vulnerability
SUSE: CVE-2015-7974: SUSE Linux Security Advisory
| Severity | CVSS | Published | Added | Modified |
|---|---|---|---|---|
| 4 | (AV:N/AC:L/Au:S/C:N/I:P/A:N) | Jan 26, 2016 | Apr 28, 2016 | Jun 22, 2021 |
Severity
4
CVSS
(AV:N/AC:L/Au:S/C:N/I:P/A:N)
Published
Jan 26, 2016
Added
Apr 28, 2016
Modified
Jun 22, 2021
Description
NTP 4.x before 4.2.8p6 and 4.3.x before 4.3.90 do not verify peer associations of symmetric keys when authenticating packets, which might allow remote attackers to conduct impersonation attacks via an arbitrary trusted key, aka a "skeleton key."
Solution(s)
suse-upgrade-ntpsuse-upgrade-ntp-docsuse-upgrade-yast2-ntp-clientsuse-upgrade-yast2-ntp-client-devel-doc
References
- SUSE-SUSE-SU-2016:1175-1
- SUSE-SUSE-SU-2016:1177-1
- SUSE-SUSE-SU-2016:1247-1
- SUSE-SUSE-SU-2016:1278-1
- SUSE-SUSE-SU-2016:1291-1
- SUSE-SUSE-SU-2016:1311-1
- SUSE-SUSE-SU-2016:1471-1
- SUSE-SUSE-SU-2016:1568-1
- SUSE-SUSE-SU-2016:1912-1
- SUSE-SUSE-SU-2016:2094-1
- DEBIAN-DLA-559-1
- DEBIAN-DSA-3629
- NVD-CVE-2015-7974
- UBUNTU-USN-3096-1
NEW
Explore Exposure Command
Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.