Vulnerability   
Search   
    Search 219043 CVE descriptions
and 99761 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.0.105668
Category:CISCO
Title:Multiple Vulnerabilities in ntpd Affecting Cisco Products - October 2015
Summary:Multiple Cisco products incorporate a version of the ntpd package.; Versions of this package are affected by one or more vulnerabilities that could allow an unauthenticated,; remote attacker to create a denial of service (DoS) condition or modify the time being advertised by a; device acting as a network time protocol (NTP) server.;; On October 21st, 2015, NTP.org released a security advisory detailing 13 issues regarding multiple DoS; vulnerabilities, information disclosure vulnerabilities, and logic issues that may result in an attacker; gaining the ability to modify an NTP server's advertised time. The vulnerabilities covered in this document are as follows:;; - CVE-2015-7691 - Denial of Service AutoKey Malicious Message;; - CVE-2015-7692 - Denial of Service AutoKey Malicious Message;; - CVE-2015-7701 - Denial of Service CRYPTO_ASSOC Memory Leak;; - CVE-2015-7702 - Denial of Service AutoKey Malicious Message;; - CVE-2015-7703 - Configuration Directive File Overwrite Vulnerability;; - CVE-2015-7704 - Denial of Service by Spoofed Kiss-o'-Death;; - CVE-2015-7705 - Denial of Service by Priming the Pump;; - CVE-2015-7848 - Network Time Protocol ntpd Multiple Integer Overflow Read Access Violations;; - CVE-2015-7849 - Network Time Protocol Trusted Keys Memory Corruption Vulnerability;; - CVE-2015-7850 - Network Time Protocol Remote Configuration Denial of Service Vulnerability;; - CVE-2015-7851 - Network Time Protocol ntpd saveconfig Directory Traversal Vulnerability;; - CVE-2015-7852 - Network Time Protocol ntpq atoascii Memory Corruption Vulnerability;; - CVE-2015-7853 - Network Time Protocol Reference Clock Memory Corruption Vulnerability;; - CVE-2015-7854 - Network Time Protocol Password Length Memory Corruption Vulnerability;; - CVE-2015-7855 - Denial of Service Long Control Packet Message;; - CVE-2015-7871 - NAK to the Future: NTP Symmetric Association Authentication Bypass Vulnerability;; Cisco will release software updates that address these vulnerabilities.;; Workarounds that mitigate one or more of the vulnerabilities may be available for certain products, please see the individual Cisco Bug IDs for details.
Description:Summary:
Multiple Cisco products incorporate a version of the ntpd package.
Versions of this package are affected by one or more vulnerabilities that could allow an unauthenticated,
remote attacker to create a denial of service (DoS) condition or modify the time being advertised by a
device acting as a network time protocol (NTP) server.

On October 21st, 2015, NTP.org released a security advisory detailing 13 issues regarding multiple DoS
vulnerabilities, information disclosure vulnerabilities, and logic issues that may result in an attacker
gaining the ability to modify an NTP server's advertised time. The vulnerabilities covered in this document are as follows:

- CVE-2015-7691 - Denial of Service AutoKey Malicious Message

- CVE-2015-7692 - Denial of Service AutoKey Malicious Message

- CVE-2015-7701 - Denial of Service CRYPTO_ASSOC Memory Leak

- CVE-2015-7702 - Denial of Service AutoKey Malicious Message

- CVE-2015-7703 - Configuration Directive File Overwrite Vulnerability

- CVE-2015-7704 - Denial of Service by Spoofed Kiss-o'-Death

- CVE-2015-7705 - Denial of Service by Priming the Pump

- CVE-2015-7848 - Network Time Protocol ntpd Multiple Integer Overflow Read Access Violations

- CVE-2015-7849 - Network Time Protocol Trusted Keys Memory Corruption Vulnerability

- CVE-2015-7850 - Network Time Protocol Remote Configuration Denial of Service Vulnerability

- CVE-2015-7851 - Network Time Protocol ntpd saveconfig Directory Traversal Vulnerability

- CVE-2015-7852 - Network Time Protocol ntpq atoascii Memory Corruption Vulnerability

- CVE-2015-7853 - Network Time Protocol Reference Clock Memory Corruption Vulnerability

- CVE-2015-7854 - Network Time Protocol Password Length Memory Corruption Vulnerability

- CVE-2015-7855 - Denial of Service Long Control Packet Message

- CVE-2015-7871 - NAK to the Future: NTP Symmetric Association Authentication Bypass Vulnerability

Cisco will release software updates that address these vulnerabilities.

Workarounds that mitigate one or more of the vulnerabilities may be available for certain products, please see the individual Cisco Bug IDs for details.

Solution:
See the referenced vendor advisory for a solution.

CVSS Score:
7.5

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2015-7848
BugTraq ID: 77275
http://www.securityfocus.com/bid/77275
https://security.gentoo.org/glsa/201607-15
http://www.talosintelligence.com/reports/TALOS-2015-0052/
http://www.securitytracker.com/id/1033951
Common Vulnerability Exposure (CVE) ID: CVE-2015-7849
BugTraq ID: 77276
http://www.securityfocus.com/bid/77276
Common Vulnerability Exposure (CVE) ID: CVE-2015-7850
BugTraq ID: 77279
http://www.securityfocus.com/bid/77279
Debian Security Information: DSA-3388 (Google Search)
http://www.debian.org/security/2015/dsa-3388
Common Vulnerability Exposure (CVE) ID: CVE-2015-7851
http://support.ntp.org/bin/view/Main/NtpBug2918
http://support.ntp.org/bin/view/Main/SecurityNotice
http://www.talosintel.com/reports/TALOS-2015-0062/
Common Vulnerability Exposure (CVE) ID: CVE-2015-7852
BugTraq ID: 77288
http://www.securityfocus.com/bid/77288
RedHat Security Advisories: RHSA-2016:0780
http://rhn.redhat.com/errata/RHSA-2016-0780.html
RedHat Security Advisories: RHSA-2016:2583
http://rhn.redhat.com/errata/RHSA-2016-2583.html
Common Vulnerability Exposure (CVE) ID: CVE-2015-7853
BugTraq ID: 77273
http://www.securityfocus.com/bid/77273
Bugtraq: 20151022 Cisco Security Advisory: Multiple Vulnerabilities in ntpd Affecting Cisco Products - October 2015 (Google Search)
http://www.securityfocus.com/archive/1/536737/100/0/threaded
http://www.securityfocus.com/archive/1/archive/1/536737/100/100/threaded
Bugtraq: 20151026 FreeBSD Security Advisory FreeBSD-SA-15:25.ntp (Google Search)
http://www.securityfocus.com/archive/1/536760/100/0/threaded
http://www.securityfocus.com/archive/1/archive/1/536760/100/100/threaded
Bugtraq: 20151029 [slackware-security] ntp (SSA:2015-302-03) (Google Search)
http://www.securityfocus.com/archive/1/536796/100/0/threaded
http://www.securityfocus.com/archive/1/archive/1/536796/100/100/threaded
Bugtraq: 20151104 FreeBSD Security Advisory FreeBSD-SA-15:25.ntp [REVISED] (Google Search)
http://www.securityfocus.com/archive/1/536833/100/0/threaded
http://www.securityfocus.com/archive/1/archive/1/536833/100/100/threaded
Cisco Security Advisory: 20151021 Multiple Vulnerabilities in ntpd Affecting Cisco Products - October 2015
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20151021-ntp
http://packetstormsecurity.com/files/134082/FreeBSD-Security-Advisory-ntp-Authentication-Bypass.html
http://packetstormsecurity.com/files/134137/Slackware-Security-Advisory-ntp-Updates.html
http://www.talosintel.com/vulnerability-reports/
https://us-cert.cisa.gov/ics/advisories/icsa-21-159-11
SuSE Security Announcement: SUSE-SU-2016:1247 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00020.html
SuSE Security Announcement: SUSE-SU-2016:1311 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00048.html
SuSE Security Announcement: SUSE-SU-2016:1912 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00026.html
SuSE Security Announcement: SUSE-SU-2016:2094 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00042.html
SuSE Security Announcement: openSUSE-SU-2015:2016 (Google Search)
http://lists.opensuse.org/opensuse-updates/2015-11/msg00093.html
SuSE Security Announcement: openSUSE-SU-2016:1423 (Google Search)
http://lists.opensuse.org/opensuse-updates/2016-05/msg00114.html
http://www.ubuntu.com/usn/USN-2783-1
Common Vulnerability Exposure (CVE) ID: CVE-2015-7854
BugTraq ID: 77277
http://www.securityfocus.com/bid/77277
Common Vulnerability Exposure (CVE) ID: CVE-2015-7871
BugTraq ID: 77287
http://www.securityfocus.com/bid/77287
https://security.gentoo.org/glsa/201604-03
Common Vulnerability Exposure (CVE) ID: CVE-2015-7704
BugTraq ID: 77280
http://www.securityfocus.com/bid/77280
CERT/CC vulnerability note: VU#718152
https://www.kb.cert.org/vuls/id/718152
https://eprint.iacr.org/2015/1020.pdf
https://www.cs.bu.edu/~goldbe/NTPattack.html
RedHat Security Advisories: RHSA-2015:1930
http://rhn.redhat.com/errata/RHSA-2015-1930.html
RedHat Security Advisories: RHSA-2015:2520
http://rhn.redhat.com/errata/RHSA-2015-2520.html
Common Vulnerability Exposure (CVE) ID: CVE-2015-7705
BugTraq ID: 77284
http://www.securityfocus.com/bid/77284
https://us-cert.cisa.gov/ics/advisories/icsa-21-103-11
SuSE Security Announcement: SUSE-SU-2016:1278 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00034.html
SuSE Security Announcement: SUSE-SU-2016:1291 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00037.html
SuSE Security Announcement: SUSE-SU-2016:1471 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00001.html
SuSE Security Announcement: SUSE-SU-2016:1568 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-06/msg00020.html
SuSE Security Announcement: openSUSE-SU-2016:1329 (Google Search)
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00052.html
Common Vulnerability Exposure (CVE) ID: CVE-2015-7703
BugTraq ID: 77278
http://www.securityfocus.com/bid/77278
Common Vulnerability Exposure (CVE) ID: CVE-2015-7701
BugTraq ID: 77281
http://www.securityfocus.com/bid/77281
Common Vulnerability Exposure (CVE) ID: CVE-2015-7855
BugTraq ID: 77283
http://www.securityfocus.com/bid/77283
https://www.exploit-db.com/exploits/40840/
Common Vulnerability Exposure (CVE) ID: CVE-2015-7691
BugTraq ID: 77274
http://www.securityfocus.com/bid/77274
Common Vulnerability Exposure (CVE) ID: CVE-2015-7692
BugTraq ID: 77285
http://www.securityfocus.com/bid/77285
Common Vulnerability Exposure (CVE) ID: CVE-2015-7702
BugTraq ID: 77286
http://www.securityfocus.com/bid/77286
CopyrightCopyright (C) 2016 Greenbone Networks GmbH

This is only one of 99761 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.




© 1998-2024 E-Soft Inc. All rights reserved.