Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

ubuntu логотип

CVE-2015-3405

Опубликовано: 09 авг. 2017
Источник: ubuntu
Приоритет: medium
EPSS Низкий
CVSS2: 5
CVSS3: 7.5

Описание

ntp-keygen in ntp 4.2.8px before 4.2.8p2-RC2 and 4.3.x before 4.3.12 does not generate MD5 keys with sufficient entropy on big endian machines when the lowest order byte of the temp variable is between 0x20 and 0x7f and not #, which might allow remote attackers to obtain the value of generated MD5 keys via a brute force attack with the 93 possible keys.

РелизСтатусПримечание
devel

DNE

esm-infra-legacy/trusty

released

1:4.2.6.p5+dfsg-3ubuntu2.14.04.3
lucid

ignored

precise

released

1:4.2.6.p3+dfsg-1ubuntu3.4
trusty

released

1:4.2.6.p5+dfsg-3ubuntu2.14.04.3
trusty/esm

released

1:4.2.6.p5+dfsg-3ubuntu2.14.04.3
upstream

released

4.2.8p2
utopic

released

1:4.2.6.p5+dfsg-3ubuntu2.14.10.3
vivid

released

1:4.2.6.p5+dfsg-3ubuntu5

Показывать по

Ссылки на источники

EPSS

Процентиль: 90%
0.06205
Низкий

5 Medium

CVSS2

7.5 High

CVSS3

Связанные уязвимости

redhat логотип

CVE-2015-3405

redhat
больше 10 лет назад

ntp-keygen in ntp 4.2.8px before 4.2.8p2-RC2 and 4.3.x before 4.3.12 does not generate MD5 keys with sufficient entropy on big endian machines when the lowest order byte of the temp variable is between 0x20 and 0x7f and not #, which might allow remote attackers to obtain the value of generated MD5 keys via a brute force attack with the 93 possible keys.

nvd логотип

CVE-2015-3405

CVSS3: 7.5
nvd
больше 8 лет назад

ntp-keygen in ntp 4.2.8px before 4.2.8p2-RC2 and 4.3.x before 4.3.12 does not generate MD5 keys with sufficient entropy on big endian machines when the lowest order byte of the temp variable is between 0x20 and 0x7f and not #, which might allow remote attackers to obtain the value of generated MD5 keys via a brute force attack with the 93 possible keys.

debian логотип

CVE-2015-3405

CVSS3: 7.5
debian
больше 8 лет назад

ntp-keygen in ntp 4.2.8px before 4.2.8p2-RC2 and 4.3.x before 4.3.12 d ...

github логотип

GHSA-wwx9-mwhp-g8mc

CVSS3: 7.5
github
больше 3 лет назад

ntp-keygen in ntp 4.2.8px before 4.2.8p2-RC2 and 4.3.x before 4.3.12 does not generate MD5 keys with sufficient entropy on big endian machines when the lowest order byte of the temp variable is between 0x20 and 0x7f and not #, which might allow remote attackers to obtain the value of generated MD5 keys via a brute force attack with the 93 possible keys.

suse-cvrf логотип

SUSE-SU-2015:0865-1

suse-cvrf
больше 10 лет назад

Security update for ntp

EPSS

Процентиль: 90%
0.06205
Низкий

5 Medium

CVSS2

7.5 High

CVSS3