Lucene search
K

19 matches found

F5 Networks
F5 Networks
added 2023/02/21 6:52 p.m.48 views

K17525: NTP vulnerability CVE-2015-7853

Security Advisory Description The datalen parameter in the refclock driver in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to execute arbitrary code or cause a denial of service crash via a negative input value. CVE-2015-7853 Impact Running a custom refclock driver in...

9.8CVSS7.3AI score0.11781EPSS
Exploits0Affected Software22
OpenVAS
OpenVAS
added 2021/06/09 12:0 a.m.20 views

SUSE: Security Advisory (SUSE-SU-2016:2094-1)

The remote host is missing an update for the SPDX-FileCopyrightText: 2021 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.1AI score0.81762EPSS
Exploits20References2
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.46 views

Huawei EulerOS: Security Advisory for ntp (EulerOS-SA-2019-1719)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.9AI score0.81762EPSS
Exploits6References2
OpenVAS
OpenVAS
added 2020/01/23 12:0 a.m.61 views

Huawei EulerOS: Security Advisory for ntp (EulerOS-SA-2019-2066)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS7.9AI score0.81762EPSS
Exploits6References2
Tenable Nessus
Tenable Nessus
added 2019/04/09 12:0 a.m.45 views

EulerOS Virtualization 2.5.3 : ntp (EulerOS-SA-2019-1222)

According to the versions of the ntp packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - The rate limiting feature in NTP 4.x before 4.2.8p4 and 4.3.x before 4.3.77 allows remote attackers to have unspecified impact via a...

9.8CVSS7AI score0.81762EPSS
Exploits2References5
IBM Security Bulletins
IBM Security Bulletins
added 2019/01/31 2:25 a.m.36 views

Security Bulletin: Vulnerabilities in NTP and GNU C Library (glibc) affect IBM Flex System EN6131 40Gb Ethernet / IB6131 40Gb Infiniband Switch Firmware

Summary IBM Flex System EN6131 40Gb Ethernet / IB6131 40Gb Infiniband Switch Firmware has addressed the following vulnerabilities in NTP and GNU C Library glibc. Vulnerability Details Summary IBM Flex System EN6131 40Gb Ethernet / IB6131 40Gb Infiniband Switch Firmware has addressed the following...

9.8CVSS0.9AI score0.81762EPSS
Exploits7Affected Software1
Tenable Nessus
Tenable Nessus
added 2017/08/09 12:0 a.m.65 views

AIX NTP v4 Advisory : ntp_advisory4.asc (IV79954) (IV79954)

The remote AIX host has a version of Network Time Protocol NTP installed that is affected by the following vulnerabilities : - A divide-by-zero error exists in file include/ntp.h when handling LOGTOD and ULOGTOD macros in a crafted NTP packet. An unauthenticated, remote attacker can exploit this,...

9.8CVSS6.3AI score0.31068EPSS
Exploits4References9
Tenable Nessus
Tenable Nessus
added 2017/08/09 12:0 a.m.66 views

AIX NTP v3 Advisory : ntp_advisory4.asc (IV79942) (IV79943) (IV79944) (IV79945) (IV79946)

The remote AIX host has a version of Network Time Protocol NTP installed that is affected by the following vulnerabilities : - A divide-by-zero error exists in file include/ntp.h when handling LOGTOD and ULOGTOD macros in a crafted NTP packet. An unauthenticated, remote attacker can exploit this,...

9.8CVSS6.3AI score0.31068EPSS
Exploits4References9
OSV
OSV
added 2017/08/07 8:29 p.m.7 views

CVE-2015-7853

The datalen parameter in the refclock driver in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to execute arbitrary code or cause a denial of service crash via a negative input value...

9.8CVSS9.6AI score
Exploits0References30
NVD
NVD
added 2017/08/07 8:29 p.m.30 views

CVE-2015-7853

The datalen parameter in the refclock driver in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to execute arbitrary code or cause a denial of service crash via a negative input value...

9.8CVSS9.6AI score0.11781EPSS
Exploits0References28
CVE
CVE
added 2017/08/07 8:0 p.m.232 views

CVE-2015-7853

CVE-2015-7853 affects the refclock driver in ntpd (NTP) with the datalen parameter: in NTP 4.2.x before 4.2.8p4 and 4.3.x before 4.3.77, a negative datalen value can overflow a data buffer, enabling remote attackers to execute arbitrary code or cause a crash. Concrete details across connected adv...

9.8CVSS9.5AI score0.11781EPSS
Exploits0References28Affected Software1
Tenable Nessus
Tenable Nessus
added 2016/05/25 12:0 a.m.42 views

F5 Networks BIG-IP : NTP vulnerability (K17525)

The datalen parameter in the refclock driver in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to execute arbitrary code or cause a denial of service crash via a negative input value. CVE-2015-7853 Impact Running a custom refclock driver in ntpd could overflow a data...

9.8CVSS6.5AI score0.11781EPSS
Exploits0References2
Tenable Nessus
Tenable Nessus
added 2016/05/19 12:0 a.m.45 views

SUSE SLES11 Security Update : ntp (SUSE-SU-2016:1311-1)

This network time protocol server ntp was updated to 4.2.8p6 to fix the following issues : Also yast2-ntp-client was updated to match some sntp syntax changes. bsc937837 Major functional changes : - The 'sntp' commandline tool changed its option handling in a major way. - 'controlkey 1' is added...

9.8CVSS6.9AI score0.81762EPSS
Exploits13References98
Tenable Nessus
Tenable Nessus
added 2016/05/09 12:0 a.m.45 views

SUSE SLED12 / SLES12 Security Update : ntp (SUSE-SU-2016:1247-1)

ntp was updated to version 4.2.8p6 to fix 28 security issues. Major functional changes : - The 'sntp' commandline tool changed its option handling in a major way, some options have been renamed or dropped. - 'controlkey 1' is added during update to ntp.conf to allow sntp to work. - The local cloc...

9.8CVSS6.9AI score0.81762EPSS
Exploits13References88
Tenable Nessus
Tenable Nessus
added 2015/11/20 12:0 a.m.52 views

openSUSE Security Update : ntp (openSUSE-2015-767)

This ntp update provides the following security and non security fixes : - Update to 4.2.8p4 to fix several security issues bsc951608 : - CVE-2015-7871: NAK to the Future: Symmetric association authentication bypass via crypto-NAK - CVE-2015-7855: decodenetnum will ASSERT botch instead of returni...

9.8CVSS6.8AI score0.81762EPSS
Exploits8References18
OpenVAS
OpenVAS
added 2015/11/08 12:0 a.m.47 views

Mageia: Security Advisory (MGASA-2015-0418)

The remote host is missing an update for the SPDX-FileCopyrightText: 2015 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

9.8CVSS8.5AI score0.31068EPSS
Exploits4References5
FreeBSD Advisory
FreeBSD Advisory
added 2015/10/26 12:0 a.m.26 views

FreeBSD-SA-15:25.ntp

-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 ============================================================================= FreeBSD-SA-15:25.ntp Security Advisory The FreeBSD Project Topic: Multiple vulnerabilities of ntp REVISED Category: contrib Module: ntp Announced: 2015-10-26, revised on...

9.8CVSS6.9AI score0.81762EPSS
Exploits8
UbuntuCve
UbuntuCve
added 2015/10/22 12:0 a.m.27 views

CVE-2015-7853

The datalen parameter in the refclock driver in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to execute arbitrary code or cause a denial of service crash via a negative input value...

9.8CVSS7.1AI score0.11781EPSS
Exploits0References5
Tenable Nessus
Tenable Nessus
added 2015/10/22 12:0 a.m.49 views

FreeBSD : ntp -- 13 low- and medium-severity vulnerabilities (c4a18a12-77fc-11e5-a687-206a8a720317)

ntp.org reports : NTF's NTP Project has been notified of the following 13 low- and medium-severity vulnerabilities that are fixed in ntp-4.2.8p4, released on Wednesday, 21 October 2015 : - Bug 2941 CVE-2015-7871 NAK to the Future: Symmetric association authentication bypass via crypto-NAK Cisco...

9.8CVSS7AI score0.81762EPSS
Exploits8References19
Rows per page
Query Builder