CVE-2015-1798
Summary
| CVE | CVE-2015-1798 |
|---|---|
| State | PUBLIC |
| Assigner | [email protected] |
| Source Priority | CVE Program / NVD first with legacy fallback |
| Published | 2015-04-08 10:59:00 UTC |
| Updated | 2023-02-12 23:15:00 UTC |
| Description | The symmetric-key feature in the receive function in ntp_proto.c in ntpd in NTP 4.x before 4.2.8p2 requires a correct MAC only if the MAC field has a nonzero length, which makes it easier for man-in-the-middle attackers to spoof packets by omitting the MAC. |
Risk And Classification
Problem Types: CWE-17
NVD Known Affected Configurations (CPE 2.3)
References
| Reference | Source | Link | Tags |
|---|---|---|---|
| About the security content of OS X Yosemite v10.10.4 and Security Update 2015-005 - Apple Support | CONFIRM | support.apple.com | |
| [SECURITY] Fedora 22 Update: ntp-4.2.6p5-30.fc22 | FEDORA | lists.fedoraproject.org | |
| support.ntp.org/bin/view/Main/SecurityNotice | CONFIRM | support.ntp.org | Vendor Advisory |
| Ntpd MAC Checking Failure Lets Remote Users Bypass Authentication - SecurityTracker | SECTRACK | www.securitytracker.com | |
| Multiple Vulnerabilities in ntpd (April 2015) Affecting Cisco Products | CISCO | tools.cisco.com | |
| '[security bulletin] HPSBUX03333 SSRT102029 rev.1 - HP-UX Running NTP, Remote Denial of Service (DoS)' - MARC | HP | marc.info | |
| Gentoo Security | GENTOO | security.gentoo.org | |
| APPLE-SA-2015-06-30-2 OS X Yosemite v10.10.4 and Security Update 2015-005 | APPLE | lists.apple.com | |
| NTP CVE-2015-1798 Man in the Middle Security Bypass Vulnerability | BID | www.securityfocus.com | |
| Red Hat Customer Portal | REDHAT | rhn.redhat.com | |
| [SECURITY] Fedora 20 Update: ntp-4.2.6p5-22.fc20 | FEDORA | lists.fedoraproject.org | |
| Red Hat Customer Portal | MISC | access.redhat.com | |
| Vulnerability Note VU#374268 - NTP Project ntpd reference implementation contains multiple vulnerabilities | CERT-VN | www.kb.cert.org | Third Party Advisory, US Government Resource |
| Oracle Linux Bulletin - October 2015 | CONFIRM | www.oracle.com | |
| Red Hat Customer Portal | MISC | access.redhat.com | |
| Bug 2779 – ntpd accepts unauthenticated packets with symmetric key crypto | CONFIRM | bugs.ntp.org | |
| access.redhat.com | CVE-2015-1798 | MISC | access.redhat.com | |
| McAfee KnowledgeBase - Intel Security - Security Bulletin: Asset Manager 6.6 and Firewall Enterprise patches resolve two NTP vulnerabilities: CVE-2015-1798 and CVE-2015-1799 | CONFIRM | kc.mcafee.com | |
| openSUSE-SU-2015:0775-1: moderate: Security update for ntp | SUSE | lists.opensuse.org | |
| Support / Security / Advisories / / MDVSA-2015:202 | Mandriva | MANDRIVA | www.mandriva.com | |
| USN-2567-1: NTP vulnerabilities | Ubuntu | UBUNTU | www.ubuntu.com | |
| Oracle Solaris Third Party Bulletin - April 2015 | CONFIRM | www.oracle.com | |
| Debian -- Security Information -- DSA-3223-1 ntp | DEBIAN | www.debian.org | |
| Network Time Protocol Daemon MAC Checking Failure Authentication Bypass Vulnerability | CISCO | tools.cisco.com | |
| Bug 1199430 – CVE-2015-1798 ntp: ntpd accepts unauthenticated packets with symmetric key crypto | MISC | bugzilla.redhat.com | |
| CVE Program record | CVE.ORG | www.cve.org | canonical |
| NVD vulnerability detail | NVD | nvd.nist.gov | canonical, analysis |
No vendor comments have been submitted for this CVE.
Legacy QID Mappings
- 590349 Rockwell Automation Stratix 5900 Multiple Vulnerabilities (ICSA-17-094-04)