6.2
CVSSv3

CVE-2015-7975

CVSSv4: NA | CVSSv3: 6.2 | CVSSv2: 2.1 | VMScore: 720 | EPSS: 0.00944 | KEV: Not Included
Published: 30/01/2017 Updated: 21/11/2024

Vulnerability Summary

The nextvar function in NTP prior to 4.2.8p6 and 4.3.x prior to 4.3.90 does not properly validate the length of its input, which allows an malicious user to cause a denial of service (application crash).

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

ntp ntp

ntp ntp 4.3.0

ntp ntp 4.3.1

ntp ntp 4.3.2

ntp ntp 4.3.3

ntp ntp 4.3.4

ntp ntp 4.3.5

ntp ntp 4.3.6

ntp ntp 4.3.7

ntp ntp 4.3.8

ntp ntp 4.3.10

ntp ntp 4.3.11

ntp ntp 4.3.12

ntp ntp 4.3.13

ntp ntp 4.3.14

ntp ntp 4.3.15

ntp ntp 4.3.16

ntp ntp 4.3.17

ntp ntp 4.3.18

ntp ntp 4.3.19

ntp ntp 4.3.20

ntp ntp 4.3.21

ntp ntp 4.3.22

ntp ntp 4.3.23

ntp ntp 4.3.24

ntp ntp 4.3.25

ntp ntp 4.3.26

ntp ntp 4.3.27

ntp ntp 4.3.28

ntp ntp 4.3.29

ntp ntp 4.3.30

ntp ntp 4.3.31

ntp ntp 4.3.32

ntp ntp 4.3.33

ntp ntp 4.3.34

ntp ntp 4.3.35

ntp ntp 4.3.36

ntp ntp 4.3.37

ntp ntp 4.3.38

ntp ntp 4.3.39

ntp ntp 4.3.40

ntp ntp 4.3.41

ntp ntp 4.3.42

ntp ntp 4.3.43

ntp ntp 4.3.44

ntp ntp 4.3.45

ntp ntp 4.3.46

ntp ntp 4.3.47

ntp ntp 4.3.48

ntp ntp 4.3.49

ntp ntp 4.3.50

ntp ntp 4.3.51

ntp ntp 4.3.52

ntp ntp 4.3.53

ntp ntp 4.3.54

ntp ntp 4.3.55

ntp ntp 4.3.56

ntp ntp 4.3.57

ntp ntp 4.3.58

ntp ntp 4.3.59

ntp ntp 4.3.60

ntp ntp 4.3.61

ntp ntp 4.3.62

ntp ntp 4.3.63

ntp ntp 4.3.64

ntp ntp 4.3.65

ntp ntp 4.3.66

ntp ntp 4.3.67

ntp ntp 4.3.68

ntp ntp 4.3.69

ntp ntp 4.3.70

ntp ntp 4.3.71

ntp ntp 4.3.72

ntp ntp 4.3.73

ntp ntp 4.3.74

ntp ntp 4.3.75

ntp ntp 4.3.76

ntp ntp 4.3.77

ntp ntp 4.3.78

ntp ntp 4.3.79

ntp ntp 4.3.80

ntp ntp 4.3.81

ntp ntp 4.3.82

ntp ntp 4.3.83

ntp ntp 4.3.84

ntp ntp 4.3.85

ntp ntp 4.3.86

ntp ntp 4.3.87

ntp ntp 4.3.88

ntp ntp 4.3.89

Vendor Advisories

Several security issues were fixed in NTP ...
The nextvar function in NTP before 428p6 and 43x before 4390 does not properly validate the length of its input, which allows an attacker to cause a denial of service (application crash) ...
Multiple Cisco products incorporate a version of the Network Time Protocol daemon (ntpd) package Versions of this package are affected by one or more vulnerabilities that could allow an unauthenticated, remote attacker to create a denial of service (DoS) condition or modify the time being advertised by a device acting as a Network Time Protocol (N ...

References

CWE-119https://usn.ubuntu.com/3096-1/https://nvd.nist.govhttps://www.first.org/epsshttps://www.kb.cert.org/vuls/id/718152http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00059.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-04/msg00060.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-05/msg00020.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-05/msg00038.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-05/msg00048.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-07/msg00026.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-08/msg00042.htmlhttp://lists.opensuse.org/opensuse-updates/2016-05/msg00114.htmlhttp://support.ntp.org/bin/view/Main/NtpBug2937http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160127-ntpdhttp://www.securityfocus.com/bid/81959http://www.securitytracker.com/id/1034782http://www.ubuntu.com/usn/USN-3096-1https://bto.bluecoat.com/security-advisory/sa113https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03750en_ushttps://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03766en_ushttps://security.FreeBSD.org/advisories/FreeBSD-SA-16:09.ntp.aschttps://security.gentoo.org/glsa/201607-15https://security.netapp.com/advisory/ntap-20171031-0001/https://www.kb.cert.org/vuls/id/718152http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00059.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-04/msg00060.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-05/msg00020.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-05/msg00038.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-05/msg00048.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-07/msg00026.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-08/msg00042.htmlhttp://lists.opensuse.org/opensuse-updates/2016-05/msg00114.htmlhttp://support.ntp.org/bin/view/Main/NtpBug2937http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160127-ntpdhttp://www.securityfocus.com/bid/81959http://www.securitytracker.com/id/1034782http://www.ubuntu.com/usn/USN-3096-1https://bto.bluecoat.com/security-advisory/sa113https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03750en_ushttps://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03766en_ushttps://security.FreeBSD.org/advisories/FreeBSD-SA-16:09.ntp.aschttps://security.gentoo.org/glsa/201607-15https://security.netapp.com/advisory/ntap-20171031-0001/https://www.kb.cert.org/vuls/id/718152