Description
ntp-keygen in ntp 4.2.8px before 4.2.8p2-RC2 and 4.3.x before 4.3.12 does not generate MD5 keys with sufficient entropy on big endian machines when the lowest order byte of the temp variable is between 0x20 and 0x7f and not #, which might allow remote attackers to obtain the value of generated MD5 keys via a brute force attack with the 93 possible keys.
References (14)
Core 14
Core References
Third Party Advisory vendor-advisory
x_refsource_fedora
http://lists.fedoraproject.org/pipermail/package-announce/2015-April/156248.html
Third Party Advisory, VDB Entry vendor-advisory
x_refsource_redhat
http://rhn.redhat.com/errata/RHSA-2015-2231.html
Issue Tracking, Patch, Third Party Advisory, VDB Entry x_refsource_confirm
https://bugzilla.redhat.com/show_bug.cgi?id=1210324
Vendor Advisory x_refsource_confirm
http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html
Third Party Advisory vendor-advisory
x_refsource_debian
http://www.debian.org/security/2015/dsa-3388
Third Party Advisory vendor-advisory
x_refsource_suse
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00000.html
Third Party Advisory, VDB Entry vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/74045
Vendor Advisory x_refsource_confirm
http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html
Issue Tracking, Third Party Advisory, Vendor Advisory x_refsource_confirm
https://bugs.ntp.org/show_bug.cgi?id=2797
Third Party Advisory, VDB Entry vendor-advisory
x_refsource_redhat
http://rhn.redhat.com/errata/RHSA-2015-1459.html
Vendor Advisory x_refsource_confirm
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03886en_us
Third Party Advisory, Vendor Advisory x_refsource_confirm
http://bk1.ntp.org/ntp-stable/?PAGE=patch&REV=55199296N2gFqH1Hm5GOnhrk9Ypygg
Third Party Advisory vendor-advisory
x_refsource_debian
http://www.debian.org/security/2015/dsa-3223
Mailing List, Third Party Advisory mailing-list
x_refsource_mlist
http://www.openwall.com/lists/oss-security/2015/04/23/14
Scores
CVSS v3
7.5
EPSS
0.0529
EPSS Percentile
91.6%
Attack Vector
NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N
Details
CWE
CWE-331
Status
published
Products (26)
debian/debian_linux
7.0
debian/debian_linux
8.0
fedoraproject/fedora
21
ntp/ntp
4.2.8 p1 (3 CPE variants)
ntp/ntp
4.3.0
ntp/ntp
4.3.1
ntp/ntp
4.3.2
ntp/ntp
4.3.3
ntp/ntp
4.3.4
ntp/ntp
4.3.5
... and 16 more
Published
Aug 09, 2017
Tracked Since
Feb 18, 2026