" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-211752.pdf" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1332-security-advisory-19" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "NTP", "vendor": "NTP Project", "versions": [ { "status": "affected", "version": "4.2.8p3" }, { "status": "affected", "version": "4.2.8p4" } ] }, { "product": "NTPSec", "vendor": "NTPsec Project", "versions": [ { "status": "affected", "version": "a5fb34b9cc89b92a8fef2f459004865c93bb7f92" } ] } ], "datePublic": "2016-04-26T00:00:00", "descriptions": [ { "lang": "en", "value": "An off-path attacker can cause a preemptible client association to be demobilized in NTP 4.2.8p4 and earlier and NTPSec a5fb34b9cc89b92a8fef2f459004865c93bb7f92 by sending a crypto NAK packet to a victim client with a spoofed source address of an existing associated peer. This is true even if authentication is enabled." } ], "problemTypes": [ { "descriptions": [ { "description": "unspecified", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2021-11-05T17:24:21", "orgId": "37e5125f-f79b-445b-8fad-9564f167944b", "shortName": "certcc" }, "references": [ { "name": "88276", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/88276" }, { "name": "DSA-3629", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2016/dsa-3629" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html" }, { "name": "RHSA-2016:1141", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2016:1141" }, { "name": "RHSA-2016:1552", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-1552.html" }, { "name": "1035705", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1035705" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://security.netapp.com/advisory/ntap-20171004-0002/" }, { "tags": [ "x_refsource_MISC" ], "url": "http://www.talosintelligence.com/reports/TALOS-2016-0081/" }, { "name": "FreeBSD-SA-16:16", "tags": [ "vendor-advisory", "x_refsource_FREEBSD" ], "url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-16:16.ntp.asc" }, { "name": "GLSA-201607-15", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201607-15" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-497656.pdf" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-103-11" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-211752.pdf" }, { "tags": [ "x_refsource_MISC" ], "url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1332-security-advisory-19" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cert@cert.org", "ID": "CVE-2016-1547", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "NTP", "version": { "version_data": [ { "version_value": "4.2.8p3" }, { "version_value": "4.2.8p4" } ] } } ] }, "vendor_name": "NTP Project" }, { "product": { "product_data": [ { "product_name": "NTPSec", "version": { "version_data": [ { "version_value": "a5fb34b9cc89b92a8fef2f459004865c93bb7f92" } ] } } ] }, "vendor_name": "NTPsec Project" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "An off-path attacker can cause a preemptible client association to be demobilized in NTP 4.2.8p4 and earlier and NTPSec a5fb34b9cc89b92a8fef2f459004865c93bb7f92 by sending a crypto NAK packet to a victim client with a spoofed source address of an existing associated peer. This is true even if authentication is enabled." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "unspecified" } ] } ] }, "references": { "reference_data": [ { "name": "88276", "refsource": "BID", "url": "http://www.securityfocus.com/bid/88276" }, { "name": "DSA-3629", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2016/dsa-3629" }, { "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", "refsource": "CONFIRM", "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html" }, { "name": "RHSA-2016:1141", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2016:1141" }, { "name": "RHSA-2016:1552", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-1552.html" }, { "name": "1035705", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1035705" }, { "name": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", "refsource": "CONFIRM", "url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html" }, { "name": "https://security.netapp.com/advisory/ntap-20171004-0002/", "refsource": "CONFIRM", "url": "https://security.netapp.com/advisory/ntap-20171004-0002/" }, { "name": "http://www.talosintelligence.com/reports/TALOS-2016-0081/", "refsource": "MISC", "url": "http://www.talosintelligence.com/reports/TALOS-2016-0081/" }, { "name": "FreeBSD-SA-16:16", "refsource": "FREEBSD", "url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-16:16.ntp.asc" }, { "name": "GLSA-201607-15", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201607-15" }, { "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-497656.pdf", "refsource": "CONFIRM", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-497656.pdf" }, { "name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-103-11", "refsource": "CONFIRM", "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-103-11" }, { "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-211752.pdf", "refsource": "CONFIRM", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-211752.pdf" }, { "name": "https://www.arista.com/en/support/advisories-notices/security-advisories/1332-security-advisory-19", "refsource": "MISC", "url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1332-security-advisory-19" } ] } } } }, "cveMetadata": { "assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b", "assignerShortName": "certcc", "cveId": "CVE-2016-1547", "datePublished": "2017-01-06T21:00:00", "dateReserved": "2016-01-07T00:00:00", "dateUpdated": "2024-08-05T23:02:11.962Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2016-4953 (GCVE-0-2016-4953)
Vulnerability from cvelistv5
Published
2016-07-05 01:00
Modified
2024-08-06 00:46
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
ntpd in NTP 4.x before 4.2.8p8 allows remote attackers to cause a denial of service (ephemeral-association demobilization) by sending a spoofed crypto-NAK packet with incorrect authentication data at a certain time.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T00:46:39.916Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "SUSE-SU-2016:1602", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00028.html" }, { "name": "91010", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/91010" }, { "name": "openSUSE-SU-2016:1583", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00023.html" }, { "name": "FreeBSD-SA-16:24", "tags": [ "vendor-advisory", "x_refsource_FREEBSD", "x_transferred" ], "url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-16:24.ntp.asc" }, { "name": "SUSE-SU-2016:1912", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00026.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03757en_us" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://support.ntp.org/bin/view/Main/NtpBug3045" }, { "name": "1036037", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1036037" }, { "name": "SUSE-SU-2016:1584", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00024.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html" }, { "name": "SUSE-SU-2016:2094", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00042.html" }, { "name": "VU#321640", "tags": [ "third-party-advisory", "x_refsource_CERT-VN", "x_transferred" ], "url": "http://www.kb.cert.org/vuls/id/321640" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://support.ntp.org/bin/view/Main/SecurityNotice" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://bugs.ntp.org/3045" }, { "name": "openSUSE-SU-2016:1636", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00040.html" }, { "name": "SUSE-SU-2016:1563", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00018.html" }, { "name": "GLSA-201607-15", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201607-15" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://packetstormsecurity.com/files/137321/Slackware-Security-Advisory-ntp-Updates.html" }, { "name": "20160603 Multiple Vulnerabilities in Network Time Protocol Daemon Affecting Cisco Products: June 2016", "tags": [ "vendor-advisory", "x_refsource_CISCO", "x_transferred" ], "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160603-ntpd" }, { "name": "20170607 [security bulletin] HPESBHF03757 rev.1 - HPE Network Products including Comware 5 and Comware 7 running NTP, Remote Denial of Service (DoS)", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/540683/100/0/threaded" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://packetstormsecurity.com/files/137322/FreeBSD-Security-Advisory-FreeBSD-SA-16-24.ntp.html" }, { "name": "SUSE-SU-2016:1568", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00020.html" }, { "name": "20160604 [slackware-security] ntp (SSA:2016-155-01)", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/538599/100/0/threaded" }, { "name": "20170607 [security bulletin] HPESBHF03757 rev.1 - HPE Network Products including Comware 5 and Comware 7 running NTP, Remote Denial of Service (DoS)", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/archive/1/540683/100/0/threaded" }, { "name": "20160604 FreeBSD Security Advisory FreeBSD-SA-16:24.ntp", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/538600/100/0/threaded" }, { "name": "VU#321640", "tags": [ "third-party-advisory", "x_refsource_CERT-VN", "x_transferred" ], "url": "https://www.kb.cert.org/vuls/id/321640" }, { "name": "20160604 [slackware-security] ntp (SSA:2016-155-01)", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/archive/1/538599/100/0/threaded" }, { "name": "20160604 FreeBSD Security Advisory FreeBSD-SA-16:24.ntp", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/archive/1/538600/100/0/threaded" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-497656.pdf" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-103-11" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-211752.pdf" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-159-11" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-06-02T00:00:00", "descriptions": [ { "lang": "en", "value": "ntpd in NTP 4.x before 4.2.8p8 allows remote attackers to cause a denial of service (ephemeral-association demobilization) by sending a spoofed crypto-NAK packet with incorrect authentication data at a certain time." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2021-07-16T12:08:56", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "SUSE-SU-2016:1602", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00028.html" }, { "name": "91010", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/91010" }, { "name": "openSUSE-SU-2016:1583", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00023.html" }, { "name": "FreeBSD-SA-16:24", "tags": [ "vendor-advisory", "x_refsource_FREEBSD" ], "url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-16:24.ntp.asc" }, { "name": "SUSE-SU-2016:1912", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00026.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03757en_us" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://support.ntp.org/bin/view/Main/NtpBug3045" }, { "name": "1036037", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1036037" }, { "name": "SUSE-SU-2016:1584", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00024.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html" }, { "name": "SUSE-SU-2016:2094", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00042.html" }, { "name": "VU#321640", "tags": [ "third-party-advisory", "x_refsource_CERT-VN" ], "url": "http://www.kb.cert.org/vuls/id/321640" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://support.ntp.org/bin/view/Main/SecurityNotice" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://bugs.ntp.org/3045" }, { "name": "openSUSE-SU-2016:1636", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00040.html" }, { "name": "SUSE-SU-2016:1563", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00018.html" }, { "name": "GLSA-201607-15", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201607-15" }, { "tags": [ "x_refsource_MISC" ], "url": "http://packetstormsecurity.com/files/137321/Slackware-Security-Advisory-ntp-Updates.html" }, { "name": "20160603 Multiple Vulnerabilities in Network Time Protocol Daemon Affecting Cisco Products: June 2016", "tags": [ "vendor-advisory", "x_refsource_CISCO" ], "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160603-ntpd" }, { "name": "20170607 [security bulletin] HPESBHF03757 rev.1 - HPE Network Products including Comware 5 and Comware 7 running NTP, Remote Denial of Service (DoS)", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://www.securityfocus.com/archive/1/540683/100/0/threaded" }, { "tags": [ "x_refsource_MISC" ], "url": "http://packetstormsecurity.com/files/137322/FreeBSD-Security-Advisory-FreeBSD-SA-16-24.ntp.html" }, { "name": "SUSE-SU-2016:1568", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00020.html" }, { "name": "20160604 [slackware-security] ntp (SSA:2016-155-01)", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://www.securityfocus.com/archive/1/538599/100/0/threaded" }, { "name": "20170607 [security bulletin] HPESBHF03757 rev.1 - HPE Network Products including Comware 5 and Comware 7 running NTP, Remote Denial of Service (DoS)", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://www.securityfocus.com/archive/1/archive/1/540683/100/0/threaded" }, { "name": "20160604 FreeBSD Security Advisory FreeBSD-SA-16:24.ntp", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://www.securityfocus.com/archive/1/538600/100/0/threaded" }, { "name": "VU#321640", "tags": [ "third-party-advisory", "x_refsource_CERT-VN" ], "url": "https://www.kb.cert.org/vuls/id/321640" }, { "name": "20160604 [slackware-security] ntp (SSA:2016-155-01)", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://www.securityfocus.com/archive/1/archive/1/538599/100/0/threaded" }, { "name": "20160604 FreeBSD Security Advisory FreeBSD-SA-16:24.ntp", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://www.securityfocus.com/archive/1/archive/1/538600/100/0/threaded" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-497656.pdf" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-103-11" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-211752.pdf" }, { "tags": [ "x_refsource_MISC" ], "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-159-11" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2016-4953", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "ntpd in NTP 4.x before 4.2.8p8 allows remote attackers to cause a denial of service (ephemeral-association demobilization) by sending a spoofed crypto-NAK packet with incorrect authentication data at a certain time." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "SUSE-SU-2016:1602", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00028.html" }, { "name": "91010", "refsource": "BID", "url": "http://www.securityfocus.com/bid/91010" }, { "name": "openSUSE-SU-2016:1583", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00023.html" }, { "name": "FreeBSD-SA-16:24", "refsource": "FREEBSD", "url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-16:24.ntp.asc" }, { "name": "SUSE-SU-2016:1912", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00026.html" }, { "name": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03757en_us", "refsource": "CONFIRM", "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03757en_us" }, { "name": "http://support.ntp.org/bin/view/Main/NtpBug3045", "refsource": "CONFIRM", "url": "http://support.ntp.org/bin/view/Main/NtpBug3045" }, { "name": "1036037", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1036037" }, { "name": "SUSE-SU-2016:1584", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00024.html" }, { "name": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", "refsource": "CONFIRM", "url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html" }, { "name": "SUSE-SU-2016:2094", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00042.html" }, { "name": "VU#321640", "refsource": "CERT-VN", "url": "http://www.kb.cert.org/vuls/id/321640" }, { "name": "http://support.ntp.org/bin/view/Main/SecurityNotice", "refsource": "CONFIRM", "url": "http://support.ntp.org/bin/view/Main/SecurityNotice" }, { "name": "http://bugs.ntp.org/3045", "refsource": "CONFIRM", "url": "http://bugs.ntp.org/3045" }, { "name": "openSUSE-SU-2016:1636", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00040.html" }, { "name": "SUSE-SU-2016:1563", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00018.html" }, { "name": "GLSA-201607-15", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201607-15" }, { "name": "http://packetstormsecurity.com/files/137321/Slackware-Security-Advisory-ntp-Updates.html", "refsource": "MISC", "url": "http://packetstormsecurity.com/files/137321/Slackware-Security-Advisory-ntp-Updates.html" }, { "name": "20160603 Multiple Vulnerabilities in Network Time Protocol Daemon Affecting Cisco Products: June 2016", "refsource": "CISCO", "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160603-ntpd" }, { "name": "20170607 [security bulletin] HPESBHF03757 rev.1 - HPE Network Products including Comware 5 and Comware 7 running NTP, Remote Denial of Service (DoS)", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/540683/100/0/threaded" }, { "name": "http://packetstormsecurity.com/files/137322/FreeBSD-Security-Advisory-FreeBSD-SA-16-24.ntp.html", "refsource": "MISC", "url": "http://packetstormsecurity.com/files/137322/FreeBSD-Security-Advisory-FreeBSD-SA-16-24.ntp.html" }, { "name": "SUSE-SU-2016:1568", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00020.html" }, { "name": "20160604 [slackware-security] ntp (SSA:2016-155-01)", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/538599/100/0/threaded" }, { "name": "20170607 [security bulletin] HPESBHF03757 rev.1 - HPE Network Products including Comware 5 and Comware 7 running NTP, Remote Denial of Service (DoS)", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/archive/1/540683/100/0/threaded" }, { "name": "20160604 FreeBSD Security Advisory FreeBSD-SA-16:24.ntp", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/538600/100/0/threaded" }, { "name": "VU#321640", "refsource": "CERT-VN", "url": "https://www.kb.cert.org/vuls/id/321640" }, { "name": "20160604 [slackware-security] ntp (SSA:2016-155-01)", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/archive/1/538599/100/0/threaded" }, { "name": "20160604 FreeBSD Security Advisory FreeBSD-SA-16:24.ntp", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/archive/1/538600/100/0/threaded" }, { "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-497656.pdf", "refsource": "CONFIRM", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-497656.pdf" }, { "name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-103-11", "refsource": "CONFIRM", "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-103-11" }, { "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-211752.pdf", "refsource": "CONFIRM", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-211752.pdf" }, { "name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-159-11", "refsource": "MISC", "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-159-11" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2016-4953", "datePublished": "2016-07-05T01:00:00", "dateReserved": "2016-05-23T00:00:00", "dateUpdated": "2024-08-06T00:46:39.916Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2015-7871 (GCVE-0-2015-7871)
Vulnerability from cvelistv5
Published
2017-08-07 20:00
Modified
2024-08-06 08:06
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
Crypto-NAK packets in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to bypass authentication.
References
▼ | URL | Tags |
---|---|---|
http://support.ntp.org/bin/view/Main/NtpBug2941 | x_refsource_CONFIRM | |
https://bugzilla.redhat.com/show_bug.cgi?id=1274265 | x_refsource_CONFIRM | |
http://www.securitytracker.com/id/1033951 | vdb-entry, x_refsource_SECTRACK | |
http://www.debian.org/security/2015/dsa-3388 | vendor-advisory, x_refsource_DEBIAN | |
http://www.securityfocus.com/bid/77287 | vdb-entry, x_refsource_BID | |
https://security.gentoo.org/glsa/201604-03 | vendor-advisory, x_refsource_GENTOO | |
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05270839 | x_refsource_CONFIRM | |
https://security.gentoo.org/glsa/201607-15 | vendor-advisory, x_refsource_GENTOO | |
https://security.netapp.com/advisory/ntap-20171004-0001/ | x_refsource_CONFIRM | |
https://cert-portal.siemens.com/productcert/pdf/ssa-497656.pdf | x_refsource_CONFIRM |
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T08:06:30.223Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://support.ntp.org/bin/view/Main/NtpBug2941" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1274265" }, { "name": "1033951", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1033951" }, { "name": "DSA-3388", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2015/dsa-3388" }, { "name": "77287", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/77287" }, { "name": "GLSA-201604-03", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201604-03" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05270839" }, { "name": "GLSA-201607-15", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201607-15" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20171004-0001/" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-497656.pdf" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2015-10-21T00:00:00", "descriptions": [ { "lang": "en", "value": "Crypto-NAK packets in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to bypass authentication." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2021-04-13T11:06:36", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "tags": [ "x_refsource_CONFIRM" ], "url": "http://support.ntp.org/bin/view/Main/NtpBug2941" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1274265" }, { "name": "1033951", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1033951" }, { "name": "DSA-3388", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2015/dsa-3388" }, { "name": "77287", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/77287" }, { "name": "GLSA-201604-03", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201604-03" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05270839" }, { "name": "GLSA-201607-15", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201607-15" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://security.netapp.com/advisory/ntap-20171004-0001/" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-497656.pdf" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2015-7871", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "Crypto-NAK packets in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to bypass authentication." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "http://support.ntp.org/bin/view/Main/NtpBug2941", "refsource": "CONFIRM", "url": "http://support.ntp.org/bin/view/Main/NtpBug2941" }, { "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1274265", "refsource": "CONFIRM", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1274265" }, { "name": "1033951", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1033951" }, { "name": "DSA-3388", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2015/dsa-3388" }, { "name": "77287", "refsource": "BID", "url": "http://www.securityfocus.com/bid/77287" }, { "name": "GLSA-201604-03", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201604-03" }, { "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05270839", "refsource": "CONFIRM", "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05270839" }, { "name": "GLSA-201607-15", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201607-15" }, { "name": "https://security.netapp.com/advisory/ntap-20171004-0001/", "refsource": "CONFIRM", "url": "https://security.netapp.com/advisory/ntap-20171004-0001/" }, { "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-497656.pdf", "refsource": "CONFIRM", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-497656.pdf" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2015-7871", "datePublished": "2017-08-07T20:00:00", "dateReserved": "2015-10-19T00:00:00", "dateUpdated": "2024-08-06T08:06:30.223Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2016-1548 (GCVE-0-2016-1548)
Vulnerability from cvelistv5
Published
2017-01-06 21:00
Modified
2024-08-05 23:02
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- unspecified
Summary
An attacker can spoof a packet from a legitimate ntpd server with an origin timestamp that matches the peer->dst timestamp recorded for that server. After making this switch, the client in NTP 4.2.8p4 and earlier and NTPSec aa48d001683e5b791a743ec9c575aaf7d867a2b0c will reject all future legitimate server responses. It is possible to force the victim client to move time after the mode has been changed. ntpq gives no indication that the mode has been switched.
References
Impacted products
Vendor | Product | Version | |||||||
---|---|---|---|---|---|---|---|---|---|
▼ | NTP Project | NTP |
Version: 4.2.8p4 |
||||||
|
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-05T23:02:11.744Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "USN-3096-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "http://www.ubuntu.com/usn/USN-3096-1" }, { "name": "DSA-3629", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2016/dsa-3629" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://www.talosintelligence.com/reports/TALOS-2016-0082/" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html" }, { "name": "RHSA-2016:1141", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "https://access.redhat.com/errata/RHSA-2016:1141" }, { "name": "SUSE-SU-2016:1912", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00026.html" }, { "name": "88264", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/88264" }, { "name": "VU#718152", "tags": [ "third-party-advisory", "x_refsource_CERT-VN", "x_transferred" ], "url": "https://www.kb.cert.org/vuls/id/718152" }, { "name": "RHSA-2016:1552", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-1552.html" }, { "name": "1035705", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1035705" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20171004-0002/" }, { "name": "20160428 Multiple Vulnerabilities in Network Time Protocol Daemon Affecting Cisco Products: April 2016", "tags": [ "vendor-advisory", "x_refsource_CISCO", "x_transferred" ], "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160428-ntpd" }, { "name": "FreeBSD-SA-16:16", "tags": [ "vendor-advisory", "x_refsource_FREEBSD", "x_transferred" ], "url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-16:16.ntp.asc" }, { "name": "SUSE-SU-2016:2094", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00042.html" }, { "name": "openSUSE-SU-2016:1423", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-updates/2016-05/msg00114.html" }, { "name": "GLSA-201607-15", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201607-15" }, { "name": "openSUSE-SU-2016:1329", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00052.html" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://packetstormsecurity.com/files/136864/Slackware-Security-Advisory-ntp-Updates.html" }, { "name": "SUSE-SU-2016:1471", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00001.html" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2016-0082" }, { "name": "FEDORA-2016-5b2eb0bf9c", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/184669.html" }, { "name": "SUSE-SU-2016:1291", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00037.html" }, { "name": "DSA-3629", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "https://www.debian.org/security/2016/dsa-3629" }, { "name": "20160429 [slackware-security] ntp (SSA:2016-120-01)", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/538233/100/0/threaded" }, { "name": "SUSE-SU-2016:1568", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00020.html" }, { "name": "20160429 [slackware-security] ntp (SSA:2016-120-01)", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/archive/1/538233/100/0/threaded" }, { "name": "SUSE-SU-2016:1278", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00034.html" }, { "name": "FEDORA-2016-ed8c6c0426", "tags": [ "vendor-advisory", "x_refsource_FEDORA", "x_transferred" ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183647.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-497656.pdf" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-103-11" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-211752.pdf" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-159-11" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1332-security-advisory-19" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "NTP", "vendor": "NTP Project", "versions": [ { "status": "affected", "version": "4.2.8p4" } ] }, { "product": "NTPSec", "vendor": "NTPsec Project", "versions": [ { "status": "affected", "version": "aa48d001683e5b791a743ec9c575aaf7d867a2b0c" } ] } ], "datePublic": "2016-04-26T00:00:00", "descriptions": [ { "lang": "en", "value": "An attacker can spoof a packet from a legitimate ntpd server with an origin timestamp that matches the peer-\u003edst timestamp recorded for that server. After making this switch, the client in NTP 4.2.8p4 and earlier and NTPSec aa48d001683e5b791a743ec9c575aaf7d867a2b0c will reject all future legitimate server responses. It is possible to force the victim client to move time after the mode has been changed. ntpq gives no indication that the mode has been switched." } ], "problemTypes": [ { "descriptions": [ { "description": "unspecified", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2021-11-05T17:22:11", "orgId": "37e5125f-f79b-445b-8fad-9564f167944b", "shortName": "certcc" }, "references": [ { "name": "USN-3096-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "http://www.ubuntu.com/usn/USN-3096-1" }, { "name": "DSA-3629", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2016/dsa-3629" }, { "tags": [ "x_refsource_MISC" ], "url": "http://www.talosintelligence.com/reports/TALOS-2016-0082/" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html" }, { "name": "RHSA-2016:1141", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "https://access.redhat.com/errata/RHSA-2016:1141" }, { "name": "SUSE-SU-2016:1912", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00026.html" }, { "name": "88264", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/88264" }, { "name": "VU#718152", "tags": [ "third-party-advisory", "x_refsource_CERT-VN" ], "url": "https://www.kb.cert.org/vuls/id/718152" }, { "name": "RHSA-2016:1552", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-1552.html" }, { "name": "1035705", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1035705" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://security.netapp.com/advisory/ntap-20171004-0002/" }, { "name": "20160428 Multiple Vulnerabilities in Network Time Protocol Daemon Affecting Cisco Products: April 2016", "tags": [ "vendor-advisory", "x_refsource_CISCO" ], "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160428-ntpd" }, { "name": "FreeBSD-SA-16:16", "tags": [ "vendor-advisory", "x_refsource_FREEBSD" ], "url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-16:16.ntp.asc" }, { "name": "SUSE-SU-2016:2094", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00042.html" }, { "name": "openSUSE-SU-2016:1423", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-updates/2016-05/msg00114.html" }, { "name": "GLSA-201607-15", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201607-15" }, { "name": "openSUSE-SU-2016:1329", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00052.html" }, { "tags": [ "x_refsource_MISC" ], "url": "http://packetstormsecurity.com/files/136864/Slackware-Security-Advisory-ntp-Updates.html" }, { "name": "SUSE-SU-2016:1471", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00001.html" }, { "tags": [ "x_refsource_MISC" ], "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2016-0082" }, { "name": "FEDORA-2016-5b2eb0bf9c", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/184669.html" }, { "name": "SUSE-SU-2016:1291", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00037.html" }, { "name": "DSA-3629", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "https://www.debian.org/security/2016/dsa-3629" }, { "name": "20160429 [slackware-security] ntp (SSA:2016-120-01)", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://www.securityfocus.com/archive/1/538233/100/0/threaded" }, { "name": "SUSE-SU-2016:1568", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00020.html" }, { "name": "20160429 [slackware-security] ntp (SSA:2016-120-01)", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://www.securityfocus.com/archive/1/archive/1/538233/100/0/threaded" }, { "name": "SUSE-SU-2016:1278", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00034.html" }, { "name": "FEDORA-2016-ed8c6c0426", "tags": [ "vendor-advisory", "x_refsource_FEDORA" ], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183647.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-497656.pdf" }, { "tags": [ "x_refsource_MISC" ], "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-103-11" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-211752.pdf" }, { "tags": [ "x_refsource_MISC" ], "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-159-11" }, { "tags": [ "x_refsource_MISC" ], "url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1332-security-advisory-19" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cert@cert.org", "ID": "CVE-2016-1548", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "NTP", "version": { "version_data": [ { "version_value": "4.2.8p4" } ] } } ] }, "vendor_name": "NTP Project" }, { "product": { "product_data": [ { "product_name": "NTPSec", "version": { "version_data": [ { "version_value": "aa48d001683e5b791a743ec9c575aaf7d867a2b0c" } ] } } ] }, "vendor_name": "NTPsec Project" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "An attacker can spoof a packet from a legitimate ntpd server with an origin timestamp that matches the peer-\u003edst timestamp recorded for that server. After making this switch, the client in NTP 4.2.8p4 and earlier and NTPSec aa48d001683e5b791a743ec9c575aaf7d867a2b0c will reject all future legitimate server responses. It is possible to force the victim client to move time after the mode has been changed. ntpq gives no indication that the mode has been switched." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "unspecified" } ] } ] }, "references": { "reference_data": [ { "name": "USN-3096-1", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/USN-3096-1" }, { "name": "DSA-3629", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2016/dsa-3629" }, { "name": "http://www.talosintelligence.com/reports/TALOS-2016-0082/", "refsource": "MISC", "url": "http://www.talosintelligence.com/reports/TALOS-2016-0082/" }, { "name": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html", "refsource": "CONFIRM", "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html" }, { "name": "RHSA-2016:1141", "refsource": "REDHAT", "url": "https://access.redhat.com/errata/RHSA-2016:1141" }, { "name": "SUSE-SU-2016:1912", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00026.html" }, { "name": "88264", "refsource": "BID", "url": "http://www.securityfocus.com/bid/88264" }, { "name": "VU#718152", "refsource": "CERT-VN", "url": "https://www.kb.cert.org/vuls/id/718152" }, { "name": "RHSA-2016:1552", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-1552.html" }, { "name": "1035705", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1035705" }, { "name": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html", "refsource": "CONFIRM", "url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.html" }, { "name": "https://security.netapp.com/advisory/ntap-20171004-0002/", "refsource": "CONFIRM", "url": "https://security.netapp.com/advisory/ntap-20171004-0002/" }, { "name": "20160428 Multiple Vulnerabilities in Network Time Protocol Daemon Affecting Cisco Products: April 2016", "refsource": "CISCO", "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160428-ntpd" }, { "name": "FreeBSD-SA-16:16", "refsource": "FREEBSD", "url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-16:16.ntp.asc" }, { "name": "SUSE-SU-2016:2094", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00042.html" }, { "name": "openSUSE-SU-2016:1423", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-updates/2016-05/msg00114.html" }, { "name": "GLSA-201607-15", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201607-15" }, { "name": "openSUSE-SU-2016:1329", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00052.html" }, { "name": "http://packetstormsecurity.com/files/136864/Slackware-Security-Advisory-ntp-Updates.html", "refsource": "MISC", "url": "http://packetstormsecurity.com/files/136864/Slackware-Security-Advisory-ntp-Updates.html" }, { "name": "SUSE-SU-2016:1471", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00001.html" }, { "name": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2016-0082", "refsource": "MISC", "url": "https://www.talosintelligence.com/vulnerability_reports/TALOS-2016-0082" }, { "name": "FEDORA-2016-5b2eb0bf9c", "refsource": "FEDORA", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/184669.html" }, { "name": "SUSE-SU-2016:1291", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00037.html" }, { "name": "DSA-3629", "refsource": "DEBIAN", "url": "https://www.debian.org/security/2016/dsa-3629" }, { "name": "20160429 [slackware-security] ntp (SSA:2016-120-01)", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/538233/100/0/threaded" }, { "name": "SUSE-SU-2016:1568", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00020.html" }, { "name": "20160429 [slackware-security] ntp (SSA:2016-120-01)", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/archive/1/538233/100/0/threaded" }, { "name": "SUSE-SU-2016:1278", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00034.html" }, { "name": "FEDORA-2016-ed8c6c0426", "refsource": "FEDORA", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2016-May/183647.html" }, { "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-497656.pdf", "refsource": "CONFIRM", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-497656.pdf" }, { "name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-103-11", "refsource": "MISC", "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-103-11" }, { "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-211752.pdf", "refsource": "CONFIRM", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-211752.pdf" }, { "name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-159-11", "refsource": "MISC", "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-159-11" }, { "name": "https://www.arista.com/en/support/advisories-notices/security-advisories/1332-security-advisory-19", "refsource": "MISC", "url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1332-security-advisory-19" } ] } } } }, "cveMetadata": { "assignerOrgId": "37e5125f-f79b-445b-8fad-9564f167944b", "assignerShortName": "certcc", "cveId": "CVE-2016-1548", "datePublished": "2017-01-06T21:00:00", "dateReserved": "2016-01-07T00:00:00", "dateUpdated": "2024-08-05T23:02:11.744Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2015-7974 (GCVE-0-2015-7974)
Vulnerability from cvelistv5
Published
2016-01-26 19:00
Modified
2024-08-06 08:06
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
NTP 4.x before 4.2.8p6 and 4.3.x before 4.3.90 do not verify peer associations of symmetric keys when authenticating packets, which might allow remote attackers to conduct impersonation attacks via an arbitrary trusted key, aka a "skeleton key."
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T08:06:31.462Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://www.talosintel.com/reports/TALOS-2016-0071/" }, { "name": "DSA-3629", "tags": [ "vendor-advisory", "x_refsource_DEBIAN", "x_transferred" ], "url": "http://www.debian.org/security/2016/dsa-3629" }, { "name": "81960", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/81960" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03766en_us" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://support.ntp.org/bin/view/Main/NtpBug2936" }, { "name": "1034782", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1034782" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03750en_us" }, { "name": "RHSA-2016:2583", "tags": [ "vendor-advisory", "x_refsource_REDHAT", "x_transferred" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-2583.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20171031-0001/" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://bugs.ntp.org/show_bug.cgi?id=2936" }, { "name": "FreeBSD-SA-16:09", "tags": [ "vendor-advisory", "x_refsource_FREEBSD", "x_transferred" ], "url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-16:09.ntp.asc" }, { "name": "GLSA-201607-15", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201607-15" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-497656.pdf" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-103-11" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-01-19T00:00:00", "descriptions": [ { "lang": "en", "value": "NTP 4.x before 4.2.8p6 and 4.3.x before 4.3.90 do not verify peer associations of symmetric keys when authenticating packets, which might allow remote attackers to conduct impersonation attacks via an arbitrary trusted key, aka a \"skeleton key.\"" } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2021-04-15T21:08:19", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "tags": [ "x_refsource_MISC" ], "url": "http://www.talosintel.com/reports/TALOS-2016-0071/" }, { "name": "DSA-3629", "tags": [ "vendor-advisory", "x_refsource_DEBIAN" ], "url": "http://www.debian.org/security/2016/dsa-3629" }, { "name": "81960", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/81960" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03766en_us" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://support.ntp.org/bin/view/Main/NtpBug2936" }, { "name": "1034782", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1034782" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03750en_us" }, { "name": "RHSA-2016:2583", "tags": [ "vendor-advisory", "x_refsource_REDHAT" ], "url": "http://rhn.redhat.com/errata/RHSA-2016-2583.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://security.netapp.com/advisory/ntap-20171031-0001/" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://bugs.ntp.org/show_bug.cgi?id=2936" }, { "name": "FreeBSD-SA-16:09", "tags": [ "vendor-advisory", "x_refsource_FREEBSD" ], "url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-16:09.ntp.asc" }, { "name": "GLSA-201607-15", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201607-15" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-497656.pdf" }, { "tags": [ "x_refsource_MISC" ], "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-103-11" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2015-7974", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "NTP 4.x before 4.2.8p6 and 4.3.x before 4.3.90 do not verify peer associations of symmetric keys when authenticating packets, which might allow remote attackers to conduct impersonation attacks via an arbitrary trusted key, aka a \"skeleton key.\"" } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "http://www.talosintel.com/reports/TALOS-2016-0071/", "refsource": "MISC", "url": "http://www.talosintel.com/reports/TALOS-2016-0071/" }, { "name": "DSA-3629", "refsource": "DEBIAN", "url": "http://www.debian.org/security/2016/dsa-3629" }, { "name": "81960", "refsource": "BID", "url": "http://www.securityfocus.com/bid/81960" }, { "name": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03766en_us", "refsource": "CONFIRM", "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03766en_us" }, { "name": "http://support.ntp.org/bin/view/Main/NtpBug2936", "refsource": "CONFIRM", "url": "http://support.ntp.org/bin/view/Main/NtpBug2936" }, { "name": "1034782", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1034782" }, { "name": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03750en_us", "refsource": "CONFIRM", "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03750en_us" }, { "name": "RHSA-2016:2583", "refsource": "REDHAT", "url": "http://rhn.redhat.com/errata/RHSA-2016-2583.html" }, { "name": "https://security.netapp.com/advisory/ntap-20171031-0001/", "refsource": "CONFIRM", "url": "https://security.netapp.com/advisory/ntap-20171031-0001/" }, { "name": "http://bugs.ntp.org/show_bug.cgi?id=2936", "refsource": "CONFIRM", "url": "http://bugs.ntp.org/show_bug.cgi?id=2936" }, { "name": "FreeBSD-SA-16:09", "refsource": "FREEBSD", "url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-16:09.ntp.asc" }, { "name": "GLSA-201607-15", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201607-15" }, { "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-497656.pdf", "refsource": "CONFIRM", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-497656.pdf" }, { "name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-103-11", "refsource": "MISC", "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-103-11" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2015-7974", "datePublished": "2016-01-26T19:00:00", "dateReserved": "2015-10-23T00:00:00", "dateUpdated": "2024-08-06T08:06:31.462Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2015-7705 (GCVE-0-2015-7705)
Vulnerability from cvelistv5
Published
2017-08-07 20:00
Modified
2024-08-06 07:58
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
The rate limiting feature in NTP 4.x before 4.2.8p4 and 4.3.x before 4.3.77 allows remote attackers to have unspecified impact via a large number of crafted requests.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T07:58:59.826Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "SUSE-SU-2016:1912", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00026.html" }, { "name": "VU#718152", "tags": [ "third-party-advisory", "x_refsource_CERT-VN", "x_transferred" ], "url": "https://www.kb.cert.org/vuls/id/718152" }, { "name": "USN-2783-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "http://www.ubuntu.com/usn/USN-2783-1" }, { "name": "SUSE-SU-2016:1247", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00020.html" }, { "name": "77284", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/77284" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://support.citrix.com/article/CTX220112" }, { "name": "1033951", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1033951" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://support.ntp.org/bin/view/Main/SecurityNotice#October_2015_NTP_4_2_8p4_Securit" }, { "name": "SUSE-SU-2016:1311", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00048.html" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.cs.bu.edu/~goldbe/NTPattack.html" }, { "name": "SUSE-SU-2016:2094", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00042.html" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://eprint.iacr.org/2015/1020.pdf" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05270839" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1274184" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://support.ntp.org/bin/view/Main/NtpBug2901" }, { "name": "openSUSE-SU-2016:1423", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-updates/2016-05/msg00114.html" }, { "name": "GLSA-201607-15", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201607-15" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20171004-0001/" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "http://packetstormsecurity.com/files/134137/Slackware-Security-Advisory-ntp-Updates.html" }, { "name": "openSUSE-SU-2016:1329", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00052.html" }, { "name": "20151021 Multiple Vulnerabilities in ntpd Affecting Cisco Products - October 2015", "tags": [ "vendor-advisory", "x_refsource_CISCO", "x_transferred" ], "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151021-ntp" }, { "name": "SUSE-SU-2016:1471", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00001.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://bto.bluecoat.com/security-advisory/sa103" }, { "name": "SUSE-SU-2016:1291", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00037.html" }, { "name": "SUSE-SU-2016:1568", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00020.html" }, { "name": "openSUSE-SU-2015:2016", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-updates/2015-11/msg00093.html" }, { "name": "SUSE-SU-2016:1278", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00034.html" }, { "name": "20151029 [slackware-security] ntp (SSA:2015-302-03)", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/536796/100/0/threaded" }, { "name": "20151029 [slackware-security] ntp (SSA:2015-302-03)", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/archive/1/536796/100/100/threaded" }, { "name": "20151022 Cisco Security Advisory: Multiple Vulnerabilities in ntpd Affecting Cisco Products - October 2015", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/536737/100/0/threaded" }, { "name": "20151022 Cisco Security Advisory: Multiple Vulnerabilities in ntpd Affecting Cisco Products - October 2015", "tags": [ "mailing-list", "x_refsource_BUGTRAQ", "x_transferred" ], "url": "http://www.securityfocus.com/archive/1/archive/1/536737/100/100/threaded" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-497656.pdf" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-103-11" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-211752.pdf" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-159-11" }, { "tags": [ "x_refsource_MISC", "x_transferred" ], "url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1212-security-advisory-0016" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2015-10-23T00:00:00", "descriptions": [ { "lang": "en", "value": "The rate limiting feature in NTP 4.x before 4.2.8p4 and 4.3.x before 4.3.77 allows remote attackers to have unspecified impact via a large number of crafted requests." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2021-11-05T16:56:48", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "SUSE-SU-2016:1912", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00026.html" }, { "name": "VU#718152", "tags": [ "third-party-advisory", "x_refsource_CERT-VN" ], "url": "https://www.kb.cert.org/vuls/id/718152" }, { "name": "USN-2783-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "http://www.ubuntu.com/usn/USN-2783-1" }, { "name": "SUSE-SU-2016:1247", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00020.html" }, { "name": "77284", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/77284" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://support.citrix.com/article/CTX220112" }, { "name": "1033951", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1033951" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://support.ntp.org/bin/view/Main/SecurityNotice#October_2015_NTP_4_2_8p4_Securit" }, { "name": "SUSE-SU-2016:1311", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00048.html" }, { "tags": [ "x_refsource_MISC" ], "url": "https://www.cs.bu.edu/~goldbe/NTPattack.html" }, { "name": "SUSE-SU-2016:2094", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00042.html" }, { "tags": [ "x_refsource_MISC" ], "url": "https://eprint.iacr.org/2015/1020.pdf" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05270839" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1274184" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://support.ntp.org/bin/view/Main/NtpBug2901" }, { "name": "openSUSE-SU-2016:1423", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-updates/2016-05/msg00114.html" }, { "name": "GLSA-201607-15", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201607-15" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://security.netapp.com/advisory/ntap-20171004-0001/" }, { "tags": [ "x_refsource_MISC" ], "url": "http://packetstormsecurity.com/files/134137/Slackware-Security-Advisory-ntp-Updates.html" }, { "name": "openSUSE-SU-2016:1329", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00052.html" }, { "name": "20151021 Multiple Vulnerabilities in ntpd Affecting Cisco Products - October 2015", "tags": [ "vendor-advisory", "x_refsource_CISCO" ], "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151021-ntp" }, { "name": "SUSE-SU-2016:1471", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00001.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://bto.bluecoat.com/security-advisory/sa103" }, { "name": "SUSE-SU-2016:1291", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00037.html" }, { "name": "SUSE-SU-2016:1568", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00020.html" }, { "name": "openSUSE-SU-2015:2016", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-updates/2015-11/msg00093.html" }, { "name": "SUSE-SU-2016:1278", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00034.html" }, { "name": "20151029 [slackware-security] ntp (SSA:2015-302-03)", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://www.securityfocus.com/archive/1/536796/100/0/threaded" }, { "name": "20151029 [slackware-security] ntp (SSA:2015-302-03)", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://www.securityfocus.com/archive/1/archive/1/536796/100/100/threaded" }, { "name": "20151022 Cisco Security Advisory: Multiple Vulnerabilities in ntpd Affecting Cisco Products - October 2015", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://www.securityfocus.com/archive/1/536737/100/0/threaded" }, { "name": "20151022 Cisco Security Advisory: Multiple Vulnerabilities in ntpd Affecting Cisco Products - October 2015", "tags": [ "mailing-list", "x_refsource_BUGTRAQ" ], "url": "http://www.securityfocus.com/archive/1/archive/1/536737/100/100/threaded" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-497656.pdf" }, { "tags": [ "x_refsource_MISC" ], "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-103-11" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-211752.pdf" }, { "tags": [ "x_refsource_MISC" ], "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-159-11" }, { "tags": [ "x_refsource_MISC" ], "url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1212-security-advisory-0016" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2015-7705", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "The rate limiting feature in NTP 4.x before 4.2.8p4 and 4.3.x before 4.3.77 allows remote attackers to have unspecified impact via a large number of crafted requests." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "SUSE-SU-2016:1912", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00026.html" }, { "name": "VU#718152", "refsource": "CERT-VN", "url": "https://www.kb.cert.org/vuls/id/718152" }, { "name": "USN-2783-1", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/USN-2783-1" }, { "name": "SUSE-SU-2016:1247", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00020.html" }, { "name": "77284", "refsource": "BID", "url": "http://www.securityfocus.com/bid/77284" }, { "name": "https://support.citrix.com/article/CTX220112", "refsource": "CONFIRM", "url": "https://support.citrix.com/article/CTX220112" }, { "name": "1033951", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1033951" }, { "name": "http://support.ntp.org/bin/view/Main/SecurityNotice#October_2015_NTP_4_2_8p4_Securit", "refsource": "CONFIRM", "url": "http://support.ntp.org/bin/view/Main/SecurityNotice#October_2015_NTP_4_2_8p4_Securit" }, { "name": "SUSE-SU-2016:1311", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00048.html" }, { "name": "https://www.cs.bu.edu/~goldbe/NTPattack.html", "refsource": "MISC", "url": "https://www.cs.bu.edu/~goldbe/NTPattack.html" }, { "name": "SUSE-SU-2016:2094", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00042.html" }, { "name": "https://eprint.iacr.org/2015/1020.pdf", "refsource": "MISC", "url": "https://eprint.iacr.org/2015/1020.pdf" }, { "name": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05270839", "refsource": "CONFIRM", "url": "https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05270839" }, { "name": "https://bugzilla.redhat.com/show_bug.cgi?id=1274184", "refsource": "CONFIRM", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1274184" }, { "name": "http://support.ntp.org/bin/view/Main/NtpBug2901", "refsource": "CONFIRM", "url": "http://support.ntp.org/bin/view/Main/NtpBug2901" }, { "name": "openSUSE-SU-2016:1423", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-updates/2016-05/msg00114.html" }, { "name": "GLSA-201607-15", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201607-15" }, { "name": "https://security.netapp.com/advisory/ntap-20171004-0001/", "refsource": "CONFIRM", "url": "https://security.netapp.com/advisory/ntap-20171004-0001/" }, { "name": "http://packetstormsecurity.com/files/134137/Slackware-Security-Advisory-ntp-Updates.html", "refsource": "MISC", "url": "http://packetstormsecurity.com/files/134137/Slackware-Security-Advisory-ntp-Updates.html" }, { "name": "openSUSE-SU-2016:1329", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00052.html" }, { "name": "20151021 Multiple Vulnerabilities in ntpd Affecting Cisco Products - October 2015", "refsource": "CISCO", "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151021-ntp" }, { "name": "SUSE-SU-2016:1471", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00001.html" }, { "name": "https://bto.bluecoat.com/security-advisory/sa103", "refsource": "CONFIRM", "url": "https://bto.bluecoat.com/security-advisory/sa103" }, { "name": "SUSE-SU-2016:1291", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00037.html" }, { "name": "SUSE-SU-2016:1568", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00020.html" }, { "name": "openSUSE-SU-2015:2016", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-updates/2015-11/msg00093.html" }, { "name": "SUSE-SU-2016:1278", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00034.html" }, { "name": "20151029 [slackware-security] ntp (SSA:2015-302-03)", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/536796/100/0/threaded" }, { "name": "20151029 [slackware-security] ntp (SSA:2015-302-03)", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/archive/1/536796/100/100/threaded" }, { "name": "20151022 Cisco Security Advisory: Multiple Vulnerabilities in ntpd Affecting Cisco Products - October 2015", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/536737/100/0/threaded" }, { "name": "20151022 Cisco Security Advisory: Multiple Vulnerabilities in ntpd Affecting Cisco Products - October 2015", "refsource": "BUGTRAQ", "url": "http://www.securityfocus.com/archive/1/archive/1/536737/100/100/threaded" }, { "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-497656.pdf", "refsource": "CONFIRM", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-497656.pdf" }, { "name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-103-11", "refsource": "MISC", "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-103-11" }, { "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-211752.pdf", "refsource": "CONFIRM", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-211752.pdf" }, { "name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-159-11", "refsource": "MISC", "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-159-11" }, { "name": "https://www.arista.com/en/support/advisories-notices/security-advisories/1212-security-advisory-0016", "refsource": "MISC", "url": "https://www.arista.com/en/support/advisories-notices/security-advisories/1212-security-advisory-0016" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2015-7705", "datePublished": "2017-08-07T20:00:00", "dateReserved": "2015-10-04T00:00:00", "dateUpdated": "2024-08-06T07:58:59.826Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
CVE-2015-7973 (GCVE-0-2015-7973)
Vulnerability from cvelistv5
Published
2017-01-30 21:00
Modified
2024-08-06 08:06
Severity ?
VLAI Severity ?
EPSS score ?
CWE
- n/a
Summary
NTP before 4.2.8p6 and 4.3.x before 4.3.90, when configured in broadcast mode, allows man-in-the-middle attackers to conduct replay attacks by sniffing the network.
References
{ "containers": { "adp": [ { "providerMetadata": { "dateUpdated": "2024-08-06T08:06:31.462Z", "orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE" }, "references": [ { "name": "20160120 Multiple Vulnerabilities in Network Time Protocol Daemon Affecting Cisco Products - January 2016", "tags": [ "vendor-advisory", "x_refsource_CISCO", "x_transferred" ], "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160127-ntpd" }, { "name": "USN-3096-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU", "x_transferred" ], "url": "http://www.ubuntu.com/usn/USN-3096-1" }, { "name": "SUSE-SU-2016:1177", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00060.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03766en_us" }, { "name": "SUSE-SU-2016:1912", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00026.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "http://support.ntp.org/bin/view/Main/NtpBug2935" }, { "name": "1034782", "tags": [ "vdb-entry", "x_refsource_SECTRACK", "x_transferred" ], "url": "http://www.securitytracker.com/id/1034782" }, { "name": "openSUSE-SU-2016:1292", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00038.html" }, { "name": "VU#718152", "tags": [ "third-party-advisory", "x_refsource_CERT-VN", "x_transferred" ], "url": "https://www.kb.cert.org/vuls/id/718152" }, { "name": "SUSE-SU-2016:1247", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00020.html" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03750en_us" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://security.netapp.com/advisory/ntap-20171031-0001/" }, { "name": "SUSE-SU-2016:1311", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00048.html" }, { "name": "81963", "tags": [ "vdb-entry", "x_refsource_BID", "x_transferred" ], "url": "http://www.securityfocus.com/bid/81963" }, { "name": "SUSE-SU-2016:2094", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00042.html" }, { "name": "SUSE-SU-2016:1175", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00059.html" }, { "name": "FreeBSD-SA-16:09", "tags": [ "vendor-advisory", "x_refsource_FREEBSD", "x_transferred" ], "url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-16:09.ntp.asc" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://bto.bluecoat.com/security-advisory/sa113" }, { "name": "openSUSE-SU-2016:1423", "tags": [ "vendor-advisory", "x_refsource_SUSE", "x_transferred" ], "url": "http://lists.opensuse.org/opensuse-updates/2016-05/msg00114.html" }, { "name": "GLSA-201607-15", "tags": [ "vendor-advisory", "x_refsource_GENTOO", "x_transferred" ], "url": "https://security.gentoo.org/glsa/201607-15" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-497656.pdf" }, { "tags": [ "x_refsource_CONFIRM", "x_transferred" ], "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-103-11" } ], "title": "CVE Program Container" } ], "cna": { "affected": [ { "product": "n/a", "vendor": "n/a", "versions": [ { "status": "affected", "version": "n/a" } ] } ], "datePublic": "2016-01-20T00:00:00", "descriptions": [ { "lang": "en", "value": "NTP before 4.2.8p6 and 4.3.x before 4.3.90, when configured in broadcast mode, allows man-in-the-middle attackers to conduct replay attacks by sniffing the network." } ], "problemTypes": [ { "descriptions": [ { "description": "n/a", "lang": "en", "type": "text" } ] } ], "providerMetadata": { "dateUpdated": "2021-04-15T20:40:17", "orgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "shortName": "mitre" }, "references": [ { "name": "20160120 Multiple Vulnerabilities in Network Time Protocol Daemon Affecting Cisco Products - January 2016", "tags": [ "vendor-advisory", "x_refsource_CISCO" ], "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160127-ntpd" }, { "name": "USN-3096-1", "tags": [ "vendor-advisory", "x_refsource_UBUNTU" ], "url": "http://www.ubuntu.com/usn/USN-3096-1" }, { "name": "SUSE-SU-2016:1177", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00060.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03766en_us" }, { "name": "SUSE-SU-2016:1912", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00026.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "http://support.ntp.org/bin/view/Main/NtpBug2935" }, { "name": "1034782", "tags": [ "vdb-entry", "x_refsource_SECTRACK" ], "url": "http://www.securitytracker.com/id/1034782" }, { "name": "openSUSE-SU-2016:1292", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00038.html" }, { "name": "VU#718152", "tags": [ "third-party-advisory", "x_refsource_CERT-VN" ], "url": "https://www.kb.cert.org/vuls/id/718152" }, { "name": "SUSE-SU-2016:1247", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00020.html" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03750en_us" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://security.netapp.com/advisory/ntap-20171031-0001/" }, { "name": "SUSE-SU-2016:1311", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00048.html" }, { "name": "81963", "tags": [ "vdb-entry", "x_refsource_BID" ], "url": "http://www.securityfocus.com/bid/81963" }, { "name": "SUSE-SU-2016:2094", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00042.html" }, { "name": "SUSE-SU-2016:1175", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00059.html" }, { "name": "FreeBSD-SA-16:09", "tags": [ "vendor-advisory", "x_refsource_FREEBSD" ], "url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-16:09.ntp.asc" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://bto.bluecoat.com/security-advisory/sa113" }, { "name": "openSUSE-SU-2016:1423", "tags": [ "vendor-advisory", "x_refsource_SUSE" ], "url": "http://lists.opensuse.org/opensuse-updates/2016-05/msg00114.html" }, { "name": "GLSA-201607-15", "tags": [ "vendor-advisory", "x_refsource_GENTOO" ], "url": "https://security.gentoo.org/glsa/201607-15" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-497656.pdf" }, { "tags": [ "x_refsource_CONFIRM" ], "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-103-11" } ], "x_legacyV4Record": { "CVE_data_meta": { "ASSIGNER": "cve@mitre.org", "ID": "CVE-2015-7973", "STATE": "PUBLIC" }, "affects": { "vendor": { "vendor_data": [ { "product": { "product_data": [ { "product_name": "n/a", "version": { "version_data": [ { "version_value": "n/a" } ] } } ] }, "vendor_name": "n/a" } ] } }, "data_format": "MITRE", "data_type": "CVE", "data_version": "4.0", "description": { "description_data": [ { "lang": "eng", "value": "NTP before 4.2.8p6 and 4.3.x before 4.3.90, when configured in broadcast mode, allows man-in-the-middle attackers to conduct replay attacks by sniffing the network." } ] }, "problemtype": { "problemtype_data": [ { "description": [ { "lang": "eng", "value": "n/a" } ] } ] }, "references": { "reference_data": [ { "name": "20160120 Multiple Vulnerabilities in Network Time Protocol Daemon Affecting Cisco Products - January 2016", "refsource": "CISCO", "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160127-ntpd" }, { "name": "USN-3096-1", "refsource": "UBUNTU", "url": "http://www.ubuntu.com/usn/USN-3096-1" }, { "name": "SUSE-SU-2016:1177", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00060.html" }, { "name": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03766en_us", "refsource": "CONFIRM", "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03766en_us" }, { "name": "SUSE-SU-2016:1912", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00026.html" }, { "name": "http://support.ntp.org/bin/view/Main/NtpBug2935", "refsource": "CONFIRM", "url": "http://support.ntp.org/bin/view/Main/NtpBug2935" }, { "name": "1034782", "refsource": "SECTRACK", "url": "http://www.securitytracker.com/id/1034782" }, { "name": "openSUSE-SU-2016:1292", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00038.html" }, { "name": "VU#718152", "refsource": "CERT-VN", "url": "https://www.kb.cert.org/vuls/id/718152" }, { "name": "SUSE-SU-2016:1247", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00020.html" }, { "name": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03750en_us", "refsource": "CONFIRM", "url": "https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US\u0026docId=emr_na-hpesbhf03750en_us" }, { "name": "https://security.netapp.com/advisory/ntap-20171031-0001/", "refsource": "CONFIRM", "url": "https://security.netapp.com/advisory/ntap-20171031-0001/" }, { "name": "SUSE-SU-2016:1311", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00048.html" }, { "name": "81963", "refsource": "BID", "url": "http://www.securityfocus.com/bid/81963" }, { "name": "SUSE-SU-2016:2094", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00042.html" }, { "name": "SUSE-SU-2016:1175", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00059.html" }, { "name": "FreeBSD-SA-16:09", "refsource": "FREEBSD", "url": "https://security.FreeBSD.org/advisories/FreeBSD-SA-16:09.ntp.asc" }, { "name": "https://bto.bluecoat.com/security-advisory/sa113", "refsource": "CONFIRM", "url": "https://bto.bluecoat.com/security-advisory/sa113" }, { "name": "openSUSE-SU-2016:1423", "refsource": "SUSE", "url": "http://lists.opensuse.org/opensuse-updates/2016-05/msg00114.html" }, { "name": "GLSA-201607-15", "refsource": "GENTOO", "url": "https://security.gentoo.org/glsa/201607-15" }, { "name": "https://cert-portal.siemens.com/productcert/pdf/ssa-497656.pdf", "refsource": "CONFIRM", "url": "https://cert-portal.siemens.com/productcert/pdf/ssa-497656.pdf" }, { "name": "https://us-cert.cisa.gov/ics/advisories/icsa-21-103-11", "refsource": "CONFIRM", "url": "https://us-cert.cisa.gov/ics/advisories/icsa-21-103-11" } ] } } } }, "cveMetadata": { "assignerOrgId": "8254265b-2729-46b6-b9e3-3dfca2d5bfca", "assignerShortName": "mitre", "cveId": "CVE-2015-7973", "datePublished": "2017-01-30T21:00:00", "dateReserved": "2015-10-23T00:00:00", "dateUpdated": "2024-08-06T08:06:31.462Z", "state": "PUBLISHED" }, "dataType": "CVE_RECORD", "dataVersion": "5.1" }
Loading…
Loading…
Sightings
Author | Source | Type | Date |
---|
Nomenclature
- Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
- Confirmed: The vulnerability is confirmed from an analyst perspective.
- Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
- Patched: This vulnerability was successfully patched by the user reporting the sighting.
- Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
- Not confirmed: The user expresses doubt about the veracity of the vulnerability.
- Not patched: This vulnerability was not successfully patched by the user reporting the sighting.
Loading…