VDB
GCVE-110-MAGEIA-2015-152
GCVE-110-MAGEIA-2015-152
Advisory Published
Updated ntp packages fix security vulnerabilities:
The symmetric-key feature in the receive function in ntp_proto.c in ntpd in
NTP before 4.2.8p2 requires a correct MAC only if the MAC field has a nonzero
length, which makes it easier for man-in-the-middle attackers to spoof packets
by omitting the MAC (CVE-2015-1798).
The symmetric-key feature in the receive function in ntp_proto.c in ntpd in
NTP before 4.2.8p2 performs state-variable updates upon receiving certain
invalid packets, which makes it easier for man-in-the-middle attackers to
cause a denial of service (synchronization loss) by spoofing the source IP
address of a peer (CVE-2015-1799).
Affected Products
| Vendor | Product | Versions | Platforms |
|---|---|---|---|
| Mageia | pluma | 0 (affected), 1.8.1-3.1.mga5 (unaffected) | — |
| Mageia | ntp | 4.2.6p5-15.5.mga4 (unaffected), 0 (affected), 4.2.6p5-15.5.mga4 (unaffected), 0 (affected) | — |
Browse GCVE Records
72,409 records in the GCVE database · Updated July 14, 2026
No matching records found.
Explore Further
Investigate this vulnerability in the interactive console or download the raw GCVE record.