PT-2015-3301 · Ntt+7 · Ntp+8

Martin Prpič

Published

2015-10-21

Updated

2024-06-15

CVE-2015-7701

CVSS v2.0

7.8

High

Vector

AV:N/AC:L/Au:N/C:N/I:N/A:C

Name of the Vulnerable Software and Affected Versions NTP versions 4.2.x through 4.2.8p3 NTP versions 4.3.x through 4.3.76

Description The issue is related to a memory leak in the CRYPTO ASSOC function in ntpd, which can be exploited by remote attackers to cause a denial of service due to memory consumption. This is caused by errors in resource management. An attacker could exploit this to cause a denial of service. Additionally, the decodenetnum() function has an issue where it fails to return FAIL on some invalid values, instead causing an ASSERT botch, which can also lead to a denial of service.

Recommendations For NTP versions 4.2.x through 4.2.8p3, update to version 4.2.8p4 or later. For NTP versions 4.3.x through 4.3.76, update to version 4.3.77 or later. As a temporary workaround, consider restricting access to the CRYPTO ASSOC function and the decodenetnum() function until a patch is available.

Exploit

Fix

DoS

Missing Release of Resource after Effective Lifetime

Found an issue in the description? Have something to add? Feel free to write us 👾

dbugs@ptsecurity.com

Weakness Enumeration

CWE-772CWE-399

Related Identifiers

ALT-PU-2017-2335

BDU:2017-02039

CESA-2016_0780

CESA-2016_2583

CVE-2015-7701

DLA-335-1

DSA-3388-1

MGASA-2015-0413

OPENSUSE-SU-2024:10181-1

RHSA-2016:0780

RHSA-2016:2583

RHSA-2016_0780

RHSA-2016_2583

SUSE-SU-2015:2058-1

SUSE-SU-2016:1247-1

SUSE-SU-2016:1311-1

USN-2783-1

Affected Products

Alt Linux

Centos

Cisco Ios Xe

Cisco Nexus

Ibm Aix

Ntp

Red Hat

Suse

Ubuntu

PT-2015-3301 · Ntt+7 · Ntp+8

CVE-2015-7701

Weakness Enumeration

Related Identifiers

Affected Products

References · 258