Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
5.8
CVSSv2

CVE-2015-7973

Published: 30/01/2017 Updated: 26/04/2021
CVSS v2 Base Score: 5.8 | Impact Score: 4.9 | Exploitability Score: 8.6
CVSS v3 Base Score: 6.5 | Impact Score: 4.2 | Exploitability Score: 2.2
VMScore: 516
Vector: AV:N/AC:M/Au:N/C:N/I:P/A:P
Subscribe to Ntp

Vulnerability Summary

NTP prior to 4.2.8p6 and 4.3.x prior to 4.3.90, when configured in broadcast mode, allows man-in-the-middle malicious users to conduct replay attacks by sniffing the network.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

ntp ntp

ntp ntp 4.2.8

siemens tim_4r-ie_firmware

siemens tim_4r-ie_dnp3_firmware

freebsd freebsd 9.3

freebsd freebsd

freebsd freebsd 10.1

freebsd freebsd 10.2

netapp clustered data ontap -

netapp oncommand balance -

canonical ubuntu linux 12.04

canonical ubuntu linux 14.04

canonical ubuntu linux 16.04

Vendor Advisories

Ubuntu Security Notice: ntp vulnerabilities
Several security issues were fixed in NTP ...
Red Hat: CVE-2015-7973
NTP before 428p6 and 43x before 4390, when configured in broadcast mode, allows man-in-the-middle attackers to conduct replay attacks by sniffing the network ...
Cisco: Multiple Vulnerabilities in Network Time Protocol Daemon Affecting Cisco Products: January 2016
Multiple Cisco products incorporate a version of the Network Time Protocol daemon (ntpd) package Versions of this package are affected by one or more vulnerabilities that could allow an unauthenticated, remote attacker to create a denial of service (DoS) condition or modify the time being advertised by a device acting as a Network Time Protocol (N ...

References

CWE-254https://www.kb.cert.org/vuls/id/718152https://security.gentoo.org/glsa/201607-15https://bto.bluecoat.com/security-advisory/sa113http://www.ubuntu.com/usn/USN-3096-1http://www.securitytracker.com/id/1034782http://www.securityfocus.com/bid/81963http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160127-ntpdhttp://support.ntp.org/bin/view/Main/NtpBug2935http://lists.opensuse.org/opensuse-updates/2016-05/msg00114.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-08/msg00042.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-07/msg00026.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-05/msg00048.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-05/msg00038.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-05/msg00020.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-04/msg00060.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-04/msg00059.htmlhttps://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03750en_ushttps://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03766en_ushttps://security.netapp.com/advisory/ntap-20171031-0001/https://security.FreeBSD.org/advisories/FreeBSD-SA-16:09.ntp.aschttps://cert-portal.siemens.com/productcert/pdf/ssa-497656.pdfhttps://us-cert.cisa.gov/ics/advisories/icsa-21-103-11https://usn.ubuntu.com/3096-1/https://nvd.nist.govhttps://www.kb.cert.org/vuls/id/718152
CVSSv2
CVSSv2
CVSSv3
VMScore
Recommendations:
CVE-2023-38298CVE-2024-20356CVE-2023-21987CVE-2024-33217bypassCVE-2024-31804CVE-2024-32660unauthorizedSSRF
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook