CVE-2015-7849
published 2017-08-07CVE-2015-7849: Use-after-free vulnerability in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote authenticated users to possibly execute arbitrary code…
PriorityP356high8.8CVSS 3.1
AVNACLPRLUINSUCHIHAH
EPSS
16.85%
96.7th percentile
Use-after-free vulnerability in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote authenticated users to possibly execute arbitrary code or cause a denial of service (crash) via crafted packets.
Affected
6 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| cisco | products_october_2015 | — | — |
| debian | ntp | < ntp 1:4.2.8p4+dfsg-1 (bullseye) | ntp 1:4.2.8p4+dfsg-1 (bullseye) |
| ntp | ntp | — | — |
| ntp | ntp | >= 0 < 1:4.2.8p4+dfsg-1 | 1:4.2.8p4+dfsg-1 |
| ntp | ntp | >= 4.2.0 < 4.2.8 | 4.2.8 |
| ntp | ntp | >= 4.3.0 < 4.3.77 | 4.3.77 |
CVSS provenance
nvdv3.18.8HIGHCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H
nvdv2.06.5MEDIUMAV:N/AC:L/Au:S/C:P/I:P/A:P
osv8.8HIGH
vendor_debian8.8HIGH
vendor_redhat8.8HIGH
vendor_cisco7.5HIGH
Stop checking back — get the weekly exploitation signal.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
CISA ICS
Rockwell Automation Stratix 5900
cisa_ics·2017-05-10
Rockwell Automation Stratix 5900
## Archived Content In an effort to keep CISA.gov current, the archive contains outdated information that may not reflect current policy or programs.
ICS Advisory
##
Rockwell Automation Stratix 5900
Last RevisedMay 10, 2017
Alert CodeICSA-17-094-04
## CVSS v3 10.0
ATTENTION: Remotely exploitable/low skill level to exploit.
Vendor: Rockwell Automation
Equipment: Stratix 5900
Vulnerabilities: Improper Input Validation, Resource Management Errors, Improper Authentication, Path Traversal.
## REPOSTED INFORMATION
This advisory was originally posted to the NCCIC Portal on April 4, 2017, and is being released to the NCCIC/ICS-CERT web site.
## AFFECTED PRODUCTS
Rockwell Automation reports that these vulnerabilities affect the following Strat
BSD
FreeBSD-SA-15:25.ntp: Multiple vulnerabilities of ntp [REVISED]
bsd_advisories·2015-10-26·CVSS 7.5
CVE-2014-9750 [HIGH] FreeBSD-SA-15:25.ntp: Multiple vulnerabilities of ntp [REVISED]
FreeBSD-SA-15:25.ntp Security Advisory
The FreeBSD Project
Topic: Multiple vulnerabilities of ntp [REVISED]
Category: contrib
Module: ntp
Announced: 2015-10-26, revised on 2015-11-04
Credits: Network Time Foundation
Affects: All supported versions of FreeBSD.
Corrected: 2015-10-26 11:35:40 UTC (stable/10, 10.2-STABLE)
2015-11-04 11:27:13 UTC (releng/10.2, 10.2-RELEASE-p7)
2015-11-04 11:27:21 UTC (releng/10.1, 10.1-RELEASE-p24)
2015-11-02 10:39:26 UTC (stable/9, 9.3-STABLE)
2015-11-04 11:27:30 UTC (releng/9.3, 9.3-RELEASE-p30)
CVE Name: CVE-2015-7701, CVE-2015-7702, CVE-2015-7703, CVE-2015-7704,
CVE-2015-7848, CVE-2015-7849, CVE-2015-7850, CVE-2015-7851,
CVE-2015-7852, CVE-2015-7853, CVE-2015-7854, CVE-2015-7855,
CVE-2015-7871
For general information regarding FreeBSD Security Advisories
Cisco
Multiple Vulnerabilities in ntpd Affecting Cisco Products - October 2015
vendor_cisco·2015-10-22·CVSS 7.5
CVE-2015-7691 [HIGH] CWE-119 Multiple Vulnerabilities in ntpd Affecting Cisco Products - October 2015
Multiple Vulnerabilities in ntpd Affecting Cisco Products - October 2015
Multiple Cisco products incorporate a version of the ntpd package. Versions of this package are affected by one or more vulnerabilities that could allow an unauthenticated, remote attacker to create a denial of service (DoS) condition or modify the time being advertised by a device acting as a network time protocol (NTP) server.
On October 21st, 2015, NTP.org released a security advisory detailing 13 issues regarding multiple DoS vulnerabilities, information disclosure vulnerabilities, and logic issues that may result in an attacker gaining the ability to modify an NTP server's advertised time. The vulnerabilities covered in this document are as follows:
CVE-2015-7691 - Denial of Service AutoKey Malicious Message
C
Red Hat
ntp: trusted keys memory corruption vulnerability
vendor_redhat·2015-10-21·CVSS 8.8
CVE-2015-7849 [HIGH] CWE-416 ntp: trusted keys memory corruption vulnerability
ntp: trusted keys memory corruption vulnerability
Use-after-free vulnerability in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote authenticated users to possibly execute arbitrary code or cause a denial of service (crash) via crafted packets.
Statement: This issue did not affect the versions of ntp as shipped with Red Hat Enterprise Linux 5, 6, and 7 as these version do not include the affected code.
Package: ntp (Red Hat Enterprise Linux 5) - Not affected
Package: ntp (Red Hat Enterprise Linux 6) - Not affected
Package: ntp (Red Hat Enterprise Linux 7) - Not affected
Debian
CVE-2015-7849: ntp - Use-after-free vulnerability in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x befo...
vendor_debian·2015·CVSS 8.8
CVE-2015-7849 [HIGH] CVE-2015-7849: ntp - Use-after-free vulnerability in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x befo...
Use-after-free vulnerability in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote authenticated users to possibly execute arbitrary code or cause a denial of service (crash) via crafted packets.
Scope: local
bullseye: resolved (fixed in 1:4.2.8p4+dfsg-1)
Cisco
Multiple Vulnerabilities in ntpd Affecting Cisco Products - October 2015
vendor_cisco
CVE-2015-7852 Multiple Vulnerabilities in ntpd Affecting Cisco Products - October 2015
CVE-2015-7852: Multiple Vulnerabilities in ntpd Affecting Cisco Products - October 2015
Multiple Cisco products incorporate a version of the ntpd package. Versions of this package are affected by one or more vulnerabilities that could allow an unauthenticated, remote attacker to create a denial of service (DoS) condition or modify the time being advertised by a device acting as a network time protocol (NTP) server. On October 21st, 2015, NTP.org released a security advisory detailing 13 issues regarding multiple DoS vulnerabilities, information disclosure vulnerabilities, and logic issues that may result in an attacker gaining the ability to modify an NTP server's advertised time. The vulnerabilities covered in this document are as follows: CVE-2015-7691 - Denial of Service AutoKey Malicio
Cisco
Multiple Vulnerabilities in ntpd Affecting Cisco Products - October 2015
vendor_cisco
CVE-2015-7871 Multiple Vulnerabilities in ntpd Affecting Cisco Products - October 2015
CVE-2015-7871: Multiple Vulnerabilities in ntpd Affecting Cisco Products - October 2015
Multiple Cisco products incorporate a version of the ntpd package. Versions of this package are affected by one or more vulnerabilities that could allow an unauthenticated, remote attacker to create a denial of service (DoS) condition or modify the time being advertised by a device acting as a network time protocol (NTP) server. On October 21st, 2015, NTP.org released a security advisory detailing 13 issues regarding multiple DoS vulnerabilities, information disclosure vulnerabilities, and logic issues that may result in an attacker gaining the ability to modify an NTP server's advertised time. The vulnerabilities covered in this document are as follows: CVE-2015-7691 - Denial of Service AutoKey Malicio
Cisco
Multiple Vulnerabilities in ntpd Affecting Cisco Products - October 2015
vendor_cisco
CVE-2015-7850 Multiple Vulnerabilities in ntpd Affecting Cisco Products - October 2015
CVE-2015-7850: Multiple Vulnerabilities in ntpd Affecting Cisco Products - October 2015
Multiple Cisco products incorporate a version of the ntpd package. Versions of this package are affected by one or more vulnerabilities that could allow an unauthenticated, remote attacker to create a denial of service (DoS) condition or modify the time being advertised by a device acting as a network time protocol (NTP) server. On October 21st, 2015, NTP.org released a security advisory detailing 13 issues regarding multiple DoS vulnerabilities, information disclosure vulnerabilities, and logic issues that may result in an attacker gaining the ability to modify an NTP server's advertised time. The vulnerabilities covered in this document are as follows: CVE-2015-7691 - Denial of Service AutoKey Malicio
Cisco
Multiple Vulnerabilities in ntpd Affecting Cisco Products - October 2015
vendor_cisco
CVE-2015-7704 Multiple Vulnerabilities in ntpd Affecting Cisco Products - October 2015
CVE-2015-7704: Multiple Vulnerabilities in ntpd Affecting Cisco Products - October 2015
Multiple Cisco products incorporate a version of the ntpd package. Versions of this package are affected by one or more vulnerabilities that could allow an unauthenticated, remote attacker to create a denial of service (DoS) condition or modify the time being advertised by a device acting as a network time protocol (NTP) server. On October 21st, 2015, NTP.org released a security advisory detailing 13 issues regarding multiple DoS vulnerabilities, information disclosure vulnerabilities, and logic issues that may result in an attacker gaining the ability to modify an NTP server's advertised time. The vulnerabilities covered in this document are as follows: CVE-2015-7691 - Denial of Service AutoKey Malicio
Cisco
Multiple Vulnerabilities in ntpd Affecting Cisco Products - October 2015
vendor_cisco
CVE-2015-7855 Multiple Vulnerabilities in ntpd Affecting Cisco Products - October 2015
CVE-2015-7855: Multiple Vulnerabilities in ntpd Affecting Cisco Products - October 2015
Multiple Cisco products incorporate a version of the ntpd package. Versions of this package are affected by one or more vulnerabilities that could allow an unauthenticated, remote attacker to create a denial of service (DoS) condition or modify the time being advertised by a device acting as a network time protocol (NTP) server. On October 21st, 2015, NTP.org released a security advisory detailing 13 issues regarding multiple DoS vulnerabilities, information disclosure vulnerabilities, and logic issues that may result in an attacker gaining the ability to modify an NTP server's advertised time. The vulnerabilities covered in this document are as follows: CVE-2015-7691 - Denial of Service AutoKey Malicio
Cisco
Multiple Vulnerabilities in ntpd Affecting Cisco Products - October 2015
vendor_cisco
CVE-2015-7853 Multiple Vulnerabilities in ntpd Affecting Cisco Products - October 2015
CVE-2015-7853: Multiple Vulnerabilities in ntpd Affecting Cisco Products - October 2015
Multiple Cisco products incorporate a version of the ntpd package. Versions of this package are affected by one or more vulnerabilities that could allow an unauthenticated, remote attacker to create a denial of service (DoS) condition or modify the time being advertised by a device acting as a network time protocol (NTP) server. On October 21st, 2015, NTP.org released a security advisory detailing 13 issues regarding multiple DoS vulnerabilities, information disclosure vulnerabilities, and logic issues that may result in an attacker gaining the ability to modify an NTP server's advertised time. The vulnerabilities covered in this document are as follows: CVE-2015-7691 - Denial of Service AutoKey Malicio
Cisco
Multiple Vulnerabilities in ntpd Affecting Cisco Products - October 2015
vendor_cisco
CVE-2015-7851 Multiple Vulnerabilities in ntpd Affecting Cisco Products - October 2015
CVE-2015-7851: Multiple Vulnerabilities in ntpd Affecting Cisco Products - October 2015
Multiple Cisco products incorporate a version of the ntpd package. Versions of this package are affected by one or more vulnerabilities that could allow an unauthenticated, remote attacker to create a denial of service (DoS) condition or modify the time being advertised by a device acting as a network time protocol (NTP) server. On October 21st, 2015, NTP.org released a security advisory detailing 13 issues regarding multiple DoS vulnerabilities, information disclosure vulnerabilities, and logic issues that may result in an attacker gaining the ability to modify an NTP server's advertised time. The vulnerabilities covered in this document are as follows: CVE-2015-7691 - Denial of Service AutoKey Malicio
Cisco
Multiple Vulnerabilities in ntpd Affecting Cisco Products - October 2015
vendor_cisco
CVE-2015-7705 Multiple Vulnerabilities in ntpd Affecting Cisco Products - October 2015
CVE-2015-7705: Multiple Vulnerabilities in ntpd Affecting Cisco Products - October 2015
Multiple Cisco products incorporate a version of the ntpd package. Versions of this package are affected by one or more vulnerabilities that could allow an unauthenticated, remote attacker to create a denial of service (DoS) condition or modify the time being advertised by a device acting as a network time protocol (NTP) server. On October 21st, 2015, NTP.org released a security advisory detailing 13 issues regarding multiple DoS vulnerabilities, information disclosure vulnerabilities, and logic issues that may result in an attacker gaining the ability to modify an NTP server's advertised time. The vulnerabilities covered in this document are as follows: CVE-2015-7691 - Denial of Service AutoKey Malicio
Cisco
Multiple Vulnerabilities in ntpd Affecting Cisco Products - October 2015
vendor_cisco
CVE-2015-7849 Multiple Vulnerabilities in ntpd Affecting Cisco Products - October 2015
CVE-2015-7849: Multiple Vulnerabilities in ntpd Affecting Cisco Products - October 2015
Multiple Cisco products incorporate a version of the ntpd package. Versions of this package are affected by one or more vulnerabilities that could allow an unauthenticated, remote attacker to create a denial of service (DoS) condition or modify the time being advertised by a device acting as a network time protocol (NTP) server. On October 21st, 2015, NTP.org released a security advisory detailing 13 issues regarding multiple DoS vulnerabilities, information disclosure vulnerabilities, and logic issues that may result in an attacker gaining the ability to modify an NTP server's advertised time. The vulnerabilities covered in this document are as follows: CVE-2015-7691 - Denial of Service AutoKey Malicio
Cisco
Multiple Vulnerabilities in ntpd Affecting Cisco Products - October 2015
vendor_cisco
CVE-2015-7703 Multiple Vulnerabilities in ntpd Affecting Cisco Products - October 2015
CVE-2015-7703: Multiple Vulnerabilities in ntpd Affecting Cisco Products - October 2015
Multiple Cisco products incorporate a version of the ntpd package. Versions of this package are affected by one or more vulnerabilities that could allow an unauthenticated, remote attacker to create a denial of service (DoS) condition or modify the time being advertised by a device acting as a network time protocol (NTP) server. On October 21st, 2015, NTP.org released a security advisory detailing 13 issues regarding multiple DoS vulnerabilities, information disclosure vulnerabilities, and logic issues that may result in an attacker gaining the ability to modify an NTP server's advertised time. The vulnerabilities covered in this document are as follows: CVE-2015-7691 - Denial of Service AutoKey Malicio
Cisco
Multiple Vulnerabilities in ntpd Affecting Cisco Products - October 2015
vendor_cisco
CVE-2015-7854 Multiple Vulnerabilities in ntpd Affecting Cisco Products - October 2015
CVE-2015-7854: Multiple Vulnerabilities in ntpd Affecting Cisco Products - October 2015
Multiple Cisco products incorporate a version of the ntpd package. Versions of this package are affected by one or more vulnerabilities that could allow an unauthenticated, remote attacker to create a denial of service (DoS) condition or modify the time being advertised by a device acting as a network time protocol (NTP) server. On October 21st, 2015, NTP.org released a security advisory detailing 13 issues regarding multiple DoS vulnerabilities, information disclosure vulnerabilities, and logic issues that may result in an attacker gaining the ability to modify an NTP server's advertised time. The vulnerabilities covered in this document are as follows: CVE-2015-7691 - Denial of Service AutoKey Malicio
Cisco
Multiple Vulnerabilities in ntpd Affecting Cisco Products - October 2015
vendor_cisco
CVE-2015-7702 Multiple Vulnerabilities in ntpd Affecting Cisco Products - October 2015
CVE-2015-7702: Multiple Vulnerabilities in ntpd Affecting Cisco Products - October 2015
Multiple Cisco products incorporate a version of the ntpd package. Versions of this package are affected by one or more vulnerabilities that could allow an unauthenticated, remote attacker to create a denial of service (DoS) condition or modify the time being advertised by a device acting as a network time protocol (NTP) server. On October 21st, 2015, NTP.org released a security advisory detailing 13 issues regarding multiple DoS vulnerabilities, information disclosure vulnerabilities, and logic issues that may result in an attacker gaining the ability to modify an NTP server's advertised time. The vulnerabilities covered in this document are as follows: CVE-2015-7691 - Denial of Service AutoKey Malicio
Cisco
Multiple Vulnerabilities in ntpd Affecting Cisco Products - October 2015
vendor_cisco
CVE-2015-7701 Multiple Vulnerabilities in ntpd Affecting Cisco Products - October 2015
CVE-2015-7701: Multiple Vulnerabilities in ntpd Affecting Cisco Products - October 2015
Multiple Cisco products incorporate a version of the ntpd package. Versions of this package are affected by one or more vulnerabilities that could allow an unauthenticated, remote attacker to create a denial of service (DoS) condition or modify the time being advertised by a device acting as a network time protocol (NTP) server. On October 21st, 2015, NTP.org released a security advisory detailing 13 issues regarding multiple DoS vulnerabilities, information disclosure vulnerabilities, and logic issues that may result in an attacker gaining the ability to modify an NTP server's advertised time. The vulnerabilities covered in this document are as follows: CVE-2015-7691 - Denial of Service AutoKey Malicio
Cisco
Multiple Vulnerabilities in ntpd Affecting Cisco Products - October 2015
vendor_cisco
CVE-2015-7691 Multiple Vulnerabilities in ntpd Affecting Cisco Products - October 2015
CVE-2015-7691: Multiple Vulnerabilities in ntpd Affecting Cisco Products - October 2015
Multiple Cisco products incorporate a version of the ntpd package. Versions of this package are affected by one or more vulnerabilities that could allow an unauthenticated, remote attacker to create a denial of service (DoS) condition or modify the time being advertised by a device acting as a network time protocol (NTP) server. On October 21st, 2015, NTP.org released a security advisory detailing 13 issues regarding multiple DoS vulnerabilities, information disclosure vulnerabilities, and logic issues that may result in an attacker gaining the ability to modify an NTP server's advertised time. The vulnerabilities covered in this document are as follows: CVE-2015-7691 - Denial of Service AutoKey Malicio
Cisco
Multiple Vulnerabilities in ntpd Affecting Cisco Products - October 2015
vendor_cisco
CVE-2015-7848 Multiple Vulnerabilities in ntpd Affecting Cisco Products - October 2015
CVE-2015-7848: Multiple Vulnerabilities in ntpd Affecting Cisco Products - October 2015
Multiple Cisco products incorporate a version of the ntpd package. Versions of this package are affected by one or more vulnerabilities that could allow an unauthenticated, remote attacker to create a denial of service (DoS) condition or modify the time being advertised by a device acting as a network time protocol (NTP) server. On October 21st, 2015, NTP.org released a security advisory detailing 13 issues regarding multiple DoS vulnerabilities, information disclosure vulnerabilities, and logic issues that may result in an attacker gaining the ability to modify an NTP server's advertised time. The vulnerabilities covered in this document are as follows: CVE-2015-7691 - Denial of Service AutoKey Malicio
Cisco
Multiple Vulnerabilities in ntpd Affecting Cisco Products - October 2015
vendor_cisco
CVE-2015-7692 Multiple Vulnerabilities in ntpd Affecting Cisco Products - October 2015
CVE-2015-7692: Multiple Vulnerabilities in ntpd Affecting Cisco Products - October 2015
Multiple Cisco products incorporate a version of the ntpd package. Versions of this package are affected by one or more vulnerabilities that could allow an unauthenticated, remote attacker to create a denial of service (DoS) condition or modify the time being advertised by a device acting as a network time protocol (NTP) server. On October 21st, 2015, NTP.org released a security advisory detailing 13 issues regarding multiple DoS vulnerabilities, information disclosure vulnerabilities, and logic issues that may result in an attacker gaining the ability to modify an NTP server's advertised time. The vulnerabilities covered in this document are as follows: CVE-2015-7691 - Denial of Service AutoKey Malicio
GHSA
GHSA-47fj-2qv7-3xvh: Use-after-free vulnerability in ntpd in NTP 4
ghsa_unreviewed·2022-05-13
CVE-2015-7849 [HIGH] CWE-416 GHSA-47fj-2qv7-3xvh: Use-after-free vulnerability in ntpd in NTP 4
Use-after-free vulnerability in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote authenticated users to possibly execute arbitrary code or cause a denial of service (crash) via crafted packets.
OSV
CVE-2015-7849: Use-after-free vulnerability in ntpd in NTP 4
osv·2017-08-07·CVSS 8.8
CVE-2015-7849 [HIGH] CVE-2015-7849: Use-after-free vulnerability in ntpd in NTP 4
Use-after-free vulnerability in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote authenticated users to possibly execute arbitrary code or cause a denial of service (crash) via crafted packets.
No detection rules found.
Talos
Cisco Identifies Multiple Vulnerabilities in Network Time Protocol daemon (ntpd)
blogs_talos·2015-10-21
Cisco Identifies Multiple Vulnerabilities in Network Time Protocol daemon (ntpd)
## Cisco Identifies Multiple Vulnerabilities in Network Time Protocol daemon (ntpd)
Cisco is committed to improving the overall security of the products and services our customers rely on. As part of this commitment, Cisco assesses the security of software components used in our products. Open source software plays a key role in many Cisco products and as a result, ensuring the security of open source software components is vital, especially in the wake of major vulnerabilities such as Heartbleed and Shellshock.
In April 2014, the Linux Foundation spearheaded the creation of the Core Infrastructure Initiative in response to the disclosure of Heartbleed with the goal of securing open source projects that are widely used on the internet. As a member of the Linux Foundation Core Infrastruct
Talos
Cisco Identifies Multiple Vulnerabilities in Network Time Protocol daemon (ntpd)
blogs_talos·2015-10-21
Cisco Identifies Multiple Vulnerabilities in Network Time Protocol daemon (ntpd)
Cisco is committed to improving the overall security of the products and services our customers rely on. As part of this commitment, Cisco assesses the security of software components used in our products. Open source software plays a key role in many Cisco products and as a result, ensuring the security of open source software components is vital, especially in the wake of major vulnerabilities such as Heartbleed and Shellshock.
In April 2014, the Linux Foundation spearheaded the creation of the Core Infrastructure Initiative in response to the disclosure of Heartbleed with the goal of securing open source projects that are widely used on the internet. As a member of the Linux Foundation Core Infrastructure Initiative (CII) Steering Group, Cisco is contributing to the CII effort by evalu
Bugzilla
CVE-2015-7849 ntp: trusted keys memory corruption vulnerability
bugzilla·2015-10-22·CVSS 8.8
CVE-2015-7849 [HIGH] CVE-2015-7849 ntp: trusted keys memory corruption vulnerability
CVE-2015-7849 ntp: trusted keys memory corruption vulnerability
The following flaw was found in ntpd:
An exploitable use-after-free vulnerability exists in the password management functionality of the Network Time Protocol. A specially crafted key file could cause a buffer overflow resulting in memory corruption. An attacker could provide a malicious password file to trigger this vulnerability.
External References:
http://talosintel.com/reports/TALOS-2015-0054/
http://support.ntp.org/bin/view/Main/SecurityNotice#October_2015_NTP_Security_Vulner
Discussion:
Statement:
This issue did not affect the versions of ntp as shipped with Red Hat Enterprise Linux 5, 6, and 7 as these version do not include the affected code.
---
Upstream patch:
https://github.com/ntp-project/ntp/commit/1bb4
http://support.ntp.org/bin/view/Main/NtpBug2916http://www.securityfocus.com/bid/77276http://www.securitytracker.com/id/1033951https://bugzilla.redhat.com/show_bug.cgi?id=1274257https://security.gentoo.org/glsa/201607-15https://security.netapp.com/advisory/ntap-20171004-0001/http://support.ntp.org/bin/view/Main/NtpBug2916http://www.securityfocus.com/bid/77276http://www.securitytracker.com/id/1033951https://bugzilla.redhat.com/show_bug.cgi?id=1274257https://security.gentoo.org/glsa/201607-15https://security.netapp.com/advisory/ntap-20171004-0001/
2017-08-07
Published