The crypto_xmit function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (crash) via crafted packets containing particular autokey operations. NOTE: This vulnerability exists due to an incomplete fix for CVE-2014-9750.

References

rhn.redhat.com/errata/RHSA-2016-0780.html

rhn.redhat.com/errata/RHSA-2016-2583.html

support.ntp.org/bin/view/Main/NtpBug2899

www.debian.org/security/2015/dsa-3388

www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html

www.securityfocus.com/bid/77274

www.securitytracker.com/id/1033951

bugzilla.redhat.com/show_bug.cgi?id=1274254

security.gentoo.org/glsa/201607-15

security.netapp.com/advisory/ntap-20171004-0001/

veracode 4

prion 6

nvd 6

debiancve 4

cve 6

ubuntucve 4

f5 4

nessus 50

cvelist 3

ibm 16

osv 4

openvas 28

amazon 1

redhat 4

centos 4

debian 2

slackware 1

aix 1

mageia 1

fedora 3

oraclelinux 3

freebsd_advisory 1

freebsd 1

arista 1

archlinux 1

securityvulns 2

cisco 1

symantec 1

ubuntu 1

suse 4

gentoo 1

ics 1

veracode

Denial Of Service (DoS)

2019-05-02 05:29:36

Sensitive Information Leak

2019-05-02 05:41:07

Denial Of Service (DoS)

2019-05-02 05:29:36

prion

Code injection

2017-08-07 20:29:00

Authentication flaw

2015-10-06 01:59:00

Code injection

2017-08-07 20:29:00

nvd

CVE-2015-7691

2017-08-07 20:29:00

CVE-2014-9750

2015-10-06 01:59:00

CVE-2015-7702

2017-08-07 20:29:00

debiancve

CVE-2015-7691

2017-08-07 20:29:00

CVE-2014-9750

2015-10-06 01:59:00

CVE-2015-7702

2017-08-07 20:29:00

cve

CVE-2015-7691

2017-08-07 20:29:00

CVE-2014-9750

2015-10-06 01:59:00

CVE-2015-7692

2017-08-07 20:29:00

ubuntucve

CVE-2015-7691

2015-10-22 00:00:00

CVE-2015-7702

2015-10-22 00:00:00

CVE-2015-7692

2015-10-22 00:00:00

K17530 : NTP vulnerabilities CVE-2015-7691, CVE-2015-7692, and CVE-2015-7702

2015-11-05 00:00:00

SOL16392 - NTP vulnerability CVE-2014-9750

2015-04-09 00:00:00

K16392 : NTP vulnerability CVE-2014-9750

2015-11-07 00:00:00

nessus

F5 Networks BIG-IP : NTP vulnerabilities (K17530)

2015-11-06 00:00:00

Rockwell Automation Stratix Denial of Service AutoKey Malicious Message (CVE-2015-7691)

2023-11-15 00:00:00

Network Time Protocol Daemon (ntpd) 3.x / 4.x < 4.2.8p5 Denial Of Service Vulnerability

2019-01-22 00:00:00

cvelist

CVE-2014-9750

2015-10-04 20:00:00

CVE-2015-7692

2017-08-07 20:00:00

CVE-2015-7702

2017-08-07 20:00:00

ibm

Security Bulletin: IBM Pure Power Integrated Manager (PPIM) is affected by vulnerabilities in ntp (CVE-2014-9750, CVE-2014-9751)

2018-06-18 01:30:30

Security Bulletin: Multiple Security Vulnerabilities affecting IBM Netezza Host Management

2019-10-18 03:10:29

Security Bulletin: Vulnerabilities in NTP affect IBM Flex System FC3171 8Gb SAN Switch & SAN Pass-thru Firmware, QLogic 8Gb Intelligent Pass-thru Module & SAN Switch Module and QLogic Virtual Fabric Extension Module for IBM BladeCenter

2023-04-14 14:32:25

osv

ntp - security update

2015-02-05 00:00:00

ntp - incomplete fix

2015-02-05 00:00:00

ntp - security update

2015-11-01 00:00:00

openvas

NTP.org 'ntpd' Multiple Vulnerabilities

2017-01-05 00:00:00

Debian: Security Advisory (DSA-3154-2)

2015-02-04 00:00:00

Amazon Linux: Security Advisory (ALAS-2015-607)

2015-11-08 00:00:00

amazon

Important: ntp

2015-10-27 16:42:00

redhat

(RHSA-2016:0780) Moderate: ntp security and bug fix update

2016-05-10 06:42:20

(RHSA-2016:2583) Moderate: ntp security and bug fix update

2016-11-03 06:07:15

(RHSA-2015:1459) Moderate: ntp security, bug fix, and enhancement update

2015-07-22 00:00:00

centos

ntp, ntpdate security update

2016-05-16 10:19:19

ntp, ntpdate, sntp security update

2016-11-25 16:00:55

ntp, ntpdate security update

2015-07-26 14:13:05

debian

[SECURITY] [DLA 335-1] ntp security update

2015-10-28 20:45:05

[SECURITY] [DSA 3388-1] ntp security update

2015-11-01 22:20:55

slackware

[slackware-security] ntp

2015-10-29 22:49:05

aix

Vulnerabilities in NTP affect AIX,Vulnerabilities in NTP affect VIOS

2016-01-21 09:13:20

mageia

Updated ntp packages fixes security vulnerabilities

2015-10-26 00:50:36

fedora

[SECURITY] Fedora 23 Update: ntp-4.2.6p5-34.fc23

2015-11-02 18:55:43

[SECURITY] Fedora 21 Update: ntp-4.2.6p5-34.fc21

2015-11-04 22:51:44

[SECURITY] Fedora 22 Update: ntp-4.2.6p5-36.fc22

2016-02-21 02:33:52

oraclelinux

ntp security, bug fix, and enhancement update

2015-11-23 00:00:00

ntp security and bug fix update

2016-05-12 00:00:00

ntp security and bug fix update

2016-11-09 00:00:00

freebsd_advisory

FreeBSD-SA-15:25.ntp

2015-10-26 00:00:00

freebsd

ntp -- 13 low- and medium-severity vulnerabilities

2015-10-21 00:00:00

arista

Security Advisory 0016

2015-11-04 00:00:00

archlinux

ntp: multiple issues

2015-10-22 00:00:00

securityvulns

ntp multiple security vulnerabilities

2015-11-01 00:00:00

[USN-2783-1] NTP vulnerabilities

2015-11-01 00:00:00

cisco

Multiple Vulnerabilities in ntpd Affecting Cisco Products - October 2015

2015-10-21 23:00:00

symantec

SA103 : October 2015 NTP Security Vulnerabilities

2015-11-24 08:00:00

ubuntu

NTP vulnerabilities

2015-10-27 00:00:00

suse

Security update for ntp (important)

2016-05-06 13:07:50

Security update for ntp (important)

2016-05-17 15:09:17

Security update for yast2-ntp-client (important)

2016-08-17 21:08:25

gentoo

NTP: Multiple vulnerabilities

2016-07-20 00:00:00

ics

Rockwell Automation Stratix 5900

2017-05-10 12:00:00

Solutions

Vulnerabilities intelligence
Perimeter control tool
Linux scanner
Windows scanner
Developers SDK
Security Intelligence feeds

Database

Vulnerabilities
Exploits
Security News
BugBounty
Wild Exploited
Top Vulnerabilities
CVE Feed

Resources

Statics & Sources
Plugins
API docs
FAQ
Blog
Glossary

Company

About
Contacts
Pricing
EULA
Privacy Policy
Submission Policy
OpenSource

@2024 Vulners Inc

8 High

AI Score

Confidence

High

0.018 Low

EPSS

Percentile

88.3%

JSON

Related for CVELIST:CVE-2015-7691