CVE-2015-7974

HIGH

NTP <4.2.8p6-4.3.90 - Privilege Escalation

Title source: llm

Description

NTP 4.x before 4.2.8p6 and 4.3.x before 4.3.90 do not verify peer associations of symmetric keys when authenticating packets, which might allow remote attackers to conduct impersonation attacks via an arbitrary trusted key, aka a "skeleton key."

References (14)

[Issue Tracking, Vendor Advisory] http://bugs.ntp.org/show_bug.cgi?id=2936

[Third Party Advisory] http://rhn.redhat.com/errata/RHSA-2016-2583.html

[Vendor Advisory] http://support.ntp.org/bin/view/Main/NtpBug2936

[Third Party Advisory] http://www.debian.org/security/2016/dsa-3629

[Third Party Advisory, VDB Entry] http://www.securityfocus.com/bid/81960

[Third Party Advisory, VDB Entry] http://www.securitytracker.com/id/1034782

[Exploit, Third Party Advisory] http://www.talosintel.com/reports/TALOS-2016-0071/

[Third Party Advisory] https://cert-portal.siemens.com/productcert/pdf/ssa-497656.pdf

[Third Party Advisory] https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03750en_us

[Third Party Advisory] https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03766en_us

[Third Party Advisory] https://security.FreeBSD.org/advisories/FreeBSD-SA-16:09.ntp.asc

[Third Party Advisory] https://security.gentoo.org/glsa/201607-15

[Third Party Advisory] https://security.netapp.com/advisory/ntap-20171031-0001/

[Third Party Advisory, US Government Resource] https://us-cert.cisa.gov/ics/advisories/icsa-21-103-11

Scores

CVSS v3 7.7

EPSS 0.0783

EPSS Percentile 91.9%

Attack Vector NETWORK

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:N

Classification

CWE

CWE-287

Status draft

Affected Products (26)

ntp/ntp < 4.2.8

ntp/ntp

... and 11 more

Timeline

Published Jan 26, 2016

Tracked Since Feb 18, 2026