CVE-2015-1799
ntp: authentication doesn't protect symmetric associations against DoS attacks
Severity Score
Exploit Likelihood
Affected Versions
Public Exploits
0Exploited in Wild
-Decision
Descriptions
The symmetric-key feature in the receive function in ntp_proto.c in ntpd in NTP 3.x and 4.x before 4.2.8p2 performs state-variable updates upon receiving certain invalid packets, which makes it easier for man-in-the-middle attackers to cause a denial of service (synchronization loss) by spoofing the source IP address of a peer.
La característica symmetric-key en la función receive en ntp_proto.c en ntpd en NTP 3.x y 4.x anterior a 4.2.8p2 realiza actualizaciones de las variables de estados al recibir ciertos paquetes inválidos, lo que facilita a atacantes man-in-the-middle causar una denegación de servicio (perdida de sincronización) mediante la falsificación de la dirección del IP de fuente de un par.
A denial of service flaw was found in the way NTP hosts that were peering with each other authenticated themselves before updating their internal state variables. An attacker could send packets to one peer host, which could cascade to other peers, and stop the synchronization process among the reached peers.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2015-02-17 CVE Reserved
- 2015-04-08 CVE Published
- 2024-05-02 EPSS Updated
- 2024-08-06 CVE Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-17: DEPRECATED: Code
CAPEC
References (26)
URL | Tag | Source |
---|---|---|
http://bugs.ntp.org/show_bug.cgi?id=2781 | X_refsource_confirm | |
http://listengine.tuxfamily.org/chrony.tuxfamily.org/chrony-announce/2015/04/msg00002.html | Mailing List | |
http://support.apple.com/kb/HT204942 | X_refsource_confirm | |
http://www.kb.cert.org/vuls/id/374268 | Third Party Advisory | |
http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html | X_refsource_confirm | |
http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html | X_refsource_confirm | |
http://www.securityfocus.com/bid/73950 | Vdb Entry | |
http://www.securitytracker.com/id/1032031 | Vdb Entry | |
https://kc.mcafee.com/corporate/index?page=content&id=SB10114 | X_refsource_confirm |
URL | Date | SRC |
---|
URL | Date | SRC |
---|
Affected Vendors, Products, and Versions
Vendor | Product | Version | Other | Status | ||||||
---|---|---|---|---|---|---|---|---|---|---|
Vendor | Product | Version | Other | Status | <-- --> | Vendor | Product | Version | Other | Status |
Ntp Search vendor "Ntp" | Ntp Search vendor "Ntp" for product "Ntp" | <= 4.2.7p444 Search vendor "Ntp" for product "Ntp" and version " <= 4.2.7p444" | - |
Affected
|