CVE-2015-7974

NTP 4.x before 4.2.8p6 and 4.3.x before 4.3.90 do not verify peer associations of symmetric keys when authenticating packets, which might allow remote attackers to conduct impersonation attacks via an arbitrary trusted key, aka a "skeleton key."
ProviderTypeBase ScoreAtk. VectorAtk. ComplexityPriv. RequiredVector
NISTNIST
7.7 HIGH
NETWORK
LOW
LOW
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:N
mitreCNA
---
---
CVEADP
---
---
Base Score
CVSS 3.x
EPSS Score
Percentile: 90%
VendorProductVersion
ntpntp
4.2.0 ≤
𝑥
< 4.2.8
ntpntp
4.3.0 ≤
𝑥
< 4.3.90
ntpntp
4.2.8
ntpntp
4.2.8:p1
ntpntp
4.2.8:p1-beta1
ntpntp
4.2.8:p1-beta2
ntpntp
4.2.8:p1-beta3
ntpntp
4.2.8:p1-beta4
ntpntp
4.2.8:p1-beta5
ntpntp
4.2.8:p1-rc1
ntpntp
4.2.8:p1-rc2
ntpntp
4.2.8:p2
ntpntp
4.2.8:p2-rc1
ntpntp
4.2.8:p2-rc2
ntpntp
4.2.8:p2-rc3
ntpntp
4.2.8:p3
ntpntp
4.2.8:p3-rc1
ntpntp
4.2.8:p3-rc2
ntpntp
4.2.8:p3-rc3
ntpntp
4.2.8:p4
ntpntp
4.2.8:p5
siemenstim_4r-ie_firmware
*
siemenstim_4r-ie_dnp3_firmware
*
netappclustered_data_ontap
-
netapponcommand_balance
-
debiandebian_linux
8.0
debiandebian_linux
9.0
𝑥
= Vulnerable software versions
Debian logo
Debian Releases
Debian Product
Codename
ntp
bullseye
1:4.2.8p15+dfsg-1
fixed
Ubuntu logo
Ubuntu Releases
Ubuntu Product
Codename
ntp
zesty
not-affected
yakkety
not-affected
xenial
Fixed 1:4.2.8p4+dfsg-3ubuntu5.3
released
wily
ignored
vivid
ignored
trusty
Fixed 1:4.2.6.p5+dfsg-3ubuntu2.14.04.10
released
precise
Fixed 1:4.2.6.p3+dfsg-1ubuntu3.11
released
Common Weakness Enumeration
References
http://bugs.ntp.org/show_bug.cgi?id=2936
http://rhn.redhat.com/errata/RHSA-2016-2583.html
http://support.ntp.org/bin/view/Main/NtpBug2936
http://www.debian.org/security/2016/dsa-3629
http://www.securityfocus.com/bid/81960
http://www.securitytracker.com/id/1034782
http://www.talosintel.com/reports/TALOS-2016-0071/
https://cert-portal.siemens.com/productcert/pdf/ssa-497656.pdf
https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03750en_us
https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03766en_us
https://security.FreeBSD.org/advisories/FreeBSD-SA-16:09.ntp.asc
https://security.gentoo.org/glsa/201607-15
https://security.netapp.com/advisory/ntap-20171031-0001/
https://us-cert.cisa.gov/ics/advisories/icsa-21-103-11
http://bugs.ntp.org/show_bug.cgi?id=2936
http://rhn.redhat.com/errata/RHSA-2016-2583.html
http://support.ntp.org/bin/view/Main/NtpBug2936
http://www.debian.org/security/2016/dsa-3629
http://www.securityfocus.com/bid/81960
http://www.securitytracker.com/id/1034782
http://www.talosintel.com/reports/TALOS-2016-0071/
https://cert-portal.siemens.com/productcert/pdf/ssa-497656.pdf
https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03750en_us
https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03766en_us
https://security.FreeBSD.org/advisories/FreeBSD-SA-16:09.ntp.asc
https://security.gentoo.org/glsa/201607-15
https://security.netapp.com/advisory/ntap-20171031-0001/
https://us-cert.cisa.gov/ics/advisories/icsa-21-103-11