본문 바로가기
취약점 정보1

NTP Project ntpd reference implementation contains multiple vulnerabilities

Ryansecurity 2015. 4. 10. 09:03
728x90

Overview

NTP Project ntpd reference implementation accepts unauthenticated packets with symmetric key cryptography and does not protect symmetric associations against denial of service attacks.

Description

CVE-2015-1798, bug 2779:

In NTP4 installations utilizing symmetric key authentication, versions ntp-4.2.5p99 to ntp-4.2.8p1, packets with no message authentication code (MAC) are accepted as though they have a valid MAC. An attacker may be able to leverage this validation error to send packets that will be accepted by the client. The CVSS score reflects this issue.

CVE-2015-1799, bug 2781:

In NTP installations utilizing symmetric key authentication, including xntp3.3wy to version ntp-4.2.8p1, a denial of service condition is created when two peering hosts receive packets in which the originate and transmit timestamps do not match. An attacker who periodically sends such packets to both hosts can prevent synchronization.

For more information about these issues, visit NTP's security notice.

Impact

An unauthenticated attacker with network access may be able to inject packets or prevent peer synchronization among symmetrically authenticated hosts.

Solution

Apply an update

The NTP Project has released version ntp-4.2.8p2 to address these issues.

Vendor Information (Learn More)

VendorStatusDate NotifiedDate Updated
NTP ProjectAffected23 Mar 201507 Apr 2015
ACCESSUnknown24 Mar 201524 Mar 2015
Alcatel-LucentUnknown24 Mar 201524 Mar 2015
AppleUnknown24 Mar 201524 Mar 2015
Arch LinuxUnknown30 Mar 201530 Mar 2015
AT&TUnknown24 Mar 201524 Mar 2015
Avaya, Inc.Unknown24 Mar 201524 Mar 2015
Barracuda NetworksUnknown24 Mar 201524 Mar 2015
Belkin, Inc.Unknown24 Mar 201524 Mar 2015
Blue Coat SystemsUnknown24 Mar 201524 Mar 2015
BrocadeUnknown30 Mar 201530 Mar 2015
CA TechnologiesUnknown24 Mar 201524 Mar 2015
CentOSUnknown24 Mar 201524 Mar 2015
Check Point Software TechnologiesUnknown24 Mar 201524 Mar 2015
CiscoUnknown24 Mar 201524 Mar 2015

If you are a vendor and your product is affected, let us know.View More »

CVSS Metrics (Learn More)

GroupScoreVector
Base5.4AV:A/AC:M/Au:N/C:P/I:P/A:P
Temporal4.2E:POC/RL:OF/RC:C
Environmental4.2CDP:N/TD:H/CR:ND/IR:ND/AR:ND

References

Credit

The NTP Project credits Miroslav Lichvar of Red Hat for reporting these issues.

This document was written by Joel Land.

Other Information

  • CVE IDs: CVE-2015-1798 CVE-2015-1799
  • Date Public: 07 4월 2015
  • Date First Published: 07 4월 2015
  • Date Last Updated: 09 4월 2015
  • Document Revision: 17
728x90
저작자표시 비영리 변경금지

'취약점 정보1' 카테고리의 다른 글

애플, OS X, iOS 업데이트 발표  (0) 2015.04.11
AAEH  (0) 2015.04.10
Exploiting PHP Bug #66550 - SQLite prepared statement use-after-free - [A local PHP exploit]  (0) 2015.04.03
Multiple Vulnerabilities in OpenSSL (March 2015) Affecting Cisco Products  (0) 2015.04.02
Multiple SSL certificate authorities use email addresses as proof of domain ownership  (0) 2015.03.30

'취약점 정보1' Related Articles

티스토리툴바