CVE-2015-7975 vulnerabilities and exploits

(subscribe to this query)

The nextvar function in NTP prior to 4.2.8p6 and 4.3.x prior to 4.3.90 does not properly validate the length of its input, which allows an malicious user to cause a denial of service (application crash).

Ntp Ntp Ntp Ntp 4.3.0 Ntp Ntp 4.3.1 Ntp Ntp 4.3.2 Ntp Ntp 4.3.3 Ntp Ntp 4.3.4 Ntp Ntp 4.3.5 Ntp Ntp 4.3.6 Ntp Ntp 4.3.7 Ntp Ntp 4.3.8 Ntp Ntp 4.3.10 Ntp Ntp 4.3.11

The ntpq protocol in NTP prior to 4.2.8p7 allows remote malicious users to conduct replay attacks by sniffing the network.

NTP prior to 4.2.8p6 and 4.3.x prior to 4.3.90, when configured in broadcast mode, allows man-in-the-middle malicious users to conduct replay attacks by sniffing the network.

Ntp Ntp Ntp Ntp 4.2.8 Siemens Tim 4r-ie Firmware Siemens Tim 4r-ie Dnp3 Firmware Freebsd Freebsd Freebsd Freebsd 9.3 Freebsd Freebsd 10.1 Freebsd Freebsd 10.2 Netapp Clustered Data Ontap -Netapp Oncommand Balance -Canonical Ubuntu Linux 12.04 Canonical Ubuntu Linux 14.04

The ntpq saveconfig command in NTP 4.1.2, 4.2.x prior to 4.2.8p6, 4.3, 4.3.25, 4.3.70, and 4.3.77 does not properly filter special characters, which allows malicious users to cause unspecified impact via a crafted filename.

Ntp Ntp 4.1.2 Ntp Ntp Ntp Ntp 4.3.0 Ntp Ntp 4.3.1 Ntp Ntp 4.3.2 Ntp Ntp 4.3.3 Ntp Ntp 4.3.4 Ntp Ntp 4.3.5 Ntp Ntp 4.3.6 Ntp Ntp 4.3.7 Ntp Ntp 4.3.8 Ntp Ntp 4.3.9

ntpq in NTP prior to 4.2.8p7 allows remote malicious users to obtain origin timestamps and then impersonate peers via unspecified vectors.

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Product List Vendor List Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook