vulnerability

SUSE: CVE-2015-7974: SUSE Linux Security Advisory

Severity
4
CVSS
(AV:N/AC:L/Au:S/C:N/I:P/A:N)
Published
Jan 26, 2016
Added
Apr 28, 2016
Modified
Jun 22, 2021

Description

NTP 4.x before 4.2.8p6 and 4.3.x before 4.3.90 do not verify peer associations of symmetric keys when authenticating packets, which might allow remote attackers to conduct impersonation attacks via an arbitrary trusted key, aka a "skeleton key."

Solution(s)

suse-upgrade-ntpsuse-upgrade-ntp-docsuse-upgrade-yast2-ntp-clientsuse-upgrade-yast2-ntp-client-devel-doc
Title
NEW

Explore Exposure Command

Confidently identify and prioritize exposures from endpoint to cloud with full attack surface visibility and threat-aware risk context.