vulnerability

Red Hat: CVE-2015-7974: Moderate: ntp security and bug fix update (RHSA-2016:2583)

Try Surface Command

Back to search

Severity	CVSS	Published	Added	Modified
4	(AV:N/AC:L/Au:S/C:N/I:P/A:N)	2016-01-26	2016-11-04	2020-06-22

Severity

CVSS

(AV:N/AC:L/Au:S/C:N/I:P/A:N)

Published

2016-01-26

Added

2016-11-04

Modified

2020-06-22

Description

NTP 4.x before 4.2.8p6 and 4.3.x before 4.3.90 do not verify peer associations of symmetric keys when authenticating packets, which might allow remote attackers to conduct impersonation attacks via an arbitrary trusted key, aka a "skeleton key."

Solution(s)

redhat-upgrade-ntpredhat-upgrade-ntp-debuginforedhat-upgrade-ntp-docredhat-upgrade-ntp-perlredhat-upgrade-ntpdateredhat-upgrade-sntp

References

REDHAT-RHSA-2016:2583
DEBIAN-DLA-559-1
DEBIAN-DSA-3629
BID-81960
SECTRACK-1034782
FREEBSD-FreeBSD-SA-16:09
GENTOO-GLSA-201607-15
NVD-CVE-2015-7974
UBUNTU-USN-3096-1

NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.

Try it today