{"containers": {"cna": {"affected": [{"product": "n/a", "vendor": "n/a", "versions": [{"status": "affected", "version": "n/a"}]}], "datePublic": "2015-04-07T00:00:00", "descriptions": [{"lang": "en", "value": "The symmetric-key feature in the receive function in ntp_proto.c in ntpd in NTP 3.x and 4.x before 4.2.8p2 performs state-variable updates upon receiving certain invalid packets, which makes it easier for man-in-the-middle attackers to cause a denial of service (synchronization loss) by spoofing the source IP address of a peer."}], "problemTypes": [{"descriptions": [{"description": "n/a", "lang": "en", "type": "text"}]}], "providerMetadata": {"dateUpdated": "2018-01-04T19:57:01", "orgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "shortName": "redhat"}, "references": [{"name": "DSA-3222", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2015/dsa-3222"}, {"name": "20150408 Network Time Protocol Daemon Symmetric Mode Packet Processing Denial of Service Vulnerability", "tags": ["vendor-advisory", "x_refsource_CISCO"], "url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=38275"}, {"name": "[chrony-announce] 20150407 chrony-1.31.1 released (security)", "tags": ["mailing-list", "x_refsource_MLIST"], "url": "http://listengine.tuxfamily.org/chrony.tuxfamily.org/chrony-announce/2015/04/msg00002.html"}, {"name": "USN-2567-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU"], "url": "http://www.ubuntu.com/usn/USN-2567-1"}, {"name": "VU#374268", "tags": ["third-party-advisory", "x_refsource_CERT-VN"], "url": "http://www.kb.cert.org/vuls/id/374268"}, {"name": "73950", "tags": ["vdb-entry", "x_refsource_BID"], "url": "http://www.securityfocus.com/bid/73950"}, {"name": "SSRT102029", "tags": ["vendor-advisory", "x_refsource_HP"], "url": "http://marc.info/?l=bugtraq&m=143213867103400&w=2"}, {"name": "FEDORA-2015-5761", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155864.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://support.ntp.org/bin/view/Main/SecurityNotice#Recent_Vulnerabilities"}, {"tags": ["x_refsource_CONFIRM"], "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10114"}, {"name": "FEDORA-2015-5874", "tags": ["vendor-advisory", "x_refsource_FEDORA"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155863.html"}, {"name": "APPLE-SA-2015-06-30-2", "tags": ["vendor-advisory", "x_refsource_APPLE"], "url": "http://lists.apple.com/archives/security-announce/2015/Jun/msg00002.html"}, {"name": "openSUSE-SU-2015:0775", "tags": ["vendor-advisory", "x_refsource_SUSE"], "url": "http://lists.opensuse.org/opensuse-updates/2015-04/msg00052.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"}, {"name": "GLSA-201509-01", "tags": ["vendor-advisory", "x_refsource_GENTOO"], "url": "https://security.gentoo.org/glsa/201509-01"}, {"name": "HPSBUX03333", "tags": ["vendor-advisory", "x_refsource_HP"], "url": "http://marc.info/?l=bugtraq&m=143213867103400&w=2"}, {"name": "MDVSA-2015:202", "tags": ["vendor-advisory", "x_refsource_MANDRIVA"], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:202"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://support.apple.com/kb/HT204942"}, {"name": "HPSBHF03557", "tags": ["vendor-advisory", "x_refsource_HP"], "url": "http://marc.info/?l=bugtraq&m=145750740530849&w=2"}, {"name": "RHSA-2015:1459", "tags": ["vendor-advisory", "x_refsource_REDHAT"], "url": "http://rhn.redhat.com/errata/RHSA-2015-1459.html"}, {"tags": ["x_refsource_CONFIRM"], "url": "http://bugs.ntp.org/show_bug.cgi?id=2781"}, {"name": "20150408 Multiple Vulnerabilities in ntpd (April 2015) Affecting Cisco Products", "tags": ["vendor-advisory", "x_refsource_CISCO"], "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150408-ntpd"}, {"name": "DSA-3223", "tags": ["vendor-advisory", "x_refsource_DEBIAN"], "url": "http://www.debian.org/security/2015/dsa-3223"}, {"name": "1032031", "tags": ["vdb-entry", "x_refsource_SECTRACK"], "url": "http://www.securitytracker.com/id/1032031"}]}, "adp": [{"providerMetadata": {"orgId": "af854a3a-2127-422b-91ae-364da2661108", "shortName": "CVE", "dateUpdated": "2024-08-06T04:54:16.094Z"}, "title": "CVE Program Container", "references": [{"name": "DSA-3222", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "http://www.debian.org/security/2015/dsa-3222"}, {"name": "20150408 Network Time Protocol Daemon Symmetric Mode Packet Processing Denial of Service Vulnerability", "tags": ["vendor-advisory", "x_refsource_CISCO", "x_transferred"], "url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=38275"}, {"name": "[chrony-announce] 20150407 chrony-1.31.1 released (security)", "tags": ["mailing-list", "x_refsource_MLIST", "x_transferred"], "url": "http://listengine.tuxfamily.org/chrony.tuxfamily.org/chrony-announce/2015/04/msg00002.html"}, {"name": "USN-2567-1", "tags": ["vendor-advisory", "x_refsource_UBUNTU", "x_transferred"], "url": "http://www.ubuntu.com/usn/USN-2567-1"}, {"name": "VU#374268", "tags": ["third-party-advisory", "x_refsource_CERT-VN", "x_transferred"], "url": "http://www.kb.cert.org/vuls/id/374268"}, {"name": "73950", "tags": ["vdb-entry", "x_refsource_BID", "x_transferred"], "url": "http://www.securityfocus.com/bid/73950"}, {"name": "SSRT102029", "tags": ["vendor-advisory", "x_refsource_HP", "x_transferred"], "url": "http://marc.info/?l=bugtraq&m=143213867103400&w=2"}, {"name": "FEDORA-2015-5761", "tags": ["vendor-advisory", "x_refsource_FEDORA", "x_transferred"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155864.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://support.ntp.org/bin/view/Main/SecurityNotice#Recent_Vulnerabilities"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10114"}, {"name": "FEDORA-2015-5874", "tags": ["vendor-advisory", "x_refsource_FEDORA", "x_transferred"], "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155863.html"}, {"name": "APPLE-SA-2015-06-30-2", "tags": ["vendor-advisory", "x_refsource_APPLE", "x_transferred"], "url": "http://lists.apple.com/archives/security-announce/2015/Jun/msg00002.html"}, {"name": "openSUSE-SU-2015:0775", "tags": ["vendor-advisory", "x_refsource_SUSE", "x_transferred"], "url": "http://lists.opensuse.org/opensuse-updates/2015-04/msg00052.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"}, {"name": "GLSA-201509-01", "tags": ["vendor-advisory", "x_refsource_GENTOO", "x_transferred"], "url": "https://security.gentoo.org/glsa/201509-01"}, {"name": "HPSBUX03333", "tags": ["vendor-advisory", "x_refsource_HP", "x_transferred"], "url": "http://marc.info/?l=bugtraq&m=143213867103400&w=2"}, {"name": "MDVSA-2015:202", "tags": ["vendor-advisory", "x_refsource_MANDRIVA", "x_transferred"], "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:202"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://support.apple.com/kb/HT204942"}, {"name": "HPSBHF03557", "tags": ["vendor-advisory", "x_refsource_HP", "x_transferred"], "url": "http://marc.info/?l=bugtraq&m=145750740530849&w=2"}, {"name": "RHSA-2015:1459", "tags": ["vendor-advisory", "x_refsource_REDHAT", "x_transferred"], "url": "http://rhn.redhat.com/errata/RHSA-2015-1459.html"}, {"tags": ["x_refsource_CONFIRM", "x_transferred"], "url": "http://bugs.ntp.org/show_bug.cgi?id=2781"}, {"name": "20150408 Multiple Vulnerabilities in ntpd (April 2015) Affecting Cisco Products", "tags": ["vendor-advisory", "x_refsource_CISCO", "x_transferred"], "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150408-ntpd"}, {"name": "DSA-3223", "tags": ["vendor-advisory", "x_refsource_DEBIAN", "x_transferred"], "url": "http://www.debian.org/security/2015/dsa-3223"}, {"name": "1032031", "tags": ["vdb-entry", "x_refsource_SECTRACK", "x_transferred"], "url": "http://www.securitytracker.com/id/1032031"}]}]}, "cveMetadata": {"assignerOrgId": "53f830b8-0a3f-465b-8143-3b8a9948e749", "assignerShortName": "redhat", "cveId": "CVE-2015-1799", "datePublished": "2015-04-08T10:00:00", "dateReserved": "2015-02-17T00:00:00", "dateUpdated": "2024-08-06T04:54:16.094Z", "state": "PUBLISHED"}, "dataType": "CVE_RECORD", "dataVersion": "5.1"}

{}

{"configurations": [{"nodes": [{"cpeMatch": [{"criteria": "cpe:2.3:a:ntp:ntp:*:*:*:*:*:*:*:*", "matchCriteriaId": "E538FCAE-3E2C-4EA8-A74F-ABF47652C15C", "versionEndIncluding": "4.2.7p444", "vulnerable": true}], "negate": false, "operator": "OR"}]}], "cveTags": [], "descriptions": [{"lang": "en", "value": "The symmetric-key feature in the receive function in ntp_proto.c in ntpd in NTP 3.x and 4.x before 4.2.8p2 performs state-variable updates upon receiving certain invalid packets, which makes it easier for man-in-the-middle attackers to cause a denial of service (synchronization loss) by spoofing the source IP address of a peer."}, {"lang": "es", "value": "La caracter\u00edstica symmetric-key en la funci\u00f3n receive en ntp_proto.c en ntpd en NTP 3.x y 4.x anterior a 4.2.8p2 realiza actualizaciones de las variables de estados al recibir ciertos paquetes inv\u00e1lidos, lo que facilita a atacantes man-in-the-middle causar una denegaci\u00f3n de servicio (perdida de sincronizaci\u00f3n) mediante la falsificaci\u00f3n de la direcci\u00f3n del IP de fuente de un par."}], "id": "CVE-2015-1799", "lastModified": "2018-01-05T02:30:00.447", "metrics": {"cvssMetricV2": [{"acInsufInfo": false, "baseSeverity": "MEDIUM", "cvssData": {"accessComplexity": "MEDIUM", "accessVector": "ADJACENT_NETWORK", "authentication": "NONE", "availabilityImpact": "PARTIAL", "baseScore": 4.3, "confidentialityImpact": "NONE", "integrityImpact": "PARTIAL", "vectorString": "AV:A/AC:M/Au:N/C:N/I:P/A:P", "version": "2.0"}, "exploitabilityScore": 5.5, "impactScore": 4.9, "obtainAllPrivilege": false, "obtainOtherPrivilege": false, "obtainUserPrivilege": false, "source": "nvd@nist.gov", "type": "Primary", "userInteractionRequired": false}]}, "published": "2015-04-08T10:59:05.717", "references": [{"source": "secalert@redhat.com", "url": "http://bugs.ntp.org/show_bug.cgi?id=2781"}, {"source": "secalert@redhat.com", "url": "http://listengine.tuxfamily.org/chrony.tuxfamily.org/chrony-announce/2015/04/msg00002.html"}, {"source": "secalert@redhat.com", "url": "http://lists.apple.com/archives/security-announce/2015/Jun/msg00002.html"}, {"source": "secalert@redhat.com", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155863.html"}, {"source": "secalert@redhat.com", "url": "http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155864.html"}, {"source": "secalert@redhat.com", "url": "http://lists.opensuse.org/opensuse-updates/2015-04/msg00052.html"}, {"source": "secalert@redhat.com", "url": "http://marc.info/?l=bugtraq&m=143213867103400&w=2"}, {"source": "secalert@redhat.com", "url": "http://marc.info/?l=bugtraq&m=145750740530849&w=2"}, {"source": "secalert@redhat.com", "url": "http://rhn.redhat.com/errata/RHSA-2015-1459.html"}, {"source": "secalert@redhat.com", "url": "http://support.apple.com/kb/HT204942"}, {"source": "secalert@redhat.com", "tags": ["Vendor Advisory"], "url": "http://support.ntp.org/bin/view/Main/SecurityNotice#Recent_Vulnerabilities"}, {"source": "secalert@redhat.com", "url": "http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150408-ntpd"}, {"source": "secalert@redhat.com", "url": "http://tools.cisco.com/security/center/viewAlert.x?alertId=38275"}, {"source": "secalert@redhat.com", "url": "http://www.debian.org/security/2015/dsa-3222"}, {"source": "secalert@redhat.com", "url": "http://www.debian.org/security/2015/dsa-3223"}, {"source": "secalert@redhat.com", "tags": ["Third Party Advisory", "US Government Resource"], "url": "http://www.kb.cert.org/vuls/id/374268"}, {"source": "secalert@redhat.com", "url": "http://www.mandriva.com/security/advisories?name=MDVSA-2015:202"}, {"source": "secalert@redhat.com", "url": "http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html"}, {"source": "secalert@redhat.com", "url": "http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html"}, {"source": "secalert@redhat.com", "url": "http://www.securityfocus.com/bid/73950"}, {"source": "secalert@redhat.com", "url": "http://www.securitytracker.com/id/1032031"}, {"source": "secalert@redhat.com", "url": "http://www.ubuntu.com/usn/USN-2567-1"}, {"source": "secalert@redhat.com", "url": "https://kc.mcafee.com/corporate/index?page=content&id=SB10114"}, {"source": "secalert@redhat.com", "url": "https://security.gentoo.org/glsa/201509-01"}], "sourceIdentifier": "secalert@redhat.com", "vulnStatus": "Modified", "weaknesses": [{"description": [{"lang": "en", "value": "CWE-17"}], "source": "nvd@nist.gov", "type": "Primary"}]}

{"acknowledgement": "This issue was discovered by Miroslav Lichv\u00e1r (Red Hat).", "affected_release": [{"advisory": "RHSA-2015:1459", "cpe": "cpe:/o:redhat:enterprise_linux:6", "package": "ntp-0:4.2.6p5-5.el6", "product_name": "Red Hat Enterprise Linux 6", "release_date": "2015-07-21T00:00:00Z"}, {"advisory": "RHSA-2015:2231", "cpe": "cpe:/o:redhat:enterprise_linux:7", "package": "ntp-0:4.2.6p5-22.el7", "product_name": "Red Hat Enterprise Linux 7", "release_date": "2015-11-19T00:00:00Z"}], "bugzilla": {"description": "ntp: authentication doesn't protect symmetric associations against DoS attacks", "id": "1199435", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1199435"}, "csaw": false, "cvss": {"cvss_base_score": "4.3", "cvss_scoring_vector": "AV:N/AC:M/Au:N/C:N/I:N/A:P", "status": "verified"}, "details": ["The symmetric-key feature in the receive function in ntp_proto.c in ntpd in NTP 3.x and 4.x before 4.2.8p2 performs state-variable updates upon receiving certain invalid packets, which makes it easier for man-in-the-middle attackers to cause a denial of service (synchronization loss) by spoofing the source IP address of a peer.", "A denial of service flaw was found in the way NTP hosts that were peering with each other authenticated themselves before updating their internal state variables. An attacker could send packets to one peer host, which could cascade to other peers, and stop the synchronization process among the reached peers."], "mitigation": {"lang": "en:us", "value": "To work around this issue, instead of configuring NTP hosts as peers with the 'peer' directive, use the 'server' directive on both hosts so that the connection uses a regular client/server mode of operation.\nMore information about how to configure NTP can be found at:\nhttps://access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/Deployment_Guide/ch-Configuring_NTP_Using_ntpd.html\nAutokey authentication between NTP peers is not sufficient to fully mitigate this issue."}, "name": "CVE-2015-1799", "package_state": [{"cpe": "cpe:/o:redhat:enterprise_linux:5", "fix_state": "Will not fix", "package_name": "ntp", "product_name": "Red Hat Enterprise Linux 5"}], "public_date": "2015-04-07T00:00:00Z", "references": ["https://www.cve.org/CVERecord?id=CVE-2015-1799\nhttps://nvd.nist.gov/vuln/detail/CVE-2015-1799"], "threat_severity": "Moderate"}