CVE-2015-1798 — Improper Authentication in NTP

CWE-17 CWE-287 — Improper Authentication CWE-264 CWE-347 — Improper Verification of Cryptographic Signature17 documents11 sources

Severity

1.8LOWNVD

EPSS

0.8%

top 25.44%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

NTP Debian NTP Apple OS X Yosemite V10.10.4 AND Security Update 2015-005 +1 more

Timeline

PublishedApr 8

Latest updateMay 14

Description

The symmetric-key feature in the receive function in ntp_proto.c in ntpd in NTP 4.x before 4.2.8p2 requires a correct MAC only if the MAC field has a nonzero length, which makes it easier for man-in-the-middle attackers to spoof packets by omitting the MAC.

CVSS vector

AV:A/AC:H/C:N/I:P/A:NExploitability: 3.2 | Impact: 2.9

Affected Packages6 packages

▶debiandebian/ntp< ntp 1:4.2.6.p5+dfsg-6 (bullseye)

▶Debianntp/ntp< 1:4.2.6.p5+dfsg-6

▶Ubuntuntp/ntp< 1:4.2.6.p5+dfsg-3ubuntu2.14.04.3

▶NVDntp/ntp4.2.7p444

▶ciscocisco/products

🔴Vulnerability Details

GHSA

GHSA-cx2f-jc4r-m5vp: The symmetric-key feature in the receive function in ntp_proto↗2022-05-14

▶

OSV

ntp vulnerabilities↗2015-04-13

▶

OSV

CVE-2015-1798: The symmetric-key feature in the receive function in ntp_proto↗2015-04-08

▶

📋Vendor Advisories

CISA ICS

Rockwell Automation Stratix 5900↗2017-05-10

▶

Ubuntu

NTP vulnerabilities↗2015-04-13

▶

Cisco

Network Time Protocol Daemon MAC Checking Failure Authentication Bypass Vulnerability↗2015-04-09

▶

Cisco

Multiple Vulnerabilities in ntpd (April 2015) Affecting Cisco Products↗2015-04-08

▶

BSD

FreeBSD-SA-15:07.ntp: Multiple vulnerabilities of ntp↗2015-04-07

▶

💬Community

Bugzilla

CVE-2015-8106 latex2rtf: Format string vulnerability in CmdKeywords↗2015-11-16

▶

Bugzilla

CVE-2015-1798 CVE-2015-1799 ntp: various flaws [fedora-all]↗2015-04-07

▶

Bugzilla

CVE-2015-1798 ntp: ntpd accepts unauthenticated packets with symmetric key crypto↗2015-03-06

▶