FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

ntp -- multiple vulnerabilities

Affected packages
		ntp	<	4.2.8p2
		ntp-devel	<	4.3.14
10.1	<=	FreeBSD	<	10.1_9
9.3	<=	FreeBSD	<	9.3_13
8.4	<=	FreeBSD	<	8.4_27

Details

VuXML ID	ebd84c96-dd7e-11e4-854e-3c970e169bc2
Discovery	2015-04-07
Entry	2015-04-07

ntp.org reports:

[Sec 2779] ntpd accepts unauthenticated packets with symmetric key crypto.

[Sec 2781] Authentication doesn't protect symmetric associations against DoS attacks.

[source]

References

CVE Name	CVE-2015-1798
CVE Name	CVE-2015-1799
FreeBSD Advisory	SA-15:07.ntp
URL	http://archive.ntp.org/ntp4/ChangeLog-stable