4.3
CVSSv3

CVE-2015-7976

CVSSv4: NA | CVSSv3: 4.3 | CVSSv2: 4 | VMScore: 530 | EPSS: 0.04021 | KEV: Not Included
Published: 30/01/2017 Updated: 21/11/2024

Vulnerability Summary

The ntpq saveconfig command in NTP 4.1.2, 4.2.x prior to 4.2.8p6, 4.3, 4.3.25, 4.3.70, and 4.3.77 does not properly filter special characters, which allows malicious users to cause unspecified impact via a crafted filename.

Vulnerable Product Search on Vulmon Subscribe to Product

ntp ntp 4.1.2

ntp ntp

ntp ntp 4.3.0

ntp ntp 4.3.1

ntp ntp 4.3.2

ntp ntp 4.3.3

ntp ntp 4.3.4

ntp ntp 4.3.5

ntp ntp 4.3.6

ntp ntp 4.3.7

ntp ntp 4.3.8

ntp ntp 4.3.9

ntp ntp 4.3.10

ntp ntp 4.3.11

ntp ntp 4.3.12

ntp ntp 4.3.13

ntp ntp 4.3.14

ntp ntp 4.3.15

ntp ntp 4.3.16

ntp ntp 4.3.17

ntp ntp 4.3.18

ntp ntp 4.3.19

ntp ntp 4.3.20

ntp ntp 4.3.21

ntp ntp 4.3.22

ntp ntp 4.3.23

ntp ntp 4.3.24

ntp ntp 4.3.25

ntp ntp 4.3.26

ntp ntp 4.3.27

ntp ntp 4.3.28

ntp ntp 4.3.29

ntp ntp 4.3.30

ntp ntp 4.3.31

ntp ntp 4.3.32

ntp ntp 4.3.33

ntp ntp 4.3.34

ntp ntp 4.3.35

ntp ntp 4.3.36

ntp ntp 4.3.37

ntp ntp 4.3.38

ntp ntp 4.3.39

ntp ntp 4.3.40

ntp ntp 4.3.41

ntp ntp 4.3.42

ntp ntp 4.3.43

ntp ntp 4.3.44

ntp ntp 4.3.45

ntp ntp 4.3.46

ntp ntp 4.3.47

ntp ntp 4.3.48

ntp ntp 4.3.49

ntp ntp 4.3.50

ntp ntp 4.3.51

ntp ntp 4.3.52

ntp ntp 4.3.53

ntp ntp 4.3.54

ntp ntp 4.3.55

ntp ntp 4.3.56

ntp ntp 4.3.57

ntp ntp 4.3.58

ntp ntp 4.3.59

ntp ntp 4.3.60

ntp ntp 4.3.61

ntp ntp 4.3.62

ntp ntp 4.3.63

ntp ntp 4.3.64

ntp ntp 4.3.65

ntp ntp 4.3.66

ntp ntp 4.3.67

ntp ntp 4.3.68

ntp ntp 4.3.69

ntp ntp 4.3.70

ntp ntp 4.3.71

ntp ntp 4.3.72

ntp ntp 4.3.73

ntp ntp 4.3.74

ntp ntp 4.3.75

ntp ntp 4.3.76

ntp ntp 4.3.77

ntp ntp 4.3.78

ntp ntp 4.3.79

ntp ntp 4.3.80

ntp ntp 4.3.81

ntp ntp 4.3.82

ntp ntp 4.3.83

ntp ntp 4.3.84

ntp ntp 4.3.85

ntp ntp 4.3.86

ntp ntp 4.3.87

ntp ntp 4.3.88

ntp ntp 4.3.89

suse linux enterprise debuginfo 11

suse manager 2.1

suse manager proxy 2.1

novell suse openstack cloud 5

opensuse leap 42.1

opensuse opensuse 13.2

suse linux enterprise desktop 12

suse linux enterprise server 10

suse linux enterprise server 11

suse linux enterprise server 12

suse suse linux enterprise server 12

Vendor Advisories

Several security issues were fixed in NTP ...
The ntpq saveconfig command in NTP 412, 42x before 428p6, 43, 4325, 4370, and 4377 does not properly filter special characters, which allows attackers to cause unspecified impact via a crafted filename ...
Multiple Cisco products incorporate a version of the Network Time Protocol daemon (ntpd) package Versions of this package are affected by one or more vulnerabilities that could allow an unauthenticated, remote attacker to create a denial of service (DoS) condition or modify the time being advertised by a device acting as a Network Time Protocol (N ...

References

CWE-254https://usn.ubuntu.com/3096-1/https://nvd.nist.govhttps://www.first.org/epsshttps://www.kb.cert.org/vuls/id/718152http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00059.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-04/msg00060.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-05/msg00020.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-05/msg00038.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-05/msg00048.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-07/msg00026.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-08/msg00042.htmlhttp://lists.opensuse.org/opensuse-updates/2016-05/msg00114.htmlhttp://support.ntp.org/bin/view/Main/NtpBug2938http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160127-ntpdhttp://www.securitytracker.com/id/1034782http://www.ubuntu.com/usn/USN-3096-1https://bto.bluecoat.com/security-advisory/sa113https://security.FreeBSD.org/advisories/FreeBSD-SA-16:09.ntp.aschttps://security.gentoo.org/glsa/201607-15https://security.netapp.com/advisory/ntap-20171031-0001/https://www.kb.cert.org/vuls/id/718152http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00059.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-04/msg00060.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-05/msg00020.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-05/msg00038.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-05/msg00048.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-07/msg00026.htmlhttp://lists.opensuse.org/opensuse-security-announce/2016-08/msg00042.htmlhttp://lists.opensuse.org/opensuse-updates/2016-05/msg00114.htmlhttp://support.ntp.org/bin/view/Main/NtpBug2938http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160127-ntpdhttp://www.securitytracker.com/id/1034782http://www.ubuntu.com/usn/USN-3096-1https://bto.bluecoat.com/security-advisory/sa113https://security.FreeBSD.org/advisories/FreeBSD-SA-16:09.ntp.aschttps://security.gentoo.org/glsa/201607-15https://security.netapp.com/advisory/ntap-20171031-0001/https://www.kb.cert.org/vuls/id/718152