CVE-2015-3405

ntp-keygen in ntp 4.2.8px before 4.2.8p2-RC2 and 4.3.x before 4.3.12 does not generate MD5 keys with sufficient entropy on big endian machines when the lowest order byte of the temp variable is between 0x20 and 0x7f and not #, which might allow remote attackers to obtain the value of generated MD5 keys via a brute force attack with the 93 possible keys.
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.5 HIGH
NETWORK
LOW
NONE
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
redhatCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 90%
VendorProductVersion
ntpntp
4.2.8:p1
ntpntp
4.2.8:p2
ntpntp
4.2.8:p2-rc1
ntpntp
4.3.0
ntpntp
4.3.1
ntpntp
4.3.2
ntpntp
4.3.3
ntpntp
4.3.4
ntpntp
4.3.5
ntpntp
4.3.6
ntpntp
4.3.7
ntpntp
4.3.8
ntpntp
4.3.9
ntpntp
4.3.10
ntpntp
4.3.11
debiandebian_linux
7.0
debiandebian_linux
8.0
opensusesuse_linux_enterprise_server
11.0:sp3
opensuse_projectsuse_linux_enterprise_desktop
11.0:sp3
susesuse_linux_enterprise_server
11.0:sp3
redhatenterprise_linux_desktop
6.0
redhatenterprise_linux_for_ibm_z_systems
6.0
redhatenterprise_linux_for_power_big_endian
6.0
redhatenterprise_linux_for_scientific_computing
6.0
redhatenterprise_linux_server
6.0
redhatenterprise_linux_server_from_rhui_6
6.0
redhatenterprise_linux_workstation
6.0
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
ntp
bullseye
1:4.2.8p15+dfsg-1
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
ntp
vivid
Fixed 1:4.2.6.p5+dfsg-3ubuntu5
released
utopic
Fixed 1:4.2.6.p5+dfsg-3ubuntu2.14.10.3
released
trusty
Fixed 1:4.2.6.p5+dfsg-3ubuntu2.14.04.3
released
precise
Fixed 1:4.2.6.p3+dfsg-1ubuntu3.4
released
lucid
ignored
Common Weakness Enumeration
References
http://bk1.ntp.org/ntp-stable/?PAGE=patch&REV=55199296N2gFqH1Hm5GOnhrk9Ypygg
http://lists.fedoraproject.org/pipermail/package-announce/2015-April/156248.html
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00000.html
http://rhn.redhat.com/errata/RHSA-2015-1459.html
http://rhn.redhat.com/errata/RHSA-2015-2231.html
http://www.debian.org/security/2015/dsa-3223
http://www.debian.org/security/2015/dsa-3388
http://www.openwall.com/lists/oss-security/2015/04/23/14
http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html
http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html
http://www.securityfocus.com/bid/74045
https://bugs.ntp.org/show_bug.cgi?id=2797
https://bugzilla.redhat.com/show_bug.cgi?id=1210324
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03886en_us
http://bk1.ntp.org/ntp-stable/?PAGE=patch&REV=55199296N2gFqH1Hm5GOnhrk9Ypygg
http://lists.fedoraproject.org/pipermail/package-announce/2015-April/156248.html
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00000.html
http://rhn.redhat.com/errata/RHSA-2015-1459.html
http://rhn.redhat.com/errata/RHSA-2015-2231.html
http://www.debian.org/security/2015/dsa-3223
http://www.debian.org/security/2015/dsa-3388
http://www.openwall.com/lists/oss-security/2015/04/23/14
http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html
http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html
http://www.securityfocus.com/bid/74045
https://bugs.ntp.org/show_bug.cgi?id=2797
https://bugzilla.redhat.com/show_bug.cgi?id=1210324
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03886en_us