Showing 1 - 6 of 6

CVE-2015-7975

Status Candidate

Overview

The nextvar function in NTP before 4.2.8p6 and 4.3.x before 4.3.90 does not properly validate the length of its input, which allows an attacker to cause a denial of service (application crash).

Related Files

HPE Security Bulletin HPESBHF03766 1: Posted Jul 20, 2017; Authored by Hewlett Packard Enterprise | Site hpe.com; HPE Security Bulletin HPESBHF03766 1 - Potential security vulnerabilities with NTP have been addressed for HPE network products including Comware 5 used in certain ConvergedSystem 700 solutions. The vulnerabilities could be remotely exploited resulting in Denial of Service (DoS) or unauthorized modification, or locally exploited resulting in Denial of Service (DoS). Revision 1 of this advisory.; tags | advisory, denial of service, vulnerability; advisories | CVE-2015-7973, CVE-2015-7974, CVE-2015-7975, CVE-2015-7979, CVE-2015-8138, CVE-2015-8158; SHA-256 | 3edfee76e1994530da7a06fe189c9516c8fd4b472f41291e675135108bd439bc; Download | Favorite | View

HPE Security Bulletin HPESBHF03750 1: Posted May 26, 2017; Authored by Hewlett Packard Enterprise | Site hpe.com; HPE Security Bulletin HPESBHF03750 1 - Potential security vulnerabilities with NTP have been addressed for HPE network products including Comware 5, Comware 7 and VCX. The vulnerabilities could be remotely exploited resulting in Denial of Service (DoS) or unauthorized modification, or locally exploited resulting in Denial of Service (DoS). Revision 1 of this advisory.; tags | advisory, denial of service, vulnerability; advisories | CVE-2015-7973, CVE-2015-7974, CVE-2015-7975, CVE-2015-7979, CVE-2015-8138, CVE-2015-8158; SHA-256 | 7f882c6324716b75cd78a8b4cab85a38448ce39540c3887364e56b39ae65a64d; Download | Favorite | View

Ubuntu Security Notice USN-3096-1: Posted Oct 5, 2016; Authored by Ubuntu | Site security.ubuntu.com; Ubuntu Security Notice 3096-1 - Aanchal Malhotra discovered that NTP incorrectly handled authenticated broadcast mode. A remote attacker could use this issue to perform a replay attack. Matt Street discovered that NTP incorrectly verified peer associations of symmetric keys. A remote attacker could use this issue to perform an impersonation attack. Jonathan Gardner discovered that the NTP ntpq utility incorrectly handled memory. An attacker could possibly use this issue to cause ntpq to crash, resulting in a denial of service. This issue only affected Ubuntu 16.04 LTS. Various other issues were also addressed.; tags | advisory, remote, denial of service; systems | linux, ubuntu; advisories | CVE-2015-7973, CVE-2015-7974, CVE-2015-7975, CVE-2015-7976, CVE-2015-7977, CVE-2015-7978, CVE-2015-7979, CVE-2015-8138, CVE-2015-8158, CVE-2016-0727, CVE-2016-1547, CVE-2016-1548, CVE-2016-1550, CVE-2016-2516, CVE-2016-2518, CVE-2016-4954, CVE-2016-4955, CVE-2016-4956; SHA-256 | b8f300fae17a52f76a9e98de101486d8e3686770df1e46d25f5d8739810e8276; Download | Favorite | View

Gentoo Linux Security Advisory 201607-15: Posted Jul 21, 2016; Authored by Gentoo | Site security.gentoo.org; Gentoo Linux Security Advisory 201607-15 - Multiple vulnerabilities have been found in NTP, the worst of which could lead to Denial of Service. Versions less than 4.2.8_p8 are affected.; tags | advisory, denial of service, vulnerability; systems | linux, gentoo; advisories | CVE-2015-7691, CVE-2015-7692, CVE-2015-7701, CVE-2015-7702, CVE-2015-7703, CVE-2015-7704, CVE-2015-7705, CVE-2015-7848, CVE-2015-7849, CVE-2015-7850, CVE-2015-7851, CVE-2015-7852, CVE-2015-7853, CVE-2015-7854, CVE-2015-7855, CVE-2015-7871, CVE-2015-7973, CVE-2015-7974, CVE-2015-7975, CVE-2015-7976, CVE-2015-7977, CVE-2015-7978, CVE-2015-7979, CVE-2015-8138, CVE-2015-8139, CVE-2015-8140, CVE-2015-8158, CVE-2016-1547; SHA-256 | 1cee38cbbf4cfcbee63ab9a3fb2cb62dbfa060e41bf33390b2adc1fcf92ddd84; Download | Favorite | View

Slackware Security Advisory - ntp Updates: Posted Feb 25, 2016; Authored by Slackware Security Team | Site slackware.com; Slackware Security Advisory - New ntp packages are available for Slackware 13.0, 13.1, 13.37, 14.0, 14.1, and -current to fix security issues.; tags | advisory; systems | linux, slackware; advisories | CVE-2015-5300, CVE-2015-7973, CVE-2015-7974, CVE-2015-7975, CVE-2015-7976, CVE-2015-7977, CVE-2015-7978, CVE-2015-7979, CVE-2015-8138, CVE-2015-8158; SHA-256 | 37713e13555f43d3a710763934080ccf84cfd0f0cb9b3f3824fd084a85878b2c; Download | Favorite | View

FreeBSD Security Advisory - FreeBSD-SA-16:09.ntp: Posted Jan 27, 2016; Authored by Cisco ASIG / Network Time Foundation | Site security.freebsd.org; FreeBSD Security Advisory - Multiple vulnerabilities have been discovered in ntp 4.2.8p5.; tags | advisory, vulnerability; systems | freebsd, bsd; advisories | CVE-2015-7973, CVE-2015-7974, CVE-2015-7975, CVE-2015-7976; SHA-256 | 0012bd57d2a8406dd32930fabf358096ce959163c75bbf46f91070e3e7c213d8; Download | Favorite | View

Page 1 of 1 Back 1 Next

Top Authors In Last 30 Days

Red Hat 293 files
Ubuntu 63 files
Debian 33 files
Gentoo 28 files
LiquidWorm 10 files
nu11secur1ty 7 files
Adam Gowdiak 4 files
kai6u 3 files
gabe_k 3 files
liquidsky 3 files

File Archives

Systems

AIX (429)
Apple (2,078)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,036)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,495)
HPUX (880)
iOS (373)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (49,567)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (488)
RedHat (15,739)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,489)
UNIX (9,397)
UnixWare (187)
Windows (6,656)
Other

CVE-2015-7975

Overview

Related Files

File Archive:

May 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems