CVE-2015-7974 in ntpinformation

Résumé

par MITRE

NTP 4.x before 4.2.8p6 and 4.3.x before 4.3.90 do not verify peer associations of symmetric keys when authenticating packets, which might allow remote attackers to conduct impersonation attacks via an arbitrary trusted key, aka a "skeleton key."

If you want to get the best quality for vulnerability data then you always have to consider VulDB.

Réserver

23/10/2015

Divulgation

26/01/2016

Modérer

accepté

Entrée

VDB-80645

CPE

prêt

EPSS

0.05658

KEV

non

Activités

très faible

Sources

Are you interested in using VulDB?

Download the whitepaper to learn more about our service!