{ "threat_severity" : "Moderate", "public_date" : "2015-10-21T00:00:00Z", "bugzilla" : { "description" : "ntp: incomplete checks in ntp_crypto.c", "id" : "1274254", "url" : "https://bugzilla.redhat.com/show_bug.cgi?id=1274254" }, "cvss" : { "cvss_base_score" : "4.0", "cvss_scoring_vector" : "AV:N/AC:H/Au:N/C:P/I:N/A:P", "status" : "verified" }, "details" : [ "The crypto_xmit function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (crash). NOTE: This vulnerability exists due to an incomplete fix for CVE-2014-9750.", "It was found that the fix for CVE-2014-9750 was incomplete: three issues were found in the value length checks in NTP's ntp_crypto.c, where a packet with particular autokey operations that contained malicious data was not always being completely validated. A remote attacker could use a specially crafted NTP packet to crash ntpd." ], "affected_release" : [ { "product_name" : "Red Hat Enterprise Linux 6", "release_date" : "2016-05-10T00:00:00Z", "advisory" : "RHSA-2016:0780", "cpe" : "cpe:/o:redhat:enterprise_linux:6", "package" : "ntp-0:4.2.6p5-10.el6" }, { "product_name" : "Red Hat Enterprise Linux 7", "release_date" : "2016-11-03T00:00:00Z", "advisory" : "RHSA-2016:2583", "cpe" : "cpe:/o:redhat:enterprise_linux:7", "package" : "ntp-0:4.2.6p5-25.el7" } ], "package_state" : [ { "product_name" : "Red Hat Enterprise Linux 5", "fix_state" : "Will not fix", "package_name" : "ntp", "cpe" : "cpe:/o:redhat:enterprise_linux:5" } ], "references" : [ "https://www.cve.org/CVERecord?id=CVE-2015-7692\nhttps://nvd.nist.gov/vuln/detail/CVE-2015-7692\nhttp://support.ntp.org/bin/view/Main/SecurityNotice#October_2015_NTP_Security_Vulner\nhttps://github.com/ntp-project/ntp/blob/stable/NEWS#L11" ], "name" : "CVE-2015-7692", "mitigation" : { "value" : "Disable NTP autokey authentication by removing, or commenting out, all configuration directives beginning with the 'crypto' keyword in your ntp.conf file.", "lang" : "en:us" }, "csaw" : false }