exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New
Showing 1 - 5 of 5 RSS Feed

CVE-2015-5300

Status Candidate

Overview

The panic_gate check in NTP before 4.2.8p5 is only re-enabled after the first change to the system clock that was greater than 128 milliseconds by default, which allows remote attackers to set NTP to an arbitrary time when started with the -g option, or to alter the time by up to 900 seconds otherwise by responding to an unspecified number of requests from trusted sources, and leveraging a resulting denial of service (abort and restart).

Related Files

Slackware Security Advisory - ntp Updates
Posted Feb 25, 2016
Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New ntp packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix security issues.

tags | advisory
systems | linux, slackware
advisories | CVE-2015-5300, CVE-2015-7973, CVE-2015-7974, CVE-2015-7975, CVE-2015-7976, CVE-2015-7977, CVE-2015-7978, CVE-2015-7979, CVE-2015-8138, CVE-2015-8158
SHA-256 | 37713e13555f43d3a710763934080ccf84cfd0f0cb9b3f3824fd084a85878b2c
FreeBSD Security Advisory - FreeBSD-SA-16:02.ntp
Posted Jan 15, 2016
Authored by Network Time Foundation

FreeBSD Security Advisory - The ntpd(8) daemon has a safety feature to prevent excessive stepping of the clock called the "panic threshold". If ever ntpd(8) determines the system clock is incorrect by more than this threshold, the daemon exits. There is an implementation error within the ntpd(8) implementation of this feature, which allows the system time be adjusted in certain circumstances. When ntpd(8) is started with the '-g' option specified, the system time will be corrected regardless of if the time offset exceeds the panic threshold (by default, 1000 seconds). The FreeBSD rc(8) subsystem allows specifying the '-g' option by either including '-g' in the ntpd_flags list or by enabling ntpd_sync_on_start in the system rc.conf(5) file. If at the moment ntpd(8) is restarted, an attacker can immediately respond to enough requests from enough sources trusted by the target, which is difficult and not common, there is a window of opportunity where the attacker can cause ntpd(8) to set the time to an arbitrary value.

tags | advisory, arbitrary
systems | freebsd
advisories | CVE-2015-5300
SHA-256 | 5b686dd5c1094f8df8e568f63282df537867ba1a7462ed0d52244d035dd8943c
Debian Security Advisory 3388-1
Posted Nov 2, 2015
Authored by Debian | Site debian.org

Debian Linux Security Advisory 3388-1 - Several vulnerabilities were discovered in the Network Time Protocol daemon and utility programs.

tags | advisory, vulnerability, protocol
systems | linux, debian
advisories | CVE-2014-9750, CVE-2014-9751, CVE-2015-3405, CVE-2015-5146, CVE-2015-5194, CVE-2015-5195, CVE-2015-5219, CVE-2015-5300, CVE-2015-7691, CVE-2015-7692, CVE-2015-7701, CVE-2015-7702, CVE-2015-7703, CVE-2015-7704, CVE-2015-7850, CVE-2015-7852, CVE-2015-7855, CVE-2015-7871
SHA-256 | 4fac4f7e1a4e533ef9921e59f6edea64818b9257321c6c0272d58e5b47a7c5a7
Ubuntu Security Notice USN-2783-1
Posted Oct 27, 2015
Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2783-1 - Aleksis Kauppinen discovered that NTP incorrectly handled certain remote config packets. In a non-default configuration, a remote authenticated attacker could possibly use this issue to cause NTP to crash, resulting in a denial of service. Miroslav Lichvar discovered that NTP incorrectly handled logconfig directives. In a non-default configuration, a remote authenticated attacker could possibly use this issue to cause NTP to crash, resulting in a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service
systems | linux, ubuntu
advisories | CVE-2015-5146, CVE-2015-5194, CVE-2015-5195, CVE-2015-5196, CVE-2015-5219, CVE-2015-5300, CVE-2015-7691, CVE-2015-7692, CVE-2015-7701, CVE-2015-7702, CVE-2015-7703, CVE-2015-7704, CVE-2015-7705, CVE-2015-7850, CVE-2015-7852, CVE-2015-7853, CVE-2015-7855, CVE-2015-7871
SHA-256 | 8debc928995cb2a3718e301aeb27ac0484aa5e83482836add27bb9e46982d590
Red Hat Security Advisory 2015-1930-01
Posted Oct 27, 2015
Authored by Red Hat | Site access.redhat.com

Red Hat Security Advisory 2015-1930-01 - The Network Time Protocol is used to synchronize a computer's time with a referenced time source. It was discovered that ntpd as a client did not correctly check timestamps in Kiss-of-Death packets. A remote attacker could use this flaw to send a crafted Kiss-of-Death packet to an ntpd client that would increase the client's polling interval value, and effectively disable synchronization with the server. It was found that ntpd did not correctly implement the threshold limitation for the '-g' option, which is used to set the time without any restrictions. A man-in-the-middle attacker able to intercept NTP traffic between a connecting client and an NTP server could use this flaw to force that client to make multiple steps larger than the panic threshold, effectively changing the time to an arbitrary value.

tags | advisory, remote, arbitrary, protocol
systems | linux, redhat
advisories | CVE-2015-5300, CVE-2015-7704
SHA-256 | 08e79a7902ee8bcd7e147cff04dc775db97366989509368f2e8b20bae782a19f
Page 1 of 1
Back1Next

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    14 Files
  • 12
    Nov 12th
    20 Files
  • 13
    Nov 13th
    63 Files
  • 14
    Nov 14th
    18 Files
  • 15
    Nov 15th
    8 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    18 Files
  • 19
    Nov 19th
    7 Files
  • 20
    Nov 20th
    13 Files
  • 21
    Nov 21st
    6 Files
  • 22
    Nov 22nd
    48 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    60 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    44 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Services
Security Services
Hosting By
Rokasec
close