CVE-2015-7974
First published: Tue Jan 26 2016(Updated: )
NTP 4.x before 4.2.8p6 and 4.3.x before 4.3.90 do not verify peer associations of symmetric keys when authenticating packets, which might allow remote attackers to conduct impersonation attacks via an arbitrary trusted key, aka a "skeleton key."
Credit: cve@mitre.org
| Affected Software | Affected Version | How to fix |
|---|---|---|
| debian/ntp | 1:4.2.8p12+dfsg-4 1:4.2.8p15+dfsg-1 | |
| Siemens TIM 4R-IE | ||
| Siemens TIM 4R-IE DNP3 | ||
| NTP | >=4.2.0<4.2.8 | |
| NTP | >=4.3.0<4.3.90 | |
| NTP | =4.2.8 | |
| NTP | =4.2.8-p1 | |
| NTP | =4.2.8-p1-beta1 | |
| NTP | =4.2.8-p1-beta2 | |
| NTP | =4.2.8-p1-beta3 | |
| NTP | =4.2.8-p1-beta4 | |
| NTP | =4.2.8-p1-beta5 | |
| NTP | =4.2.8-p1-rc1 | |
| NTP | =4.2.8-p1-rc2 | |
| NTP | =4.2.8-p2 | |
| NTP | =4.2.8-p2-rc1 | |
| NTP | =4.2.8-p2-rc2 | |
| NTP | =4.2.8-p2-rc3 | |
| NTP | =4.2.8-p3 | |
| NTP | =4.2.8-p3-rc1 | |
| NTP | =4.2.8-p3-rc2 | |
| NTP | =4.2.8-p3-rc3 | |
| NTP | =4.2.8-p4 | |
| NTP | =4.2.8-p5 | |
| Siemens TIM 4R-IE DNP3 | ||
| siemens SIMATIC TIM 4R-IE | ||
| Siemens TIM 4R-IE | ||
| Siemens TIM 4R-IE | ||
| IBM Data ONTAP | ||
| NetApp OnCommand Balance | ||
| Debian Linux | =8.0 | |
| Debian Linux | =9.0 |
Never miss a vulnerability like this again
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
Reference Links
- http://support.ntp.org/bin/view/Main/SecurityNotice#January_2016_NTP_4_2_8p6_Securit
- http://support.ntp.org/bin/view/Main/NtpBug2936
- https://security-tracker.debian.org/tracker/CVE-2015-7974
- http://bugs.ntp.org/show_bug.cgi?id=2936
- http://rhn.redhat.com/errata/RHSA-2016-2583.html
- http://www.debian.org/security/2016/dsa-3629
- http://www.securityfocus.com/bid/81960
- http://www.securitytracker.com/id/1034782
- http://www.talosintel.com/reports/TALOS-2016-0071/
- https://cert-portal.siemens.com/productcert/pdf/ssa-497656.pdf
- https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03750en_us
- https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03766en_us
- https://security.FreeBSD.org/advisories/FreeBSD-SA-16:09.ntp.asc
- https://security.gentoo.org/glsa/201607-15
- https://security.netapp.com/advisory/ntap-20171031-0001/
- https://us-cert.cisa.gov/ics/advisories/icsa-21-103-11
- https://www.cisa.gov/news-events/ics-advisories/icsa-21-103-11 (Advisory)
Frequently Asked Questions
What is the severity of CVE-2015-7974?
CVE-2015-7974 is classified as a medium severity vulnerability due to the risk of impersonation attacks.
How do I fix CVE-2015-7974?
To fix CVE-2015-7974, upgrade your NTP software to version 4.2.8p12 or later, or 4.3.90 or later.
What software versions are affected by CVE-2015-7974?
CVE-2015-7974 affects NTP versions before 4.2.8p6 and 4.3.x before 4.3.90.
Can CVE-2015-7974 lead to remote attacks?
Yes, CVE-2015-7974 can allow remote attackers to conduct impersonation attacks using an arbitrary trusted key.
Is there a workaround for CVE-2015-7974?
There is no specific workaround for CVE-2015-7974; patching the software is the recommended solution.
- collector/security-tracker-debian
- agent/type
- agent/weakness
- agent/references
- agent/severity
- agent/author
- agent/description
- collector/mitre-cve
- source/MITRE
- agent/last-modified-date
- agent/first-publish-date
- agent/event
- agent/trending
- agent/source
- collector/ics-cert-advisory
- source/ICS
- agent/software-canonical-lookup
- agent/software-canonical-lookup-request
- agent/tags
- agent/softwarecombine
- collector/nvd-index
- package-manager/debian
- vendor/siemens
- canonical/siemens tim 4r-ie
- canonical/siemens tim 4r-ie dnp3
- vendor/ntp
- canonical/ntp
- version/ntp/4.2.0
- version/ntp/4.3.0
- version/ntp/4.2.8
- version/ntp/4.2.8-p1
- version/ntp/4.2.8-p1-beta1
- version/ntp/4.2.8-p1-beta2
- version/ntp/4.2.8-p1-beta3
- version/ntp/4.2.8-p1-beta4
- version/ntp/4.2.8-p1-beta5
- version/ntp/4.2.8-p1-rc1
- version/ntp/4.2.8-p1-rc2
- version/ntp/4.2.8-p2
- version/ntp/4.2.8-p2-rc1
- version/ntp/4.2.8-p2-rc2
- version/ntp/4.2.8-p2-rc3
- version/ntp/4.2.8-p3
- version/ntp/4.2.8-p3-rc1
- version/ntp/4.2.8-p3-rc2
- version/ntp/4.2.8-p3-rc3
- version/ntp/4.2.8-p4
- version/ntp/4.2.8-p5
- canonical/siemens simatic tim 4r-ie
- vendor/netapp
- canonical/ibm data ontap
- canonical/netapp oncommand balance
- vendor/debian
- canonical/debian linux
- version/debian linux/8.0
- version/debian linux/9.0