Vulnerability Details : CVE-2015-3405
ntp-keygen in ntp 4.2.8px before 4.2.8p2-RC2 and 4.3.x before 4.3.12 does not generate MD5 keys with sufficient entropy on big endian machines when the lowest order byte of the temp variable is between 0x20 and 0x7f and not #, which might allow remote attackers to obtain the value of generated MD5 keys via a brute force attack with the 93 possible keys.
Products affected by CVE-2015-3405
- cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
- cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_for_scientific_computing:6.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_for_power_big_endian:6.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_for_ibm_z_systems:6.0:*:*:*:*:*:*:*
- cpe:2.3:o:redhat:enterprise_linux_server_from_rhui_6:6.0:*:*:*:*:*:*:*
- cpe:2.3:o:suse:suse_linux_enterprise_server:11.0:sp3:*:*:*:vmware:*:*
- cpe:2.3:a:ntp:ntp:4.3.0:*:*:*:*:*:*:*
- cpe:2.3:a:ntp:ntp:4.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:ntp:ntp:4.3.8:*:*:*:*:*:*:*
- cpe:2.3:a:ntp:ntp:4.3.9:*:*:*:*:*:*:*
- cpe:2.3:a:ntp:ntp:4.3.6:*:*:*:*:*:*:*
- cpe:2.3:a:ntp:ntp:4.3.7:*:*:*:*:*:*:*
- cpe:2.3:a:ntp:ntp:4.2.8:p2-rc1:*:*:*:*:*:*
- cpe:2.3:a:ntp:ntp:4.3.2:*:*:*:*:*:*:*
- cpe:2.3:a:ntp:ntp:4.3.3:*:*:*:*:*:*:*
- cpe:2.3:a:ntp:ntp:4.3.10:*:*:*:*:*:*:*
- cpe:2.3:a:ntp:ntp:4.3.11:*:*:*:*:*:*:*
- cpe:2.3:a:ntp:ntp:4.3.4:*:*:*:*:*:*:*
- cpe:2.3:a:ntp:ntp:4.3.5:*:*:*:*:*:*:*
- cpe:2.3:a:ntp:ntp:4.2.8:p1:*:*:*:*:*:*
- cpe:2.3:a:ntp:ntp:4.2.8:p2:*:*:*:*:*:*
- cpe:2.3:o:fedoraproject:fedora:21:*:*:*:*:*:*:*
- cpe:2.3:o:opensuse:suse_linux_enterprise_server:11.0:sp3:*:*:*:*:*:*
- cpe:2.3:o:opensuse_project:suse_linux_enterprise_desktop:11.0:sp3:*:*:*:*:*:*
Exploit prediction scoring system (EPSS) score for CVE-2015-3405
0.87%
Probability of exploitation activity in the next 30 days
EPSS Score History
~ 82 %
Percentile, the proportion of vulnerabilities that are scored at or less
CVSS scores for CVE-2015-3405
Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source | First Seen |
---|---|---|---|---|---|---|
5.0
|
MEDIUM | AV:N/AC:L/Au:N/C:P/I:N/A:N |
10.0
|
2.9
|
NIST | |
7.5
|
HIGH | CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N |
3.9
|
3.6
|
NIST |
CWE ids for CVE-2015-3405
-
The product uses an algorithm or scheme that produces insufficient entropy, leaving patterns or clusters of values that are more likely to occur than others.Assigned by: nvd@nist.gov (Primary)
References for CVE-2015-3405
-
http://rhn.redhat.com/errata/RHSA-2015-1459.html
RHSA-2015:1459 - Security Advisory - Red Hat Customer PortalThird Party Advisory;VDB Entry
-
http://www.securityfocus.com/bid/74045
NTP 'ntp-keygen.c' Predictable Random Number Generator WeaknessThird Party Advisory;VDB Entry
-
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00000.html
[security-announce] SUSE-SU-2015:1173-1: important: Security update forThird Party Advisory
-
http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.html
Oracle Solaris Third Party Bulletin - April 2015
-
https://bugs.ntp.org/show_bug.cgi?id=2797
Bug 2797 – ntp-keygen trapped in endless loop for MD5 keys on big-endian machinesIssue Tracking;Third Party Advisory;Vendor Advisory
-
http://rhn.redhat.com/errata/RHSA-2015-2231.html
RHSA-2015:2231 - Security Advisory - Red Hat Customer PortalThird Party Advisory;VDB Entry
-
http://www.openwall.com/lists/oss-security/2015/04/23/14
oss-security - Re: CVE request: ntp-keygen may generate non-random symmetric keys on big-endian systemsMailing List;Third Party Advisory
-
http://www.debian.org/security/2015/dsa-3388
Debian -- Security Information -- DSA-3388-1 ntpThird Party Advisory
-
http://lists.fedoraproject.org/pipermail/package-announce/2015-April/156248.html
[SECURITY] Fedora 21 Update: ntp-4.2.6p5-30.fc21Third Party Advisory
-
http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.html
Oracle Linux Bulletin - October 2015
-
https://bugzilla.redhat.com/show_bug.cgi?id=1210324
1210324 – (CVE-2015-3405) CVE-2015-3405 ntp: ntp-keygen may generate non-random symmetric keys on big-endian systemsIssue Tracking;Patch;Third Party Advisory;VDB Entry
-
http://bk1.ntp.org/ntp-stable/?PAGE=patch&REV=55199296N2gFqH1Hm5GOnhrk9Ypygg
All diffs for ChangeSet 1.3308.4.1Third Party Advisory;Vendor Advisory
-
https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03886en_us
HPESBHF03886 rev.1 - HPE Comware 5 and Comware 7 Switches and Routers using NTP, Remote Denial of Service
-
http://www.debian.org/security/2015/dsa-3223
Debian -- Security Information -- DSA-3223-1 ntpThird Party Advisory
Jump to