CVE-2015-7871

HIGH

Description

Crypto-NAK packets in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to bypass authentication.

References

https://bugzilla.redhat.com/show_bug.cgi?id=1274265

http://www.securityfocus.com/bid/77287

http://support.ntp.org/bin/view/Main/NtpBug2941

https://security.gentoo.org/glsa/201607-15

https://security.gentoo.org/glsa/201604-03

https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05270839

http://www.securitytracker.com/id/1033951

http://www.debian.org/security/2015/dsa-3388

https://security.netapp.com/advisory/ntap-20171004-0001/

https://cert-portal.siemens.com/productcert/pdf/ssa-497656.pdf

Details

Source: MITRE

Published: 2017-08-07

Updated: 2021-04-13

Type: CWE-287

Risk Information

CVSS v2.0

Base Score: 7.5

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Impact Score: 6.4

Exploitability Score: 10

Severity: HIGH

CVSS v3.0

Base Score: 9.8

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Impact Score: 5.9

Exploitability Score: 3.9

Severity: CRITICAL

Vulnerable Software

Configuration 1

OR

cpe:2.3:a:ntp:ntp:4.2.5:p186:*:*:*:*:*:*

cpe:2.3:a:ntp:ntp:4.2.5:p187:*:*:*:*:*:*

cpe:2.3:a:ntp:ntp:4.2.5:p188:*:*:*:*:*:*

cpe:2.3:a:ntp:ntp:4.2.5:p189:*:*:*:*:*:*

cpe:2.3:a:ntp:ntp:4.2.5:p190:*:*:*:*:*:*

cpe:2.3:a:ntp:ntp:4.2.5:p191:*:*:*:*:*:*

cpe:2.3:a:ntp:ntp:4.2.5:p192:*:*:*:*:*:*

cpe:2.3:a:ntp:ntp:4.2.5:p193:*:*:*:*:*:*

cpe:2.3:a:ntp:ntp:4.2.5:p194:*:*:*:*:*:*

cpe:2.3:a:ntp:ntp:4.2.5:p195:*:*:*:*:*:*

cpe:2.3:a:ntp:ntp:4.2.5:p196:*:*:*:*:*:*

cpe:2.3:a:ntp:ntp:4.2.5:p197:*:*:*:*:*:*

cpe:2.3:a:ntp:ntp:4.2.5:p198:*:*:*:*:*:*

cpe:2.3:a:ntp:ntp:4.2.5:p199:*:*:*:*:*:*

cpe:2.3:a:ntp:ntp:4.2.5:p200:*:*:*:*:*:*

cpe:2.3:a:ntp:ntp:4.2.5:p201:*:*:*:*:*:*

cpe:2.3:a:ntp:ntp:4.2.5:p202:*:*:*:*:*:*

cpe:2.3:a:ntp:ntp:4.2.5:p203:*:*:*:*:*:*

cpe:2.3:a:ntp:ntp:4.2.5:p204:*:*:*:*:*:*

cpe:2.3:a:ntp:ntp:4.2.5:p205:*:*:*:*:*:*

cpe:2.3:a:ntp:ntp:4.2.5:p206:*:*:*:*:*:*

cpe:2.3:a:ntp:ntp:4.2.5:p207:*:*:*:*:*:*

cpe:2.3:a:ntp:ntp:4.2.5:p208:*:*:*:*:*:*

cpe:2.3:a:ntp:ntp:4.2.5:p209:*:*:*:*:*:*

cpe:2.3:a:ntp:ntp:4.2.5:p210:*:*:*:*:*:*

cpe:2.3:a:ntp:ntp:4.2.5:p211:*:*:*:*:*:*

cpe:2.3:a:ntp:ntp:4.2.5:p212:*:*:*:*:*:*

cpe:2.3:a:ntp:ntp:4.2.5:p213:*:*:*:*:*:*

cpe:2.3:a:ntp:ntp:4.2.5:p214:*:*:*:*:*:*

cpe:2.3:a:ntp:ntp:4.2.5:p215:*:*:*:*:*:*

cpe:2.3:a:ntp:ntp:4.2.5:p216:*:*:*:*:*:*

cpe:2.3:a:ntp:ntp:4.2.5:p217:*:*:*:*:*:*

cpe:2.3:a:ntp:ntp:4.2.5:p218:*:*:*:*:*:*

cpe:2.3:a:ntp:ntp:4.2.5:p219:*:*:*:*:*:*

cpe:2.3:a:ntp:ntp:4.2.5:p220:*:*:*:*:*:*

cpe:2.3:a:ntp:ntp:4.2.5:p221:*:*:*:*:*:*

cpe:2.3:a:ntp:ntp:4.2.5:p222:*:*:*:*:*:*

cpe:2.3:a:ntp:ntp:4.2.5:p223:*:*:*:*:*:*

cpe:2.3:a:ntp:ntp:4.2.5:p224:*:*:*:*:*:*

cpe:2.3:a:ntp:ntp:4.2.5:p225:*:*:*:*:*:*

cpe:2.3:a:ntp:ntp:4.2.5:p226:*:*:*:*:*:*

cpe:2.3:a:ntp:ntp:4.2.5:p227:*:*:*:*:*:*

cpe:2.3:a:ntp:ntp:4.2.5:p228:*:*:*:*:*:*

cpe:2.3:a:ntp:ntp:4.2.5:p229:*:*:*:*:*:*

cpe:2.3:a:ntp:ntp:4.2.5:p230:*:*:*:*:*:*

cpe:2.3:a:ntp:ntp:4.2.5:p231_rc1:*:*:*:*:*:*

cpe:2.3:a:ntp:ntp:4.2.5:p232_rc1:*:*:*:*:*:*

cpe:2.3:a:ntp:ntp:4.2.5:p233_rc1:*:*:*:*:*:*

cpe:2.3:a:ntp:ntp:4.2.5:p234_rc1:*:*:*:*:*:*

cpe:2.3:a:ntp:ntp:4.2.5:p235_rc1:*:*:*:*:*:*

cpe:2.3:a:ntp:ntp:4.2.5:p236_rc1:*:*:*:*:*:*

cpe:2.3:a:ntp:ntp:4.2.5:p237_rc1:*:*:*:*:*:*

cpe:2.3:a:ntp:ntp:4.2.5:p238_rc1:*:*:*:*:*:*

cpe:2.3:a:ntp:ntp:4.2.5:p239_rc1:*:*:*:*:*:*

cpe:2.3:a:ntp:ntp:4.2.5:p240_rc1:*:*:*:*:*:*

cpe:2.3:a:ntp:ntp:4.2.5:p241_rc1:*:*:*:*:*:*

cpe:2.3:a:ntp:ntp:4.2.5:p242_rc1:*:*:*:*:*:*

cpe:2.3:a:ntp:ntp:4.2.5:p243_rc1:*:*:*:*:*:*

cpe:2.3:a:ntp:ntp:4.2.5:p244_rc1:*:*:*:*:*:*

cpe:2.3:a:ntp:ntp:4.2.5:p245_rc1:*:*:*:*:*:*

cpe:2.3:a:ntp:ntp:4.2.5:p246_rc1:*:*:*:*:*:*

cpe:2.3:a:ntp:ntp:4.2.5:p247_rc1:*:*:*:*:*:*

cpe:2.3:a:ntp:ntp:4.2.5:p248_rc1:*:*:*:*:*:*

cpe:2.3:a:ntp:ntp:4.2.5:p249_rc1:*:*:*:*:*:*

cpe:2.3:a:ntp:ntp:4.2.5:p250_rc1:*:*:*:*:*:*

cpe:2.3:a:ntp:ntp:*:*:*:*:*:*:*:*

cpe:2.3:a:ntp:ntp:4.2.8:p1:*:*:*:*:*:*

cpe:2.3:a:ntp:ntp:4.2.8:p1-beta1:*:*:*:*:*:*

cpe:2.3:a:ntp:ntp:4.2.8:p1-beta2:*:*:*:*:*:*

cpe:2.3:a:ntp:ntp:4.2.8:p1-beta3:*:*:*:*:*:*

cpe:2.3:a:ntp:ntp:4.2.8:p1-beta4:*:*:*:*:*:*

cpe:2.3:a:ntp:ntp:4.2.8:p1-beta5:*:*:*:*:*:*

cpe:2.3:a:ntp:ntp:4.2.8:p1-rc1:*:*:*:*:*:*

cpe:2.3:a:ntp:ntp:4.2.8:p1-rc2:*:*:*:*:*:*

cpe:2.3:a:ntp:ntp:4.2.8:p2:*:*:*:*:*:*

cpe:2.3:a:ntp:ntp:4.2.8:p2-rc1:*:*:*:*:*:*

cpe:2.3:a:ntp:ntp:4.2.8:p2-rc2:*:*:*:*:*:*

cpe:2.3:a:ntp:ntp:4.2.8:p2-rc3:*:*:*:*:*:*

cpe:2.3:a:ntp:ntp:4.2.8:p3:*:*:*:*:*:*

cpe:2.3:a:ntp:ntp:4.2.8:p3-rc1:*:*:*:*:*:*

cpe:2.3:a:ntp:ntp:4.2.8:p3-rc2:*:*:*:*:*:*

cpe:2.3:a:ntp:ntp:4.2.8:p3-rc3:*:*:*:*:*:*

cpe:2.3:a:ntp:ntp:*:*:*:*:*:*:*:*

Configuration 2

OR

cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*

cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*

cpe:2.3:o:debian:debian_linux:9.0:*:*:*:*:*:*:*

Configuration 3

OR

cpe:2.3:a:netapp:oncommand_balance:-:*:*:*:*:*:*:*

cpe:2.3:a:netapp:oncommand_performance_manager:-:*:*:*:*:*:*:*

cpe:2.3:a:netapp:oncommand_unified_manager:-:*:*:*:*:clustered_data_ontap:*:*

cpe:2.3:o:netapp:clustered_data_ontap:-:*:*:*:*:*:*:*

cpe:2.3:o:netapp:data_ontap:-:*:*:*:*:7-mode:*:*

Tenable Plugins

View all (24 total)

IDNameProductFamilySeverity
129259EulerOS 2.0 SP3 : ntp (EulerOS-SA-2019-2066)NessusHuawei Local Security Checks
high
126847EulerOS 2.0 SP2 : ntp (EulerOS-SA-2019-1719)NessusHuawei Local Security Checks
high
125010EulerOS Virtualization 3.0.1.0 : ntp (EulerOS-SA-2019-1557)NessusHuawei Local Security Checks
high
123908EulerOS Virtualization 2.5.3 : ntp (EulerOS-SA-2019-1222)NessusHuawei Local Security Checks
high
106497pfSense < 2.2.5 Multiple Vulnerabilities (SA-15_08)NessusFirewalls
high
93186SUSE SLES10 Security Update : ntp (SUSE-SU-2016:1912-1)NessusSuSE Local Security Checks
high
92485GLSA-201607-15 : NTP: Multiple vulnerabilitiesNessusGentoo Local Security Checks
high
91403openSUSE Security Update : ntp (openSUSE-2016-649)NessusSuSE Local Security Checks
high
91248SUSE SLES11 Security Update : ntp (SUSE-SU-2016:1311-1)NessusSuSE Local Security Checks
high
90991SUSE SLED12 / SLES12 Security Update : ntp (SUSE-SU-2016:1247-1)NessusSuSE Local Security Checks
high
90380GLSA-201604-03 : Xen: Multiple vulnerabilities (Venom)NessusGentoo Local Security Checks
high
89510Fedora 22 : ntp-4.2.6p5-36.fc22 (2016-34bc10a2c8)NessusFedora Local Security Checks
high
89461Fedora 23 : ntp-4.2.6p5-34.fc23 (2015-f5f5ec7b6b)NessusFedora Local Security Checks
high
89288Fedora 21 : ntp-4.2.6p5-34.fc21 (2015-77bfbc1bcd)NessusFedora Local Security Checks
high
88439F5 Networks BIG-IP : NTP vulnerability (SOL17518)NessusF5 Networks Local Security Checks
high
87010SUSE SLED11 / SLES11 Security Update : ntp (SUSE-SU-2015:2058-1)NessusSuSE Local Security Checks
high
86964openSUSE Security Update : ntp (openSUSE-2015-767)NessusSuSE Local Security Checks
high
86682Debian DSA-3388-1 : ntp - security updateNessusDebian Local Security Checks
high
86664Slackware 13.0 / 13.1 / 13.37 / 14.0 / 14.1 / current : ntp (SSA:2015-302-03)NessusSlackware Local Security Checks
high
86640Debian DLA-335-1 : ntp security updateNessusDebian Local Security Checks
high
86638Amazon Linux AMI : ntp (ALAS-2015-607)NessusAmazon Linux Local Security Checks
high
86631Network Time Protocol Daemon (ntpd) 3.x / 4.x < 4.2.8p4 Multiple VulnerabilitiesNessusMisc.
high
86630Ubuntu 12.04 LTS / 14.04 LTS / 15.04 / 15.10 : ntp vulnerabilities (USN-2783-1)NessusUbuntu Local Security Checks
high
86519FreeBSD : ntp -- 13 low- and medium-severity vulnerabilities (c4a18a12-77fc-11e5-a687-206a8a720317)NessusFreeBSD Local Security Checks
high