CVE-2015-1798

EPSS 0.83% · P75 Updated Feb 21, 2026

Get alerts for future matching vulnerabilitiesLog in to subscribe

I. Basic Information for CVE-2015-1798

Vulnerability Information

Have questions about the vulnerability? See if Shenlong's analysis helps!

Although we use advanced large model technology, its output may still contain inaccurate or outdated information.Shenlong tries to ensure data accuracy, but please verify and judge based on the actual situation.

Vulnerability Title

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Description

The symmetric-key feature in the receive function in ntp_proto.c in ntpd in NTP 4.x before 4.2.8p2 requires a correct MAC only if the MAC field has a nonzero length, which makes it easier for man-in-the-middle attackers to spoof packets by omitting the MAC.

Source: NVD (National Vulnerability Database)

CVSS Information

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Type

N/A

Source: NVD (National Vulnerability Database)

Vulnerability Title

NTP 代码注入漏洞

Source: CNNVD (China National Vulnerability Database)

Vulnerability Description

NTP是nwtime开源的一个网络时间协议。 NTP 4.2.7p444及之前版本存在代码问题漏洞，该漏洞源于只有当MAC字段是非零长度时，程序才会要求数据包中包含MAC。攻击者可通过省略MAC利用该漏洞实施中间人攻击，伪造数据包。

Source: CNNVD (China National Vulnerability Database)

CVSS Information

N/A

Source: CNNVD (China National Vulnerability Database)

Vulnerability Type

N/A

Source: CNNVD (China National Vulnerability Database)

Affected Products

Vendor	Product	Affected Versions	CPE	Subscribe
-	n/a	n/a	-

II. Public POCs for CVE-2015-1798

#	POC Description	Source Link	Shenlong Link

AI-Generated POCPremium

No public POC found.

III. Intelligence Information for CVE-2015-1798

请登录查看更多情报信息。

https://kc.mcafee.com/corporate/index?page=content&id=SB10114x_refsource_CONFIRM
http://support.apple.com/kb/HT204942x_refsource_CONFIRM
http://support.ntp.org/bin/view/Main/SecurityNotice#Recent_Vulnerabilitiesx_refsource_CONFIRM
http://www.oracle.com/technetwork/topics/security/bulletinapr2015-2511959.htmlx_refsource_CONFIRM
http://bugs.ntp.org/show_bug.cgi?id=2779x_refsource_CONFIRM
http://www.oracle.com/technetwork/topics/security/linuxbulletinoct2015-2719645.htmlx_refsource_CONFIRM
http://www.securityfocus.com/bid/73951vdb-entryx_refsource_BID
http://www.securitytracker.com/id/1032032vdb-entryx_refsource_SECTRACK
http://www.debian.org/security/2015/dsa-3223vendor-advisoryx_refsource_DEBIAN
http://www.kb.cert.org/vuls/id/374268third-party-advisoryx_refsource_CERT-VN
http://www.ubuntu.com/usn/USN-2567-1vendor-advisoryx_refsource_UBUNTU
http://marc.info/?l=bugtraq&m=143213867103400&w=2vendor-advisoryx_refsource_HP
https://security.gentoo.org/glsa/201509-01vendor-advisoryx_refsource_GENTOO
http://rhn.redhat.com/errata/RHSA-2015-1459.htmlvendor-advisoryx_refsource_REDHAT
http://www.mandriva.com/security/advisories?name=MDVSA-2015:202vendor-advisoryx_refsource_MANDRIVA
http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155863.htmlvendor-advisoryx_refsource_FEDORA
http://lists.fedoraproject.org/pipermail/package-announce/2015-April/155864.htmlvendor-advisoryx_refsource_FEDORA
http://lists.opensuse.org/opensuse-updates/2015-04/msg00052.htmlvendor-advisoryx_refsource_SUSE
http://lists.apple.com/archives/security-announce/2015/Jun/msg00002.htmlvendor-advisoryx_refsource_APPLE
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20150408-ntpdvendor-advisoryx_refsource_CISCO
http://tools.cisco.com/security/center/viewAlert.x?alertId=38276vendor-advisoryx_refsource_CISCO
https://nvd.nist.gov/vuln/detail/CVE-2015-1798

Same Patch Batch · n/a · 2015-04-08 · 22 CVEs total

CVE-2015-2822		Siemens SIMATIC HMI Comfort Panels和SIMATIC WinCC Runtime Advanced 输入验证漏洞
CVE-2015-2828		CA Spectrum 权限许可和访问控制问题漏洞
CVE-2015-2827		CA Spectrum 跨站脚本漏洞
CVE-2015-1773		Apache Flex 跨站脚本漏洞
CVE-2015-0905		bBlog 跨站请求伪造漏洞
CVE-2015-1799		NTP ntpd 代码注入漏洞
CVE-2015-1473		GNU C Library 缓冲区溢出漏洞
CVE-2015-1472		GNU C Library 缓冲区溢出漏洞
CVE-2015-0799		Mozilla Firefox HTTP Alternative Services 输入验证漏洞
CVE-2015-0798		Mozilla Firefox 权限许可和访问控制漏洞
CVE-2015-2823		多款Siemens产品安全漏洞
CVE-2015-0202		Apache Subversion mod_dav_svn服务器资源管理错误漏洞
CVE-2015-3030		McAfee Advanced Threat Defense Web界面信息泄露漏洞
CVE-2015-3029		McAfee Advanced Threat Defense Web界面权限许可和访问控制漏洞
CVE-2015-3028		McAfee Advanced Threat Defense 权限许可和访问控制漏洞
CVE-2015-2782		Open-source ARJ archiver 缓冲区溢出漏洞
CVE-2015-1317		Oxide 资源管理错误漏洞
CVE-2015-0557		Open-source ARJ archiver 目录遍历漏洞
CVE-2015-0556		Open-source ARJ archiver 目录遍历漏洞
CVE-2015-0251		Subversion mod_dav_svn服务器安全漏洞

Showing top 20 of 22 CVEs. View all on vendor page → →

IV. Related Vulnerabilities

Same product: n/a

Same vendor: n/a

V. Comments for CVE-2015-1798

No comments yet

Goal Reached Thanks to every supporter — we hit 100%!

CVE-2015-1798

I. Basic Information for CVE-2015-1798

Vulnerability Information

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Vulnerability Title

Vulnerability Description

CVSS Information

Vulnerability Type

Affected Products

II. Public POCs for CVE-2015-1798

III. Intelligence Information for CVE-2015-1798

Same Patch Batch · n/a · 2015-04-08 · 22 CVEs total

IV. Related Vulnerabilities

V. Comments for CVE-2015-1798

Leave a comment