// For flags

CVE-2014-9293

ntp: automatic generation of weak default key in config_auth()

Severity Score

7.5
*CVSS v2

Exploit Likelihood

*EPSS

Affected Versions

*CPE

Public Exploits

1
*Multiple Sources

Exploited in Wild

-
*KEV

Decision

-
*SSVC
Descriptions

The config_auth function in ntpd in NTP before 4.2.7p11, when an auth key is not configured, improperly generates a key, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via a brute-force attack.

La función config_auth en ntpd en NTP anterior a 4.2.7p11, cuando no se configura una clave de autenticación, incorréctamente genera una clave, esto hace que atacantes remotos puedan romper los mecanismos de protección fácilmente mediante un ataque de fuerza bruta.

It was found that ntpd automatically generated weak keys for its internal use if no ntpdc request authentication key was specified in the ntp.conf configuration file. A remote attacker able to match the configured IP restrictions could guess the generated key, and possibly use it to send ntpdc query or configuration requests.

*Credits: N/A
CVSS Scores
Attack Vector
Network
Attack Complexity
Low
Authentication
None
Confidentiality
Partial
Integrity
Partial
Availability
Partial
Attack Vector
Network
Attack Complexity
High
Authentication
None
Confidentiality
Partial
Integrity
Partial
Availability
None
* Common Vulnerability Scoring System
SSVC
  • Decision:-
Exploitation
-
Automatable
-
Tech. Impact
-
* Organization's Worst-case Scenario
Timeline
  • 2014-12-05 CVE Reserved
  • 2014-12-20 CVE Published
  • 2024-08-01 EPSS Updated
  • 2024-08-06 CVE Updated
  • 2024-08-06 First Exploit
  • ---------- Exploited in Wild
  • ---------- KEV Due Date
CWE
  • CWE-338: Use of Cryptographically Weak Pseudo-Random Number Generator (PRNG)
CAPEC
References (23)
URL Tag Source
http://advisories.mageia.org/MGASA-2014-0541.html X_refsource_confirm
http://bugs.ntp.org/show_bug.cgi?id=2665 X_refsource_confirm
http://secunia.com/advisories/62209 Third Party Advisory
http://www.kb.cert.org/vuls/id/852879 Third Party Advisory
http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html X_refsource_confirm
http://www.securityfocus.com/bid/71757 Vdb Entry
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04790232 X_refsource_confirm
https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04916783 X_refsource_confirm
https://kc.mcafee.com/corporate/index?page=content&id=SB10103 X_refsource_confirm
https://www.arista.com/en/support/advisories-notices/security-advisories/1047-security-advisory-8 X_refsource_misc
URL Date SRC
http://bk1.ntp.org/ntp-dev/ntpd/ntp_config.c?PAGE=diffs&REV=4b6089c5KXhXqZqocF0DMXnQQsjOuw 2024-08-06
URL Date SRC
URL Date SRC
http://marc.info/?l=bugtraq&m=142469153211996&w=2 2021-11-17
http://marc.info/?l=bugtraq&m=142590659431171&w=2 2021-11-17
http://marc.info/?l=bugtraq&m=142853370924302&w=2 2021-11-17
http://marc.info/?l=bugtraq&m=144182594518755&w=2 2021-11-17
http://rhn.redhat.com/errata/RHSA-2014-2025.html 2021-11-17
http://rhn.redhat.com/errata/RHSA-2015-0104.html 2021-11-17
http://support.ntp.org/bin/view/Main/SecurityNotice 2021-11-17
http://www.mandriva.com/security/advisories?name=MDVSA-2015:003 2021-11-17
https://bugzilla.redhat.com/show_bug.cgi?id=1176032 2015-01-28
https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20141222-ntpd 2021-11-17
https://access.redhat.com/security/cve/CVE-2014-9293 2015-01-28
https://access.redhat.com/articles/1305723 2015-01-28
Affected Vendors, Products, and Versions
Vendor Product Version Other Status
Vendor Product Version Other Status <-- --> Vendor Product Version Other Status
Ntp
Search vendor "Ntp"
 Ntp
Search vendor "Ntp" for product "Ntp"
 <= 4.2.7
Search vendor "Ntp" for product "Ntp" and version " <= 4.2.7"
-
Affected