Use-after-free vulnerability in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x
before 4.3.77 allows remote authenticated users to possibly execute
arbitrary code or cause a denial of service (crash) via crafted packets.
Author | Note |
---|---|
mdeslaur | precise to wily don’t look vulnerable |
blog.talosintel.com/2015/10/ntpd-vulnerabilities.html
support.ntp.org/bin/view/Main/SecurityNotice#October_2015_NTP_Security_Vulner
talosintel.com/reports/TALOS-2015-0054/
launchpad.net/bugs/cve/CVE-2015-7849
nvd.nist.gov/vuln/detail/CVE-2015-7849
security-tracker.debian.org/tracker/CVE-2015-7849
www.cve.org/CVERecord?id=CVE-2015-7849