CVE-2015-7871

Related Files

HP Security Bulletin HPSBHF03646 1

Posted Sep 21, 2016

Authored by HP | Site hp.com

HP Security Bulletin HPSBHF03646 1 - Potential security vulnerabilities in NTP have been addressed with HPE Comware 7 (CW7) network products. The vulnerabilities could be exploited remotely resulting in Denial of Service (DoS) or other impacts affecting integrity. Revision 1 of this advisory.

tags | advisory, denial of service, vulnerability

advisories | CVE-2015-7704, CVE-2015-7705, CVE-2015-7855, CVE-2015-7871

SHA-256 | 3e4a383f81b8f831a71fee10d049a8ec3ad082e9cef8cad751135dbe0d5d3940

Download | Favorite | View

Gentoo Linux Security Advisory 201607-15

Posted Jul 21, 2016

Authored by Gentoo | Site security.gentoo.org

Gentoo Linux Security Advisory 201607-15 - Multiple vulnerabilities have been found in NTP, the worst of which could lead to Denial of Service. Versions less than 4.2.8_p8 are affected.

tags | advisory, denial of service, vulnerability

systems | linux, gentoo

advisories | CVE-2015-7691, CVE-2015-7692, CVE-2015-7701, CVE-2015-7702, CVE-2015-7703, CVE-2015-7704, CVE-2015-7705, CVE-2015-7848, CVE-2015-7849, CVE-2015-7850, CVE-2015-7851, CVE-2015-7852, CVE-2015-7853, CVE-2015-7854, CVE-2015-7855, CVE-2015-7871, CVE-2015-7973, CVE-2015-7974, CVE-2015-7975, CVE-2015-7976, CVE-2015-7977, CVE-2015-7978, CVE-2015-7979, CVE-2015-8138, CVE-2015-8139, CVE-2015-8140, CVE-2015-8158, CVE-2016-1547

SHA-256 | 1cee38cbbf4cfcbee63ab9a3fb2cb62dbfa060e41bf33390b2adc1fcf92ddd84

Download | Favorite | View

Debian Security Advisory 3388-1

Posted Nov 2, 2015

Authored by Debian | Site debian.org

Debian Linux Security Advisory 3388-1 - Several vulnerabilities were discovered in the Network Time Protocol daemon and utility programs.

tags | advisory, vulnerability, protocol

systems | linux, debian

advisories | CVE-2014-9750, CVE-2014-9751, CVE-2015-3405, CVE-2015-5146, CVE-2015-5194, CVE-2015-5195, CVE-2015-5219, CVE-2015-5300, CVE-2015-7691, CVE-2015-7692, CVE-2015-7701, CVE-2015-7702, CVE-2015-7703, CVE-2015-7704, CVE-2015-7850, CVE-2015-7852, CVE-2015-7855, CVE-2015-7871

SHA-256 | 4fac4f7e1a4e533ef9921e59f6edea64818b9257321c6c0272d58e5b47a7c5a7

Download | Favorite | View

Slackware Security Advisory - ntp Updates

Posted Oct 30, 2015

Authored by Slackware Security Team | Site slackware.com

Slackware Security Advisory - New ntp packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix security issues.

tags | advisory

systems | linux, slackware

advisories | CVE-2014-9750, CVE-2015-5196, CVE-2015-7691, CVE-2015-7692, CVE-2015-7701, CVE-2015-7702, CVE-2015-7704, CVE-2015-7705, CVE-2015-7848, CVE-2015-7849, CVE-2015-7850, CVE-2015-7851, CVE-2015-7852, CVE-2015-7853, CVE-2015-7854, CVE-2015-7855, CVE-2015-7871

SHA-256 | 9e1563e5450015846758e7398735030c758bd3179e6f25263eca88eb9ad6257b

Download | Favorite | View

Ubuntu Security Notice USN-2783-1

Posted Oct 27, 2015

Authored by Ubuntu | Site security.ubuntu.com

Ubuntu Security Notice 2783-1 - Aleksis Kauppinen discovered that NTP incorrectly handled certain remote config packets. In a non-default configuration, a remote authenticated attacker could possibly use this issue to cause NTP to crash, resulting in a denial of service. Miroslav Lichvar discovered that NTP incorrectly handled logconfig directives. In a non-default configuration, a remote authenticated attacker could possibly use this issue to cause NTP to crash, resulting in a denial of service. Various other issues were also addressed.

tags | advisory, remote, denial of service

systems | linux, ubuntu

advisories | CVE-2015-5146, CVE-2015-5194, CVE-2015-5195, CVE-2015-5196, CVE-2015-5219, CVE-2015-5300, CVE-2015-7691, CVE-2015-7692, CVE-2015-7701, CVE-2015-7702, CVE-2015-7703, CVE-2015-7704, CVE-2015-7705, CVE-2015-7850, CVE-2015-7852, CVE-2015-7853, CVE-2015-7855, CVE-2015-7871

SHA-256 | 8debc928995cb2a3718e301aeb27ac0484aa5e83482836add27bb9e46982d590

Download | Favorite | View

FreeBSD Security Advisory - ntp Authentication Bypass

Posted Oct 26, 2015

Site security.freebsd.org

FreeBSD Security Advisory - Crypto-NAK packets can be used to cause ntpd(8) to accept time from an unauthenticated ephemeral symmetric peer by bypassing the authentication required to mobilize peer associations. FreeBSD 9.3 and 10.1 are not affected. Various other issues have also been addressed.

tags | advisory, cryptography

systems | freebsd

advisories | CVE-2015-7701, CVE-2015-7702, CVE-2015-7703, CVE-2015-7704, CVE-2015-7848, CVE-2015-7849, CVE-2015-7850, CVE-2015-7851, CVE-2015-7852, CVE-2015-7853, CVE-2015-7854, CVE-2015-7855, CVE-2015-7871

SHA-256 | 97daf08486cc4c8cc8703eb625aea225e01f9a851cedc0e7f504b4776cf765dc

Download | Favorite | View

Cisco Security Advisory 20151021-ntp

Posted Oct 21, 2015

Authored by Cisco Systems | Site cisco.com

Cisco Security Advisory - Multiple Cisco products incorporate a version of the ntpd package. Versions of this package are affected by one or more vulnerabilities that could allow an unauthenticated, remote attacker to create a denial of service (DoS) condition or modify the time being advertised by a device acting as a network time protocol (NTP) server. On October 21st, 2015, NTP.org released a security advisory detailing 13 issues regarding multiple DoS vulnerabilities, information disclosure vulnerabilities, and logic issues that may result in an attacker gaining the ability to modify an NTP server's advertised time.

tags | advisory, remote, denial of service, vulnerability, protocol, info disclosure

systems | cisco

advisories | CVE-2015-7691, CVE-2015-7692, CVE-2015-7701, CVE-2015-7702, CVE-2015-7703, CVE-2015-7704, CVE-2015-7705, CVE-2015-7848, CVE-2015-7849, CVE-2015-7850, CVE-2015-7851, CVE-2015-7852, CVE-2015-7853, CVE-2015-7854, CVE-2015-7855, CVE-2015-7871

SHA-256 | 6ebc284ba57243b45f2bce8db6f2a2f67c881ca4c1e93c7fa6a8b5eff989e55a

Download | Favorite | View