13 matches found
K17515: NTP vulnerability CVE-2015-7855
Security Advisory Description The decodenetnum function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service assertion failure via a 6 or mode 7 packet containing a long data value. CVE-2015-7855 Impact A locally authenticated user may ...
SUSE CVE-2015-7855
The decodenetnum function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service assertion failure via a 6 or mode 7 packet containing a long data value...
Huawei EulerOS: Security Advisory for ntp (EulerOS-SA-2019-2066)
The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...
EulerOS 2.0 SP3 : ntp (EulerOS-SA-2019-2066)
According to the versions of the ntp packages installed, the EulerOS installation on the remote host is affected by the following vulnerabilities : - The rate limiting feature in NTP 4.x before 4.2.8p4 and 4.3.x before 4.3.77 allows remote attackers to have unspecified impact via a large number o...
EulerOS Virtualization 3.0.1.0 : ntp (EulerOS-SA-2019-1557)
According to the versions of the ntp packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - It was found that ntpd did not check whether a Message Authentication Code MAC was present in a received packet when ntpd was...
EulerOS Virtualization 2.5.3 : ntp (EulerOS-SA-2019-1230)
According to the versions of the ntp packages installed, the EulerOS Virtualization installation on the remote host is affected by the following vulnerabilities : - The ntpq saveconfig command in NTP 4.1.2, 4.2.x before 4.2.8p6, 4.3, 4.3.25, 4.3.70, and 4.3.77 does not properly filter special...
Code injection
The decodenetnum function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service assertion failure via a 6 or mode 7 packet containing a long data value...
CVE-2015-7855
CVE-2015-7855 affects ntpd in NTP 4.2.x before 4.2.8p4 and 4.3.x before 4.3.77. The decodenetnum() function can assert-botch when processing mode 6 or mode 7 packets with an unusually long data value, enabling a remote attacker to cause ntpd to crash (denial of service). Public references indicat...
NTP.org 'ntpd' 'decodenetnum' And 'loop counter underrun' DoS Vulnerabilities
NTP.org SPDX-FileCopyrightText: 2016 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only CPE = "cpe:/a:ntp:ntp"; ifdescription scriptoid"1.3.6.1.4.1.25623.1.0.810221";...
F5 Networks BIG-IP : NTP vulnerability (K17515)
The decodenetnum function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service assertion failure via a 6 or mode 7 packet containing a long data value. CVE-2015-7855 Impact A locally authenticated user may be able to disrupt ntpd...
Network Time Protocol Daemon decodenetnum Assertion Failure (CVE-2015-7855)
A denial-of-service vulnerability exists in the Network Time Protocol daemon NTPD. The vulnerability is due to an assertion failure that can occur in decodenetnum when NTPD receives certain crafted packets. A remote, authenticated attacker can exploit this vulnerability by sending a crafted NTP...
CVE-2015-7855
The decodenetnum function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service assertion failure via a 6 or mode 7 packet containing a long data value...
PT-2015-6804 · Ntf +6 · Ntp +6
Name of the Vulnerable Software and Affected Versions: NTP versions prior to 4.2.7p366 Description: The issue allows remote attackers to cause a denial of service, potentially via a crafted NTP packet. This is due to improper type conversions from a precision value to a double in the ULOGTOD...