CVE-2015-3405: CVE-2015-3405

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2015-3405

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

ntp-keygen in ntp 4.2.8px before 4.2.8p2-RC2 and 4.3.x before 4.3.12 does not generate MD5 keys with sufficient entropy on big endian machines when the lowest order byte of the temp variable is between 0x20 and 0x7f and not #, which might allow remote attackers to obtain the value of generated MD5 keys via a brute force attack with the 93 possible keys.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

NTP 安全特征问题漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

NTP是nwtime开源的一个网络时间协议。 NTP 4.2.8px版本至4.2.8p2-RC2之前版本、4.3.x版本至4.3.12之前版本存在安全特征问题漏洞。远程攻击者利用该漏洞获取产生的MD5密钥值。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2015-3405

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2015-3405

Please Login to view more intelligence information

https://support.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03886en_usx_refsource_CONFIRM
http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.htmlx_refsource_CONFIRM
https://bugs.ntp.org/show_bug.cgi?id=2797x_refsource_CONFIRM
http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.htmlx_refsource_CONFIRM
https://bugzilla.redhat.com/show_bug.cgi?id=1210324x_refsource_CONFIRM
http://bk1.ntp.org/ntp-stable/?PAGE=patch&REV=55199296N2gFqH1Hm5GOnhrk9Ypyggx_refsource_CONFIRM
http://www.securityfocus.com/bid/74045vdb-entryx_refsource_BID
http://www.debian.org/security/2015/dsa-3388vendor-advisoryx_refsource_DEBIAN
http://www.debian.org/security/2015/dsa-3223vendor-advisoryx_refsource_DEBIAN
http://rhn.redhat.com/errata/RHSA-2015-2231.htmlvendor-advisoryx_refsource_REDHAT
http://rhn.redhat.com/errata/RHSA-2015-1459.htmlvendor-advisoryx_refsource_REDHAT
http://lists.fedoraproject.org/pipermail/package-announce/2015-April/156248.htmlvendor-advisoryx_refsource_FEDORA
http://lists.opensuse.org/opensuse-security-announce/2015-07/msg00000.htmlvendor-advisoryx_refsource_SUSE
http://www.openwall.com/lists/oss-security/2015/04/23/14mailing-listx_refsource_MLIST
https://nvd.nist.gov/vuln/detail/CVE-2015-3405

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2015-3405

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

I. Basic Information for CVE-2015-3405

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2015-3405

III. Intelligence Information for CVE-2015-3405

IV. Related Vulnerabilities

V. Comments for CVE-2015-3405

Leave a comment