CVE-2015-7871

Опубликовано: 21 окт. 2015

Источник: redhat

CVSS2: 6.4

Описание

Crypto-NAK packets in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to bypass authentication.

This issue did not affect the versions of ntp as shipped with Red Hat Enterprise Linux 5, 6, and 7.

Платформа	Пакет	Состояние
Red Hat Enterprise Linux 5	ntp	Not affected
Red Hat Enterprise Linux 6	ntp	Not affected
Red Hat Enterprise Linux 7	ntp	Not affected

Показывать по

Статус:

Important

Дефект:

CWE-305

https://bugzilla.redhat.com/show_bug.cgi?id=1274265ntp: crypto-NAK symmetric association authentication bypass vulnerability

6.4 Medium

CVSS2

CVE-2015-7871

CVSS3: 9.8

ubuntu

больше 8 лет назад

Crypto-NAK packets in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to bypass authentication.

CVE-2015-7871

CVSS3: 9.8

nvd

больше 8 лет назад

Crypto-NAK packets in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to bypass authentication.

CVE-2015-7871

CVSS3: 9.8

debian

больше 8 лет назад

Crypto-NAK packets in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x befo ...

GHSA-mxc3-mjx4-gjc9

CVSS3: 9.8

github

больше 3 лет назад

Crypto-NAK packets in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to bypass authentication.

BDU:2017-02015

fstec

больше 10 лет назад

Уязвимость пакетов Crypto-NAK демон-программы ntpd протокола сетевого времени NTP, позволяющая нарушителю обойти процедуру аутентификации

6.4 Medium

CVSS2