CVE-2015-7704
published 2017-08-07CVE-2015-7704: The ntpd client in NTP 4.x before 4.2.8p4 and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service via a number of crafted "KOD" messages.
high7.5CVSS 3.0
AVNACLPRNUINSUCNINAH
The ntpd client in NTP 4.x before 4.2.8p4 and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service via a number of crafted "KOD" messages.
Affected
63 ranges· showing 25
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| canonical | ubuntu_linux | — | — |
| cisco | products_october_2015 | — | — |
| citrix | citrix_adm | — | — |
| citrix | citrix_hypervisor | — | — |
| citrix | citrix_virtual_apps_and_desktops | — | — |
| citrix | endpoint_management | — | — |
| citrix | netscaler_adc | — | — |
| citrix | netscaler_gateway | — | — |
| citrix | xenserver | — | — |
| citrix | xenserver | — | — |
| citrix | xenserver | — | — |
| citrix | xenserver | — | — |
| citrix | xenserver | — | — |
| debian | debian_linux | — | — |
| debian | debian_linux | — | — |
| debian | debian_linux | — | — |
| debian | ntp | < ntp 1:4.2.8p4+dfsg-3 (bullseye) | ntp 1:4.2.8p4+dfsg-3 (bullseye) |
| debian | ntp | < ntp 1:4.2.8p11+dfsg-1 (bullseye) | ntp 1:4.2.8p11+dfsg-1 (bullseye) |
| debian | ntpsec | < ntp 1:4.2.8p11+dfsg-1 (bullseye) | ntp 1:4.2.8p11+dfsg-1 (bullseye) |
| mcafee | enterprise_security_manager | < 10.4.0 | 10.4.0 |
| mcafee | enterprise_security_manager | >= 11.0.0 < 11.2.0 | 11.2.0 |
| ntp | ntp | — | — |
CVSS provenance
nvdv3.07.5HIGHCVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
nvdv3.17.5HIGHCVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
osv7.5HIGH