SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Generic)  >   Ntpd Vendors:   Mills, David L. et al
Ntpd MAC Checking Failure Lets Remote Users Bypass Authentication
SecurityTracker Alert ID:  1032032
SecurityTracker URL:  http://securitytracker.com/id/1032032
CVE Reference:   CVE-2015-1798   (Links to External Site)
Date:  Apr 7 2015
Impact:   Host/resource access via network
Fix Available:  Yes  Vendor Confirmed:  Yes  Exploit Included:  Yes  
Version(s): 4.2.5p99 and after, prior to 4.2.8p2
Description:   A vulnerability was reported in Ntpd. A remote user can bypass authentication on the target system.

When configured for symmetric key authentication, the system accepts packets that do not contain a message authentication code (MAC) as valid packets. A remote user with the ability to conduct a man-in-the-middle attack can send a specially crafted spoofed packet that does not contain a MAC value to bypass authentication.

Authentication using autokey is not affected.

Miroslav Lichvar of Red Hat reported this vulnerability.

Impact:   A remote user can bypass authentication on the target system.
Solution:   The vendor has issued a fix (4.2.8p2).

The vendor's advisory is available at:

http://support.ntp.org/bin/view/Main/SecurityNotice#ntpd_accepts_unauthenticated_pac

Vendor URL:  support.ntp.org/bin/view/Main/SecurityNotice#ntpd_accepts_unauthenticated_pac (Links to External Site)
Cause:   Authentication error
Underlying OS:  Linux (Any), UNIX (Any)

Message History:   This archive entry has one or more follow-up message(s) listed below.
Apr 7 2015 (FreeBSD Issues Fix) Ntpd MAC Checking Failure Lets Remote Users Bypass Authentication
FreeBSD has issued a fix for FeeBSD 8.4, 9.3, and 10.1.
Apr 10 2015 (Cisco Issues Fix for Cisco WebEx Meetings Server) Ntpd MAC Checking Failure Lets Remote Users Bypass Authentication
Cisco has issued a fix for Cisco WebEx Meetings Server.
Apr 10 2015 (Cisco Issues Advisory for Cisco IOS/IOS XE) Ntpd MAC Checking Failure Lets Remote Users Bypass Authentication
Cisco has issued an advisory for Cisco IOS and IOS XE.
Apr 10 2015 (Cisco Issues Advisory for Cisco ASA CX) Ntpd MAC Checking Failure Lets Remote Users Bypass Authentication
Cisco has issued an advisory for Cisco ASA CX.
Apr 10 2015 (Cisco Issues Advisory for Cisco Prime Security Manager) Ntpd MAC Checking Failure Lets Remote Users Bypass Authentication
Cisco has issued an advisory for Cisco Prime Security Manager.
Apr 10 2015 (Cisco Issues Advisory for Cisco Intrusion Prevention System) Ntpd MAC Checking Failure Lets Remote Users Bypass Authentication
Cisco has issued an advisory for Cisco Intrusion Prevention System.
Apr 10 2015 (Cisco Issues Advisory for Cisco Prime Collaboration Assurance) Ntpd MAC Checking Failure Lets Remote Users Bypass Authentication
Cisco has issued an advisory for Cisco Prime Collaboration Assurance.
Apr 10 2015 (Cisco Issues Advisory for Cisco UCS Central) Ntpd MAC Checking Failure Lets Remote Users Bypass Authentication
Cisco has issued an advisory for Cisco UCS Central.
Apr 10 2015 (Cisco Issues Advisory for Cisco MDS 9000) Ntpd MAC Checking Failure Lets Remote Users Bypass Authentication
Cisco has issued an advisory for Cisco MDS 9000.
Apr 10 2015 (Cisco Issues Fix for Cisco Nexus 1000V/7000) Ntpd MAC Checking Failure Lets Remote Users Bypass Authentication
Cisco has issued an advisory for Cisco Nexus 1000V and 7000.
Apr 14 2015 (Ubuntu Issues Fix) Ntpd MAC Checking Failure Lets Remote Users Bypass Authentication
Ubuntu has issued a fix for Ubuntu 12.04 LTS, 14.04 LTS, and 14.10.
May 5 2015 (McAfee Issues Fix for McAfee Asset Manager) Ntpd MAC Checking Failure Lets Remote Users Bypass Authentication
McAfee has issued a fix for McAfee Asset Manager.
May 20 2015 (HP Issues Fix for HP-UX) Ntpd MAC Checking Failure Lets Remote Users Bypass Authentication
HP has issued a fix for HP-UX 11.31.
Jul 11 2015 (McAfee Issues Fix for McAfee Firewall Enterprise) Ntpd MAC Checking Failure Lets Remote Users Bypass Authentication
McAfee has issued a fix for McAfee Firewall Enterprise.
Jul 24 2015 (Red Hat Issues Fix) Ntpd MAC Checking Failure Lets Remote Users Bypass Authentication
Red Hat has issued a fix for Red Hat Enterprise Linux 6.
Nov 24 2015 (Oracle Issues Fix for Oracle Linux) Ntpd MAC Checking Failure Lets Remote Users Bypass Authentication
Oracle has issued a fix for Oracle Linux 7.
Nov 25 2015 (Red Hat Issues Fix) Ntpd MAC Checking Failure Lets Remote Users Bypass Authentication
Red Hat has issued a fix for Red Hat Enterprise Linux 7.



 Source Message Contents



[Original Message Not Available for Viewing]


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2019, SecurityGlobal.net LLC