Security Advisory

CVE-2015-1798

CVE vulnerability detail — eXtreme Datacenter Security Operations

Published 2015-04-08 10:00:00

Last updated 2024-08-06 04:54:16

Assigner redhat

State PUBLISHED

Description

The symmetric-key feature in the receive function in ntp_proto.c in ntpd in NTP 4.x before 4.2.8p2 requires a correct MAC only if the MAC field has a nonzero length, which makes it easier for man-in-the-middle attackers to spoof packets by omitting the MAC.

← Browse all CVEs View on cve.org ↗