Lucene search
K

13 matches found

F5 Networks
F5 Networks
added 2023/02/21 6:15 p.m.35 views

K17522: NTP vulnerability CVE-2015-7851

Security Advisory Description Directory traversal vulnerability in the saveconfig function in ntpd in ntpcontrol.c in NTP before 4.2.8p4, when used on systems that do not use '' or '/' characters for directory separation such as OpenVMS, allows remote authenticated users to overwrite arbitrary...

6.5CVSS7AI score0.03942EPSS
Exploits1
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.20 views

SUSE: Security Advisory (SUSE-SU-2016:2094-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.1AI score0.81762EPSS
Exploits20References2
OSV
OSV
added 2020/01/28 5:15 p.m.8 views

CVE-2015-7851

Directory traversal vulnerability in the saveconfig function in ntpd in ntpcontrol.c in NTP before 4.2.8p4, when used on systems that do not use '' or '/' characters for directory separation such as OpenVMS, allows remote authenticated users to overwrite arbitrary files...

6.5CVSS9.1AI score0.03942EPSS
Exploits1References4
UbuntuCve
UbuntuCve
added 2020/01/28 5:15 p.m.34 views

CVE-2015-7851

Directory traversal vulnerability in the saveconfig function in ntpd in ntpcontrol.c in NTP before 4.2.8p4, when used on systems that do not use '' or '/' characters for directory separation such as OpenVMS, allows remote authenticated users to overwrite arbitrary files...

6.5CVSS7AI score0.03942EPSS
Exploits1References4
Cvelist
Cvelist
added 2020/01/28 4:35 p.m.28 views

CVE-2015-7851

Directory traversal vulnerability in the saveconfig function in ntpd in ntpcontrol.c in NTP before 4.2.8p4, when used on systems that do not use '' or '/' characters for directory separation such as OpenVMS, allows remote authenticated users to overwrite arbitrary files...

7.7AI score0.03942EPSS
Exploits1References3
CVE
CVE
added 2020/01/28 4:35 p.m.121 views

CVE-2015-7851

CVE-2015-7851 is a directory traversal vulnerability in ntpd’s save_config path (ntp_control.c) affecting ntpd before 4.2.8p4. The issue arises on systems where directory separators differ (e.g., OpenVMS), allowing remote authenticated users to overwrite arbitrary files via crafted config saves. ...

6.5CVSS7.5AI score0.03942EPSS
Exploits1References3Affected Software1
Debian CVE
Debian CVE
added 2020/01/28 4:35 p.m.32 views

CVE-2015-7851

Directory traversal vulnerability in the saveconfig function in ntpd in ntpcontrol.c in NTP before 4.2.8p4, when used on systems that do not use '' or '/' characters for directory separation such as OpenVMS, allows remote authenticated users to overwrite arbitrary files...

6.5CVSS7AI score0.03942EPSS
Exploits1
Tenable Nessus
Tenable Nessus
added 2016/05/19 12:0 a.m.45 views

SUSE SLES11 Security Update : ntp (SUSE-SU-2016:1311-1)

This network time protocol server ntp was updated to 4.2.8p6 to fix the following issues : Also yast2-ntp-client was updated to match some sntp syntax changes. bsc937837 Major functional changes : - The 'sntp' commandline tool changed its option handling in a major way. - 'controlkey 1' is added...

9.8CVSS6.9AI score0.81762EPSS
Exploits13References98
Tenable Nessus
Tenable Nessus
added 2016/05/09 12:0 a.m.45 views

SUSE SLED12 / SLES12 Security Update : ntp (SUSE-SU-2016:1247-1)

ntp was updated to version 4.2.8p6 to fix 28 security issues. Major functional changes : - The 'sntp' commandline tool changed its option handling in a major way, some options have been renamed or dropped. - 'controlkey 1' is added during update to ntp.conf to allow sntp to work. - The local cloc...

9.8CVSS6.9AI score0.81762EPSS
Exploits13References88
Tenable Nessus
Tenable Nessus
added 2015/11/20 12:0 a.m.52 views

openSUSE Security Update : ntp (openSUSE-2015-767)

This ntp update provides the following security and non security fixes : - Update to 4.2.8p4 to fix several security issues bsc951608 : - CVE-2015-7871: NAK to the Future: Symmetric association authentication bypass via crypto-NAK - CVE-2015-7855: decodenetnum will ASSERT botch instead of returni...

9.8CVSS6.8AI score0.81762EPSS
Exploits8References18
F5 Networks
F5 Networks
added 2015/11/02 12:0 a.m.25 views

SOL17522 - NTP vulnerability CVE-2015-7851

Recommended Action None Supplemental Information SOL9970: Subscribing to email notifications regarding F5 products SOL9957: Creating a custom RSS feed to view new and updated documents SOL4602: Overview of the F5 security vulnerability response policy SOL4918: Overview of the F5 critical issue...

6.5CVSS2.4AI score0.03942EPSS
Exploits1References4
FreeBSD Advisory
FreeBSD Advisory
added 2015/10/26 12:0 a.m.26 views

FreeBSD-SA-15:25.ntp

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-15:25.ntp Security Advisory The FreeBSD Project Topic: Multiple vulnerabilities of ntp REVISED Category: contrib Module: ntp Announced: 2015-10-26, revised on...

9.8CVSS6.9AI score0.81762EPSS
Exploits8
Tenable Nessus
Tenable Nessus
added 2015/10/22 12:0 a.m.49 views

FreeBSD : ntp -- 13 low- and medium-severity vulnerabilities (c4a18a12-77fc-11e5-a687-206a8a720317)

ntp.org reports : NTF's NTP Project has been notified of the following 13 low- and medium-severity vulnerabilities that are fixed in ntp-4.2.8p4, released on Wednesday, 21 October 2015 : - Bug 2941 CVE-2015-7871 NAK to the Future: Symmetric association authentication bypass via crypto-NAK Cisco...

9.8CVSS7AI score0.81762EPSS
Exploits8References19
Rows per page
Query Builder