Page 18 of 100 results (0.010 seconds)

CVSS: 5.8EPSS: 1%CPEs: 9EXPL: 0

CVE-2014-9750 – ntp: vallen in extension fields are not validated

https://notcve.org/view.php?id=CVE-2014-9750

ntp_crypto.c in ntpd in NTP 4.x before 4.2.8p1, when Autokey Authentication is enabled, allows remote attackers to obtain sensitive information from process memory or cause a denial of service (daemon crash) via a packet containing an extension field with an invalid value for the length of its value field. ntp_crypto.c en ntpd en NTP 4.x en versiones anteriores a 4.2.8p1, cuando Autokey Authentication está habilitada, permite a atacantes remotos obtener información sensible de la memoria de proceso o causar una denegación de servicio (caída del demonio) a través de un paquete que contiene un campo extension con un valor no válido para la longitud de su campo de valor. A stack-based buffer overflow was found in the way the NTP autokey protocol was implemented. When an NTP client decrypted a secret received from an NTP server, it could cause that client to crash. • http://bugs.ntp.org/show_bug.cgi?id=2671 http://rhn.redhat.com/errata/RHSA-2015-1459.html http://support.ntp.org/bin/view/Main/SecurityNotice#December_2014_NTP_Security_Vulne http://www.debian.org/security/2015/dsa-3388 http://www.kb.cert.org/vuls/id/852879 http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html http://www.securityfocus.com/bid/72583 https://bugzilla.redhat.com/show_bug.cgi?id=1184573 https://support.hpe.com/hpsc/doc/public&#x • CWE-20: Improper Input Validation •

CVSS: 7.5EPSS: 0%CPEs: 28EXPL: 0

CVE-2015-3405 – ntp: ntp-keygen may generate non-random symmetric keys on big-endian systems

https://notcve.org/view.php?id=CVE-2015-3405

ntp-keygen in ntp 4.2.8px before 4.2.8p2-RC2 and 4.3.x before 4.3.12 does not generate MD5 keys with sufficient entropy on big endian machines when the lowest order byte of the temp variable is between 0x20 and 0x7f and not #, which might allow remote attackers to obtain the value of generated MD5 keys via a brute force attack with the 93 possible keys. ntp-keygen en ntp en versiones 4.2.8px anteriores a la 4.2.8p2-RC2 y en versiones 4.3.x anteriores a la 4.3.12 no genera claves MD5 con la suficiente entropía en máquinas big endian cuando el byte de menor orden de la variable temp se sitúa entre 0x20 y 0x7f y no #. Esto podría permitir que atacantes remotos obtengan el valor de las claves MD5 generadas mediante un ataque de fuerza bruta con las 93 claves posibles. A flaw was found in the way the ntp-keygen utility generated MD5 symmetric keys on big-endian systems. An attacker could possibly use this flaw to guess generated MD5 keys, which could then be used to spoof an NTP client or server. • http://bk1.ntp.org/ntp-stable/?PAGE=patch&REV=55199296N2gFqH1Hm5GOnhrk9Ypygg http://lists.fedoraproject.org/pipermail/package-announce/2015-April/156248.html http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00000.html http://rhn.redhat.com/errata/RHSA-2015-1459.html http://rhn.redhat.com/errata/RHSA-2015-2231.html http://www.debian.org/security/2015/dsa-3223 http://www.debian.org/security/2015/dsa-3388 http://www.openwall.com/lists/oss-security/2015/04/23/14 http& • CWE-330: Use of Insufficiently Random Values CWE-331: Insufficient Entropy •

CVSS: 5.3EPSS: 1%CPEs: 6EXPL: 0

CVE-2015-5146

https://notcve.org/view.php?id=CVE-2015-5146

ntpd in ntp before 4.2.8p3 with remote configuration enabled allows remote authenticated users with knowledge of the configuration password and access to a computer entrusted to perform remote configuration to cause a denial of service (service crash) via a NULL byte in a crafted configuration directive packet. ntpd en ntp en versiones anteriores a la 4.2.8p3 con la configuración remota habilitada permite que usuarios remotos autenticados que conozcan la contraseña de configuración y acceso a un ordenador asignado para realizar configuraciones remotas provoquen una denegación de servicio (bloque de servicio) mediante un byte NULL en una directiva de paquete de configuración manipulada. • http://bugs.ntp.org/show_bug.cgi?id=2853 http://lists.fedoraproject.org/pipermail/package-announce/2015-November/170926.html http://lists.fedoraproject.org/pipermail/package-announce/2015-October/169167.html http://lists.fedoraproject.org/pipermail/package-announce/2015-September/166992.html http://support.ntp.org/bin/view/Main/SecurityNotice#March_2017_ntp_4_2_8p10_NTP_Secu http://www.debian.org/security/2015/dsa-3388 http://www.securityfocus.com/bid/75589 http://www.securitytracker.com/ • CWE-20: Improper Input Validation •

CVSS: 2.6EPSS: 0%CPEs: 1EXPL: 0

CVE-2015-1798 – ntp: ntpd accepts unauthenticated packets with symmetric key crypto

https://notcve.org/view.php?id=CVE-2015-1798

The symmetric-key feature in the receive function in ntp_proto.c in ntpd in NTP 4.x before 4.2.8p2 requires a correct MAC only if the MAC field has a nonzero length, which makes it easier for man-in-the-middle attackers to spoof packets by omitting the MAC. La característica symmetric-key en la función receive en ntp_proto.c en ntpd en NTP 4.x anterior a 4.2.8p2 requiere un MAC correcto únicamente si el campo MAC tiene una longitud que no sea cero, lo que facilita a atacantes man-in-the-middle falsificar paquetes mediante la omisión del MAC. It was found that ntpd did not check whether a Message Authentication Code (MAC) was present in a received packet when ntpd was configured to use symmetric cryptographic keys. A man-in-the-middle attacker could use this flaw to send crafted packets that would be accepted by a client or a peer without the attacker knowing the symmetric key. • http://bugs.ntp.org/show_bug.cgi?id=2779 http://lists.apple.com/archives/security-announce/2015/Jun/msg00002.html http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155863.html http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155864.html http://lists.opensuse.org/opensuse-updates/2015-04/msg00052.html http://marc.info/?l=bugtraq&m=143213867103400&w=2 http://rhn.redhat.com/errata/RHSA-2015-1459.html http://support.apple.com/kb/HT204942 http: • CWE-17: DEPRECATED: Code CWE-347: Improper Verification of Cryptographic Signature •

CVSS: 4.3EPSS: 0%CPEs: 1EXPL: 0

CVE-2015-1799 – ntp: authentication doesn't protect symmetric associations against DoS attacks

https://notcve.org/view.php?id=CVE-2015-1799

The symmetric-key feature in the receive function in ntp_proto.c in ntpd in NTP 3.x and 4.x before 4.2.8p2 performs state-variable updates upon receiving certain invalid packets, which makes it easier for man-in-the-middle attackers to cause a denial of service (synchronization loss) by spoofing the source IP address of a peer. La característica symmetric-key en la función receive en ntp_proto.c en ntpd en NTP 3.x y 4.x anterior a 4.2.8p2 realiza actualizaciones de las variables de estados al recibir ciertos paquetes inválidos, lo que facilita a atacantes man-in-the-middle causar una denegación de servicio (perdida de sincronización) mediante la falsificación de la dirección del IP de fuente de un par. A denial of service flaw was found in the way NTP hosts that were peering with each other authenticated themselves before updating their internal state variables. An attacker could send packets to one peer host, which could cascade to other peers, and stop the synchronization process among the reached peers. • http://bugs.ntp.org/show_bug.cgi?id=2781 http://listengine.tuxfamily.org/chrony.tuxfamily.org/chrony-announce/2015/04/msg00002.html http://lists.apple.com/archives/security-announce/2015/Jun/msg00002.html http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155863.html http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155864.html http://lists.opensuse.org/opensuse-updates/2015-04/msg00052.html http://marc.info/?l=bugtraq&m=143213867103400&w=2 http://marc • CWE-17: DEPRECATED: Code •