CVE-2015-3405

HIGH

ntp <4.2.8p2-RC2, <4.3.12 - Info Disclosure

Title source: llm
STIX 2.1

Description

ntp-keygen in ntp 4.2.8px before 4.2.8p2-RC2 and 4.3.x before 4.3.12 does not generate MD5 keys with sufficient entropy on big endian machines when the lowest order byte of the temp variable is between 0x20 and 0x7f and not #, which might allow remote attackers to obtain the value of generated MD5 keys via a brute force attack with the 93 possible keys.

References (14)

Core 14
Core References
Third Party Advisory vendor-advisory x_refsource_fedora
http://lists.fedoraproject.org/pipermail/package-announce/2015-April/156248.html
Third Party Advisory, VDB Entry vendor-advisory x_refsource_redhat
http://rhn.redhat.com/errata/RHSA-2015-2231.html
Issue Tracking, Patch, Third Party Advisory, VDB Entry x_refsource_confirm
https://bugzilla.redhat.com/show_bug.cgi?id=1210324
Third Party Advisory vendor-advisory x_refsource_debian
http://www.debian.org/security/2015/dsa-3388
Third Party Advisory vendor-advisory x_refsource_suse
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00000.html
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/74045
Issue Tracking, Third Party Advisory, Vendor Advisory x_refsource_confirm
https://bugs.ntp.org/show_bug.cgi?id=2797
Third Party Advisory, VDB Entry vendor-advisory x_refsource_redhat
http://rhn.redhat.com/errata/RHSA-2015-1459.html
Third Party Advisory, Vendor Advisory x_refsource_confirm
http://bk1.ntp.org/ntp-stable/?PAGE=patch&REV=55199296N2gFqH1Hm5GOnhrk9Ypygg
Third Party Advisory vendor-advisory x_refsource_debian
http://www.debian.org/security/2015/dsa-3223
Mailing List, Third Party Advisory mailing-list x_refsource_mlist
http://www.openwall.com/lists/oss-security/2015/04/23/14

Scores

CVSS v3 7.5
EPSS 0.0529
EPSS Percentile 91.6%
Attack Vector NETWORK
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N

Details

CWE
CWE-331
Status published
Products (26)
debian/debian_linux 7.0
debian/debian_linux 8.0
fedoraproject/fedora 21
ntp/ntp 4.2.8 p1 (3 CPE variants)
ntp/ntp 4.3.0
ntp/ntp 4.3.1
ntp/ntp 4.3.2
ntp/ntp 4.3.3
ntp/ntp 4.3.4
ntp/ntp 4.3.5
... and 16 more
Published Aug 09, 2017
Tracked Since Feb 18, 2026