CVE-2014-9294

HIGH

Description

util/ntp-keygen.c in ntp-keygen in NTP before 4.2.7p230 uses a weak RNG seed, which makes it easier for remote attackers to defeat cryptographic protection mechanisms via a brute-force attack.

References

http://advisories.mageia.org/MGASA-2014-0541.html

http://bk1.ntp.org/ntp-dev/util/ntp-keygen.c?PAGE=diffs&REV=4eae1b72298KRoBQmX-y8URCiRPH5g

http://bugs.ntp.org/show_bug.cgi?id=2666

http://marc.info/?l=bugtraq&m=142469153211996&w=2

http://marc.info/?l=bugtraq&m=142590659431171&w=2

http://marc.info/?l=bugtraq&m=142853370924302&w=2

http://marc.info/?l=bugtraq&m=144182594518755&w=2

http://rhn.redhat.com/errata/RHSA-2014-2025.html

http://rhn.redhat.com/errata/RHSA-2015-0104.html

http://secunia.com/advisories/62209

http://support.ntp.org/bin/view/Main/SecurityNotice

http://www.kb.cert.org/vuls/id/852879

http://www.mandriva.com/security/advisories?name=MDVSA-2015:003

http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html

http://www.securityfocus.com/bid/71762

https://bugzilla.redhat.com/show_bug.cgi?id=1176035

https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04790232

https://h20564.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c04916783

https://kc.mcafee.com/corporate/index?page=content&id=SB10103

https://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20141222-ntpd

Details

Source: MITRE

Published: 2014-12-20

Updated: 2017-01-03

Type: NVD-CWE-Other

Risk Information

CVSS v2.0

Base Score: 7.5

Vector: (AV:N/AC:L/Au:N/C:P/I:P/A:P)

Impact Score: 6.4

Exploitability Score: 10

Severity: HIGH

Tenable Plugins

View all (43 total)

ID	Name	Product	Family	Severity
105085	Check Point Gaia Operating System < R77.20 Multiple NTP Client Vulnerabilities (sk103825)	Nessus	Firewalls	high
92384	F5 Networks BIG-IP : NTP vulnerability (SOL15935)	Nessus	F5 Networks Local Security Checks	high
83877	Cisco Prime LAN Management Solution ntpd Multiple Vulnerabilities	Nessus	CISCO	high
83876	Cisco Prime Data Center Network Manager ntpd Multiple Vulnerabilities (uncredentialed check)	Nessus	CISCO	high
83685	SUSE SLES10 Security Update : xntp (SUSE-SU-2015:0322-1)	Nessus	SuSE Local Security Checks	high
82683	HP-UX PHNE_44236 : s700_800 11.23 NTP timeservices upgrade plus utilities	Nessus	HP-UX Local Security Checks	high
82682	HP-UX PHNE_44235 : s700_800 11.11 NTP timeservices upgrade plus utilities	Nessus	HP-UX Local Security Checks	high
82393	Mandriva Linux Security Advisory : ntp (MDVSA-2015:140)	Nessus	Mandriva Local Security Checks	high
82099	Debian DLA-116-1 : ntp security update	Nessus	Debian Local Security Checks	high
81981	Network Time Protocol Daemon (ntpd) 4.x < 4.2.8p1 Multiple Vulnerabilities	Nessus	Misc.	high
81980	Cisco Prime Security Manager Network Time Protocol Daemon (ntpd) Multiple Vulnerabilities (cisco-sa-20141222-ntpd)	Nessus	CGI abuses	high
81913	Cisco IOS XR NCS 6000 Multiple ntpd Vulnerabilities	Nessus	CISCO	high
81912	Cisco IOS XR Multiple ntpd Vulnerabilities	Nessus	CISCO	high
81911	Cisco NX-OS Multiple ntpd Vulnerabilities	Nessus	CISCO	high
81313	SuSE 11.3 Security Update : ntp (SAT Patch Number 10293)	Nessus	SuSE Local Security Checks	high
81275	AIX 7.1 TL 3 : ntp (IV68430)	Nessus	AIX Local Security Checks	high
81274	AIX 7.1 TL 2 : ntp (IV68429)	Nessus	AIX Local Security Checks	high
81273	AIX 6.1 TL 9 : ntp (IV68428)	Nessus	AIX Local Security Checks	high
81272	AIX 5.3 TL 12 : ntp (IV68427)	Nessus	AIX Local Security Checks	high
81271	AIX 6.1 TL 8 : ntp (IV68426)	Nessus	AIX Local Security Checks	high
81071	RHEL 6 : ntp (RHSA-2015:0104)	Nessus	Red Hat Local Security Checks	high
80934	Oracle Solaris Third-Party Patch Update : ntp (multiple_vulnerabilities_in_ntp)	Nessus	Solaris Local Security Checks	high
80395	OracleVM 2.2 : ntp (OVMSA-2015-0002)	Nessus	OracleVM Local Security Checks	high
80394	OracleVM 3.2 : ntp (OVMSA-2015-0001)	Nessus	OracleVM Local Security Checks	high
80384	Mandriva Linux Security Advisory : ntp (MDVSA-2015:003)	Nessus	Mandriva Local Security Checks	high
80310	Fedora 19 : ntp-4.2.6p5-13.fc19 (2014-17395)	Nessus	Fedora Local Security Checks	high
80248	OracleVM 3.3 : ntp (OVMSA-2014-0085)	Nessus	OracleVM Local Security Checks	high
80239	GLSA-201412-34 : NTP: Multiple vulnerabilities	Nessus	Gentoo Local Security Checks	high
80237	Fedora 21 : ntp-4.2.6p5-25.fc21 (2014-17367)	Nessus	Fedora Local Security Checks	high
80218	Ubuntu 10.04 LTS / 12.04 LTS / 14.04 LTS / 14.10 : ntp vulnerabilities (USN-2449-1)	Nessus	Ubuntu Local Security Checks	high
80208	Debian DSA-3108-1 : ntp - security update	Nessus	Debian Local Security Checks	high
80204	Slackware 13.0 / 13.1 / 13.37 / 14.0 / 14.1 / current : ntp (SSA:2014-356-01)	Nessus	Slackware Local Security Checks	high
80164	Scientific Linux Security Update : ntp on SL6.x, SL7.x i386/x86_64	Nessus	Scientific Linux Local Security Checks	high
80163	Scientific Linux Security Update : ntp on SL5.x i386/x86_64	Nessus	Scientific Linux Local Security Checks	high
80161	RHEL 5 : ntp (RHSA-2014:2025)	Nessus	Red Hat Local Security Checks	high
80160	RHEL 6 / 7 : ntp (RHSA-2014:2024)	Nessus	Red Hat Local Security Checks	high
80155	Oracle Linux 5 : ntp (ELSA-2014-2025)	Nessus	Oracle Linux Local Security Checks	high
80154	Oracle Linux 6 / 7 : ntp (ELSA-2014-2024)	Nessus	Oracle Linux Local Security Checks	high
80149	FreeBSD : ntp -- multiple vulnerabilities (4033d826-87dd-11e4-9079-3c970e169bc2)	Nessus	FreeBSD Local Security Checks	high
80147	Fedora 20 : ntp-4.2.6p5-19.fc20 (2014-17361)	Nessus	Fedora Local Security Checks	high
80125	CentOS 5 : ntp (CESA-2014:2025)	Nessus	CentOS Local Security Checks	high
80124	CentOS 6 / 7 : ntp (CESA-2014:2024)	Nessus	CentOS Local Security Checks	high
80122	Amazon Linux AMI : ntp (ALAS-2014-462)	Nessus	Amazon Linux Local Security Checks	high