CVE-2015-7855
published 2017-08-07CVE-2015-7855: The decodenetnum function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (assertion failure)…
PriorityP344medium6.5CVSS 3.1
AVNACLPRLUINSUCNINAH
EXPLOIT
EPSS
31.07%
98.0th percentile
The decodenetnum function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (assertion failure) via a 6 or mode 7 packet containing a long data value.
Affected
10 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| cisco | products_october_2015 | — | — |
| debian | debian_linux | — | — |
| debian | debian_linux | — | — |
| debian | debian_linux | — | — |
| debian | ntp | < ntp 1:4.2.8p4+dfsg-1 (bullseye) | ntp 1:4.2.8p4+dfsg-1 (bullseye) |
| ntp | ntp | — | — |
| ntp | ntp | >= 0 < 1:4.2.8p4+dfsg-1 | 1:4.2.8p4+dfsg-1 |
| ntp | ntp | >= 0 < 1:4.2.6.p5+dfsg-3ubuntu2.14.04.5 | 1:4.2.6.p5+dfsg-3ubuntu2.14.04.5 |
| ntp | ntp | >= 4.2.0 < 4.2.8 | 4.2.8 |
| ntp | ntp | >= 4.3.0 < 4.3.77 | 4.3.77 |
Detection & IOCsextracted from sources · hover to see the quote
bytes↗
\x16\x0a\x00\x02\x00\x00\x00\x00\x00\x00\x00\xa0\x6e\x6f\x6e\x63\x65\x3d\x64\x61\x33\x64\x35\x64\x30\x66\x66\x38\x30\x38\x31\x65\x63\x38\x33\x35\x32\x61\x32\x32\x38\x36\x2c\x20\x66\x72\x61\x67\x73\x3d\x33\x32\x2c\x20\x6c\x61\x64\x64\x72\x3d\x39\x39\x39\x39\x39\x39\x39\x39\x39\x39\x39\x39\x39\x39\x39\x39\x39\x39\x39\x39\x39\x39\x39\x39\x39\x39\x39\x39\x39\x39\x39\x39\x39\x39\x39\x39\x39\x39\x39\x39\x39\x39\x39\x39\x39\x39\x39\x39\x39\x39\x39\x39\x39\x39\x39\x39\x39\x39\x39\x39\x39\x39\x39\x39\x39\x39\x39\x39\x39\x39\x39\x39\x39\x39\x39\x39\x39\x39\x39\x39\x39\x39\x39\x39\x39\x39\x39\x39\x39\x39\x39\x39\x39\x39\x39\x39\x39\x39\x39\x39\x39\x39\x39\x39\x39\x39\x39\x39\x39\x39\x39\x39
- →Trigger is a mode 6 or mode 7 NTP packet (first byte 0x16 = mode 6) with an oversized `laddr=` field containing a long numeric string sent over UDP/123 — look for NTP control packets with unusually large data payloads targeting the decodenetnum() code path. ↗
- →The vulnerability is exposed only when the `mrulist` feature is active in ntpd; detection should focus on environments where mrulist/mode-6 queries are permitted from remote hosts. ↗
- →Crash manifests as an assertion failure inside decodenetnum() — monitor ntpd process for unexpected termination or assertion-failure log messages as a host-based detection signal. ↗
- ·The vulnerability only affects ntpd instances that expose the mrulist feature (mode 6/7 queries); Red Hat Enterprise Linux 5, 6, and 7 ship without this feature and are not affected. ↗
CVSS provenance
nvdv3.16.5MEDIUMCVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
nvdv2.04.0MEDIUMAV:N/AC:L/Au:S/C:N/I:N/A:P
osv6.5MEDIUM
vendor_cisco7.5HIGH
vendor_debian6.5MEDIUM
vendor_redhat6.5MEDIUM
vendor_ubuntu5.3MEDIUM
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
CISA ICS
Siemens TIM 4R-IE Devices
cisa_ics·2021-04-13·CVSS 7.5
[HIGH] Siemens TIM 4R-IE Devices
## Archived Content In an effort to keep CISA.gov current, the archive contains outdated information that may not reflect current policy or programs.
ICS Advisory
##
Siemens TIM 4R-IE Devices
Last RevisedApril 13, 2021
Alert CodeICSA-21-103-11
## 1. EXECUTIVE SUMMARY
- CVSS v3 9.8
- ATTENTION: Exploitable remotely/low attack complexity
- Vendor: Siemens
- Equipment: TIM 4R-IE
- Vulnerabilities: Incorrect Type Conversion or Cast, Improper Input Validation, Improper Authentication, Security Features, Null Pointer Dereference, Data Processing Errors, Exposure of Sensitive Information to an Unauthorized Actor, Race Condition
## 2. RISK EVALUATION
Successful exploitation of these vulnerabilities could compromise the confidentiality, integri
CISA ICS
Siemens RUGGEDCOM ROX-based Devices NTP Vulnerabilities
cisa_ics·2018-08-27
Siemens RUGGEDCOM ROX-based Devices NTP Vulnerabilities
## Archived Content In an effort to keep CISA.gov current, the archive contains outdated information that may not reflect current policy or programs.
ICS Advisory
##
Siemens RUGGEDCOM ROX-based Devices NTP Vulnerabilities
Last RevisedAugust 27, 2018
Alert CodeICSA-15-356-01
## OVERVIEW
Siemens has reported to NCCIC/ICS-CERT that NTP daemon vulnerabilities exist in the Siemens RUGGEDCOM ROX-based devices. Siemens has produced firmware updates to mitigate these vulnerabilities.
These vulnerabilities could be exploited remotely.
## AFFECTED PRODUCTS
The following Siemens RUGGEDCOM ROX versions are affected when NTP service is activated:
- ROX II: All versions prior to 2.9.0, and
- ROX I: All versions.
The NTP service is deactivated on ROX
CISA ICS
Rockwell Automation Stratix 5900
cisa_ics·2017-05-10
Rockwell Automation Stratix 5900
## Archived Content In an effort to keep CISA.gov current, the archive contains outdated information that may not reflect current policy or programs.
ICS Advisory
##
Rockwell Automation Stratix 5900
Last RevisedMay 10, 2017
Alert CodeICSA-17-094-04
## CVSS v3 10.0
ATTENTION: Remotely exploitable/low skill level to exploit.
Vendor: Rockwell Automation
Equipment: Stratix 5900
Vulnerabilities: Improper Input Validation, Resource Management Errors, Improper Authentication, Path Traversal.
## REPOSTED INFORMATION
This advisory was originally posted to the NCCIC Portal on April 4, 2017, and is being released to the NCCIC/ICS-CERT web site.
## AFFECTED PRODUCTS
Rockwell Automation reports that these vulnerabilities affect the following Strat
Ubuntu
NTP vulnerabilities
vendor_ubuntu·2015-10-27·CVSS 5.3
CVE-2015-5146 [MEDIUM] NTP vulnerabilities
Title: NTP vulnerabilities
Summary: Several security issues were fixed in NTP.
Aleksis Kauppinen discovered that NTP incorrectly handled certain remote
config packets. In a non-default configuration, a remote authenticated
attacker could possibly use this issue to cause NTP to crash, resulting in
a denial of service. (CVE-2015-5146)
Miroslav Lichvar discovered that NTP incorrectly handled logconfig
directives. In a non-default configuration, a remote authenticated attacker
could possibly use this issue to cause NTP to crash, resulting in a denial
of service. (CVE-2015-5194)
Miroslav Lichvar discovered that NTP incorrectly handled certain statistics
types. In a non-default configuration, a remote authenticated attacker
could possibly use this issue to cause NTP to crash, resulting in a
BSD
FreeBSD-SA-15:25.ntp: Multiple vulnerabilities of ntp [REVISED]
bsd_advisories·2015-10-26·CVSS 7.5
CVE-2014-9750 [HIGH] FreeBSD-SA-15:25.ntp: Multiple vulnerabilities of ntp [REVISED]
FreeBSD-SA-15:25.ntp Security Advisory
The FreeBSD Project
Topic: Multiple vulnerabilities of ntp [REVISED]
Category: contrib
Module: ntp
Announced: 2015-10-26, revised on 2015-11-04
Credits: Network Time Foundation
Affects: All supported versions of FreeBSD.
Corrected: 2015-10-26 11:35:40 UTC (stable/10, 10.2-STABLE)
2015-11-04 11:27:13 UTC (releng/10.2, 10.2-RELEASE-p7)
2015-11-04 11:27:21 UTC (releng/10.1, 10.1-RELEASE-p24)
2015-11-02 10:39:26 UTC (stable/9, 9.3-STABLE)
2015-11-04 11:27:30 UTC (releng/9.3, 9.3-RELEASE-p30)
CVE Name: CVE-2015-7701, CVE-2015-7702, CVE-2015-7703, CVE-2015-7704,
CVE-2015-7848, CVE-2015-7849, CVE-2015-7850, CVE-2015-7851,
CVE-2015-7852, CVE-2015-7853, CVE-2015-7854, CVE-2015-7855,
CVE-2015-7871
For general information regarding FreeBSD Security Advisories
Cisco
Multiple Vulnerabilities in ntpd Affecting Cisco Products - October 2015
vendor_cisco·2015-10-22·CVSS 7.5
CVE-2015-7691 [HIGH] CWE-119 Multiple Vulnerabilities in ntpd Affecting Cisco Products - October 2015
Multiple Vulnerabilities in ntpd Affecting Cisco Products - October 2015
Multiple Cisco products incorporate a version of the ntpd package. Versions of this package are affected by one or more vulnerabilities that could allow an unauthenticated, remote attacker to create a denial of service (DoS) condition or modify the time being advertised by a device acting as a network time protocol (NTP) server.
On October 21st, 2015, NTP.org released a security advisory detailing 13 issues regarding multiple DoS vulnerabilities, information disclosure vulnerabilities, and logic issues that may result in an attacker gaining the ability to modify an NTP server's advertised time. The vulnerabilities covered in this document are as follows:
CVE-2015-7691 - Denial of Service AutoKey Malicious Message
C
Red Hat
ntp: ASSERT in decodenetnum() on invalid values
vendor_redhat·2015-10-21·CVSS 6.5
CVE-2015-7855 [MEDIUM] ntp: ASSERT in decodenetnum() on invalid values
ntp: ASSERT in decodenetnum() on invalid values
The decodenetnum function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (assertion failure) via a 6 or mode 7 packet containing a long data value.
Statement: This issue did not affect the versions of ntp as shipped with Red Hat Enterprise Linux 5, 6, and 7 as they do not include support for the mrulist feature, which exposes the decodenetnum() function.
Package: ntp (Red Hat Enterprise Linux 5) - Not affected
Package: ntp (Red Hat Enterprise Linux 6) - Not affected
Package: ntp (Red Hat Enterprise Linux 7) - Not affected
Debian
CVE-2015-7855: ntp - The decodenetnum function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before ...
vendor_debian·2015·CVSS 6.5
CVE-2015-7855 [MEDIUM] CVE-2015-7855: ntp - The decodenetnum function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before ...
The decodenetnum function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (assertion failure) via a 6 or mode 7 packet containing a long data value.
Scope: local
bullseye: resolved (fixed in 1:4.2.8p4+dfsg-1)
Cisco
Multiple Vulnerabilities in ntpd Affecting Cisco Products - October 2015
vendor_cisco
CVE-2015-7852 Multiple Vulnerabilities in ntpd Affecting Cisco Products - October 2015
CVE-2015-7852: Multiple Vulnerabilities in ntpd Affecting Cisco Products - October 2015
Multiple Cisco products incorporate a version of the ntpd package. Versions of this package are affected by one or more vulnerabilities that could allow an unauthenticated, remote attacker to create a denial of service (DoS) condition or modify the time being advertised by a device acting as a network time protocol (NTP) server. On October 21st, 2015, NTP.org released a security advisory detailing 13 issues regarding multiple DoS vulnerabilities, information disclosure vulnerabilities, and logic issues that may result in an attacker gaining the ability to modify an NTP server's advertised time. The vulnerabilities covered in this document are as follows: CVE-2015-7691 - Denial of Service AutoKey Malicio
Cisco
Multiple Vulnerabilities in ntpd Affecting Cisco Products - October 2015
vendor_cisco
CVE-2015-7871 Multiple Vulnerabilities in ntpd Affecting Cisco Products - October 2015
CVE-2015-7871: Multiple Vulnerabilities in ntpd Affecting Cisco Products - October 2015
Multiple Cisco products incorporate a version of the ntpd package. Versions of this package are affected by one or more vulnerabilities that could allow an unauthenticated, remote attacker to create a denial of service (DoS) condition or modify the time being advertised by a device acting as a network time protocol (NTP) server. On October 21st, 2015, NTP.org released a security advisory detailing 13 issues regarding multiple DoS vulnerabilities, information disclosure vulnerabilities, and logic issues that may result in an attacker gaining the ability to modify an NTP server's advertised time. The vulnerabilities covered in this document are as follows: CVE-2015-7691 - Denial of Service AutoKey Malicio
Cisco
Multiple Vulnerabilities in ntpd Affecting Cisco Products - October 2015
vendor_cisco
CVE-2015-7850 Multiple Vulnerabilities in ntpd Affecting Cisco Products - October 2015
CVE-2015-7850: Multiple Vulnerabilities in ntpd Affecting Cisco Products - October 2015
Multiple Cisco products incorporate a version of the ntpd package. Versions of this package are affected by one or more vulnerabilities that could allow an unauthenticated, remote attacker to create a denial of service (DoS) condition or modify the time being advertised by a device acting as a network time protocol (NTP) server. On October 21st, 2015, NTP.org released a security advisory detailing 13 issues regarding multiple DoS vulnerabilities, information disclosure vulnerabilities, and logic issues that may result in an attacker gaining the ability to modify an NTP server's advertised time. The vulnerabilities covered in this document are as follows: CVE-2015-7691 - Denial of Service AutoKey Malicio
Cisco
Multiple Vulnerabilities in ntpd Affecting Cisco Products - October 2015
vendor_cisco
CVE-2015-7704 Multiple Vulnerabilities in ntpd Affecting Cisco Products - October 2015
CVE-2015-7704: Multiple Vulnerabilities in ntpd Affecting Cisco Products - October 2015
Multiple Cisco products incorporate a version of the ntpd package. Versions of this package are affected by one or more vulnerabilities that could allow an unauthenticated, remote attacker to create a denial of service (DoS) condition or modify the time being advertised by a device acting as a network time protocol (NTP) server. On October 21st, 2015, NTP.org released a security advisory detailing 13 issues regarding multiple DoS vulnerabilities, information disclosure vulnerabilities, and logic issues that may result in an attacker gaining the ability to modify an NTP server's advertised time. The vulnerabilities covered in this document are as follows: CVE-2015-7691 - Denial of Service AutoKey Malicio
Cisco
Multiple Vulnerabilities in ntpd Affecting Cisco Products - October 2015
vendor_cisco
CVE-2015-7855 Multiple Vulnerabilities in ntpd Affecting Cisco Products - October 2015
CVE-2015-7855: Multiple Vulnerabilities in ntpd Affecting Cisco Products - October 2015
Multiple Cisco products incorporate a version of the ntpd package. Versions of this package are affected by one or more vulnerabilities that could allow an unauthenticated, remote attacker to create a denial of service (DoS) condition or modify the time being advertised by a device acting as a network time protocol (NTP) server. On October 21st, 2015, NTP.org released a security advisory detailing 13 issues regarding multiple DoS vulnerabilities, information disclosure vulnerabilities, and logic issues that may result in an attacker gaining the ability to modify an NTP server's advertised time. The vulnerabilities covered in this document are as follows: CVE-2015-7691 - Denial of Service AutoKey Malicio
Cisco
Multiple Vulnerabilities in ntpd Affecting Cisco Products - October 2015
vendor_cisco
CVE-2015-7853 Multiple Vulnerabilities in ntpd Affecting Cisco Products - October 2015
CVE-2015-7853: Multiple Vulnerabilities in ntpd Affecting Cisco Products - October 2015
Multiple Cisco products incorporate a version of the ntpd package. Versions of this package are affected by one or more vulnerabilities that could allow an unauthenticated, remote attacker to create a denial of service (DoS) condition or modify the time being advertised by a device acting as a network time protocol (NTP) server. On October 21st, 2015, NTP.org released a security advisory detailing 13 issues regarding multiple DoS vulnerabilities, information disclosure vulnerabilities, and logic issues that may result in an attacker gaining the ability to modify an NTP server's advertised time. The vulnerabilities covered in this document are as follows: CVE-2015-7691 - Denial of Service AutoKey Malicio
Cisco
Multiple Vulnerabilities in ntpd Affecting Cisco Products - October 2015
vendor_cisco
CVE-2015-7851 Multiple Vulnerabilities in ntpd Affecting Cisco Products - October 2015
CVE-2015-7851: Multiple Vulnerabilities in ntpd Affecting Cisco Products - October 2015
Multiple Cisco products incorporate a version of the ntpd package. Versions of this package are affected by one or more vulnerabilities that could allow an unauthenticated, remote attacker to create a denial of service (DoS) condition or modify the time being advertised by a device acting as a network time protocol (NTP) server. On October 21st, 2015, NTP.org released a security advisory detailing 13 issues regarding multiple DoS vulnerabilities, information disclosure vulnerabilities, and logic issues that may result in an attacker gaining the ability to modify an NTP server's advertised time. The vulnerabilities covered in this document are as follows: CVE-2015-7691 - Denial of Service AutoKey Malicio
Cisco
Multiple Vulnerabilities in ntpd Affecting Cisco Products - October 2015
vendor_cisco
CVE-2015-7705 Multiple Vulnerabilities in ntpd Affecting Cisco Products - October 2015
CVE-2015-7705: Multiple Vulnerabilities in ntpd Affecting Cisco Products - October 2015
Multiple Cisco products incorporate a version of the ntpd package. Versions of this package are affected by one or more vulnerabilities that could allow an unauthenticated, remote attacker to create a denial of service (DoS) condition or modify the time being advertised by a device acting as a network time protocol (NTP) server. On October 21st, 2015, NTP.org released a security advisory detailing 13 issues regarding multiple DoS vulnerabilities, information disclosure vulnerabilities, and logic issues that may result in an attacker gaining the ability to modify an NTP server's advertised time. The vulnerabilities covered in this document are as follows: CVE-2015-7691 - Denial of Service AutoKey Malicio
Cisco
Multiple Vulnerabilities in ntpd Affecting Cisco Products - October 2015
vendor_cisco
CVE-2015-7849 Multiple Vulnerabilities in ntpd Affecting Cisco Products - October 2015
CVE-2015-7849: Multiple Vulnerabilities in ntpd Affecting Cisco Products - October 2015
Multiple Cisco products incorporate a version of the ntpd package. Versions of this package are affected by one or more vulnerabilities that could allow an unauthenticated, remote attacker to create a denial of service (DoS) condition or modify the time being advertised by a device acting as a network time protocol (NTP) server. On October 21st, 2015, NTP.org released a security advisory detailing 13 issues regarding multiple DoS vulnerabilities, information disclosure vulnerabilities, and logic issues that may result in an attacker gaining the ability to modify an NTP server's advertised time. The vulnerabilities covered in this document are as follows: CVE-2015-7691 - Denial of Service AutoKey Malicio
Cisco
Multiple Vulnerabilities in ntpd Affecting Cisco Products - October 2015
vendor_cisco
CVE-2015-7703 Multiple Vulnerabilities in ntpd Affecting Cisco Products - October 2015
CVE-2015-7703: Multiple Vulnerabilities in ntpd Affecting Cisco Products - October 2015
Multiple Cisco products incorporate a version of the ntpd package. Versions of this package are affected by one or more vulnerabilities that could allow an unauthenticated, remote attacker to create a denial of service (DoS) condition or modify the time being advertised by a device acting as a network time protocol (NTP) server. On October 21st, 2015, NTP.org released a security advisory detailing 13 issues regarding multiple DoS vulnerabilities, information disclosure vulnerabilities, and logic issues that may result in an attacker gaining the ability to modify an NTP server's advertised time. The vulnerabilities covered in this document are as follows: CVE-2015-7691 - Denial of Service AutoKey Malicio
Cisco
Multiple Vulnerabilities in ntpd Affecting Cisco Products - October 2015
vendor_cisco
CVE-2015-7854 Multiple Vulnerabilities in ntpd Affecting Cisco Products - October 2015
CVE-2015-7854: Multiple Vulnerabilities in ntpd Affecting Cisco Products - October 2015
Multiple Cisco products incorporate a version of the ntpd package. Versions of this package are affected by one or more vulnerabilities that could allow an unauthenticated, remote attacker to create a denial of service (DoS) condition or modify the time being advertised by a device acting as a network time protocol (NTP) server. On October 21st, 2015, NTP.org released a security advisory detailing 13 issues regarding multiple DoS vulnerabilities, information disclosure vulnerabilities, and logic issues that may result in an attacker gaining the ability to modify an NTP server's advertised time. The vulnerabilities covered in this document are as follows: CVE-2015-7691 - Denial of Service AutoKey Malicio
Cisco
Multiple Vulnerabilities in ntpd Affecting Cisco Products - October 2015
vendor_cisco
CVE-2015-7702 Multiple Vulnerabilities in ntpd Affecting Cisco Products - October 2015
CVE-2015-7702: Multiple Vulnerabilities in ntpd Affecting Cisco Products - October 2015
Multiple Cisco products incorporate a version of the ntpd package. Versions of this package are affected by one or more vulnerabilities that could allow an unauthenticated, remote attacker to create a denial of service (DoS) condition or modify the time being advertised by a device acting as a network time protocol (NTP) server. On October 21st, 2015, NTP.org released a security advisory detailing 13 issues regarding multiple DoS vulnerabilities, information disclosure vulnerabilities, and logic issues that may result in an attacker gaining the ability to modify an NTP server's advertised time. The vulnerabilities covered in this document are as follows: CVE-2015-7691 - Denial of Service AutoKey Malicio
Cisco
Multiple Vulnerabilities in ntpd Affecting Cisco Products - October 2015
vendor_cisco
CVE-2015-7701 Multiple Vulnerabilities in ntpd Affecting Cisco Products - October 2015
CVE-2015-7701: Multiple Vulnerabilities in ntpd Affecting Cisco Products - October 2015
Multiple Cisco products incorporate a version of the ntpd package. Versions of this package are affected by one or more vulnerabilities that could allow an unauthenticated, remote attacker to create a denial of service (DoS) condition or modify the time being advertised by a device acting as a network time protocol (NTP) server. On October 21st, 2015, NTP.org released a security advisory detailing 13 issues regarding multiple DoS vulnerabilities, information disclosure vulnerabilities, and logic issues that may result in an attacker gaining the ability to modify an NTP server's advertised time. The vulnerabilities covered in this document are as follows: CVE-2015-7691 - Denial of Service AutoKey Malicio
Cisco
Multiple Vulnerabilities in ntpd Affecting Cisco Products - October 2015
vendor_cisco
CVE-2015-7691 Multiple Vulnerabilities in ntpd Affecting Cisco Products - October 2015
CVE-2015-7691: Multiple Vulnerabilities in ntpd Affecting Cisco Products - October 2015
Multiple Cisco products incorporate a version of the ntpd package. Versions of this package are affected by one or more vulnerabilities that could allow an unauthenticated, remote attacker to create a denial of service (DoS) condition or modify the time being advertised by a device acting as a network time protocol (NTP) server. On October 21st, 2015, NTP.org released a security advisory detailing 13 issues regarding multiple DoS vulnerabilities, information disclosure vulnerabilities, and logic issues that may result in an attacker gaining the ability to modify an NTP server's advertised time. The vulnerabilities covered in this document are as follows: CVE-2015-7691 - Denial of Service AutoKey Malicio
Cisco
Multiple Vulnerabilities in ntpd Affecting Cisco Products - October 2015
vendor_cisco
CVE-2015-7848 Multiple Vulnerabilities in ntpd Affecting Cisco Products - October 2015
CVE-2015-7848: Multiple Vulnerabilities in ntpd Affecting Cisco Products - October 2015
Multiple Cisco products incorporate a version of the ntpd package. Versions of this package are affected by one or more vulnerabilities that could allow an unauthenticated, remote attacker to create a denial of service (DoS) condition or modify the time being advertised by a device acting as a network time protocol (NTP) server. On October 21st, 2015, NTP.org released a security advisory detailing 13 issues regarding multiple DoS vulnerabilities, information disclosure vulnerabilities, and logic issues that may result in an attacker gaining the ability to modify an NTP server's advertised time. The vulnerabilities covered in this document are as follows: CVE-2015-7691 - Denial of Service AutoKey Malicio
Cisco
Multiple Vulnerabilities in ntpd Affecting Cisco Products - October 2015
vendor_cisco
CVE-2015-7692 Multiple Vulnerabilities in ntpd Affecting Cisco Products - October 2015
CVE-2015-7692: Multiple Vulnerabilities in ntpd Affecting Cisco Products - October 2015
Multiple Cisco products incorporate a version of the ntpd package. Versions of this package are affected by one or more vulnerabilities that could allow an unauthenticated, remote attacker to create a denial of service (DoS) condition or modify the time being advertised by a device acting as a network time protocol (NTP) server. On October 21st, 2015, NTP.org released a security advisory detailing 13 issues regarding multiple DoS vulnerabilities, information disclosure vulnerabilities, and logic issues that may result in an attacker gaining the ability to modify an NTP server's advertised time. The vulnerabilities covered in this document are as follows: CVE-2015-7691 - Denial of Service AutoKey Malicio
GHSA
GHSA-wmrv-mc39-vj78: The decodenetnum function in ntpd in NTP 4
ghsa_unreviewed·2022-05-13
CVE-2015-7855 [MEDIUM] CWE-20 GHSA-wmrv-mc39-vj78: The decodenetnum function in ntpd in NTP 4
The decodenetnum function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (assertion failure) via a 6 or mode 7 packet containing a long data value.
OSV
CVE-2015-7855: The decodenetnum function in ntpd in NTP 4
osv·2017-08-07·CVSS 6.5
CVE-2015-7855 [MEDIUM] CVE-2015-7855: The decodenetnum function in ntpd in NTP 4
The decodenetnum function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (assertion failure) via a 6 or mode 7 packet containing a long data value.
OSV
ntp vulnerabilities
osv·2015-10-27·CVSS 5.3
CVE-2015-5146 [MEDIUM] ntp vulnerabilities
ntp vulnerabilities
Aleksis Kauppinen discovered that NTP incorrectly handled certain remote
config packets. In a non-default configuration, a remote authenticated
attacker could possibly use this issue to cause NTP to crash, resulting in
a denial of service. (CVE-2015-5146)
Miroslav Lichvar discovered that NTP incorrectly handled logconfig
directives. In a non-default configuration, a remote authenticated attacker
could possibly use this issue to cause NTP to crash, resulting in a denial
of service. (CVE-2015-5194)
Miroslav Lichvar discovered that NTP incorrectly handled certain statistics
types. In a non-default configuration, a remote authenticated attacker
could possibly use this issue to cause NTP to crash, resulting in a denial
of service. (CVE-2015-5195)
Miroslav Lichvar discove
No detection rules found.
Bugzilla
CVE-2015-7855 ntp: ASSERT in decodenetnum() on invalid values [fedora-all]
bugzilla·2016-01-06·CVSS 6.5
CVE-2015-7855 [MEDIUM] CVE-2015-7855 ntp: ASSERT in decodenetnum() on invalid values [fedora-all]
CVE-2015-7855 ntp: ASSERT in decodenetnum() on invalid values [fedora-all]
This is an automatically created tracking bug! It was created to ensure
that one or more security vulnerabilities are fixed in affected versions
of Fedora.
For comments that are specific to the vulnerability please use bugs filed
against the "Security Response" product referenced in the "Blocks" field.
For more information see:
http://fedoraproject.org/wiki/Security/TrackingBugs
When submitting as an update, use the fedpkg template provided in the next
comment(s). This will include the bug IDs of this tracking bug as well as
the relevant top-level CVE bugs.
Please also mention the CVE IDs being fixed in the RPM changelog and the
fedpkg commit message.
NOTE: this issue affects multiple supported versions of Fed
Bugzilla
CVE-2015-7855 ntp: ASSERT in decodenetnum() on invalid values
bugzilla·2015-10-22·CVSS 6.5
CVE-2015-7855 [MEDIUM] CVE-2015-7855 ntp: ASSERT in decodenetnum() on invalid values
CVE-2015-7855 ntp: ASSERT in decodenetnum() on invalid values
It was found that NTP's decodenetnum() would abort with an assertion failure when processing a mode 6 or mode 7 packet containing an unusually long data value where a network address was expected. This could allow an authenticated attacker to crash ntpd.
External References:
https://github.com/ntp-project/ntp/blob/stable/NEWS#L295
http://support.ntp.org/bin/view/Main/SecurityNotice#October_2015_NTP_Security_Vulner
Discussion:
Upstream patch:
https://github.com/ntp-project/ntp/commit/ba716a464ecb20618560075f2e4e1051e5b6f24f
---
Created ntp tracking bugs for this issue:
Affects: fedora-all [bug 1296162]
---
Statement:
This issue did not affect the versions of ntp as shipped with Red Hat Enterprise Linux 5, 6, and 7 as
http://support.ntp.org/bin/view/Main/NtpBug2922http://www.debian.org/security/2015/dsa-3388http://www.securityfocus.com/bid/77283http://www.securitytracker.com/id/1033951https://bugzilla.redhat.com/show_bug.cgi?id=1274264https://cert-portal.siemens.com/productcert/pdf/ssa-497656.pdfhttps://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05270839https://security.gentoo.org/glsa/201607-15https://security.netapp.com/advisory/ntap-20171004-0001/https://us-cert.cisa.gov/ics/advisories/icsa-21-103-11https://www.exploit-db.com/exploits/40840/http://support.ntp.org/bin/view/Main/NtpBug2922http://www.debian.org/security/2015/dsa-3388http://www.securityfocus.com/bid/77283http://www.securitytracker.com/id/1033951https://bugzilla.redhat.com/show_bug.cgi?id=1274264https://cert-portal.siemens.com/productcert/pdf/ssa-497656.pdfhttps://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-c05270839https://security.gentoo.org/glsa/201607-15https://security.netapp.com/advisory/ntap-20171004-0001/https://us-cert.cisa.gov/ics/advisories/icsa-21-103-11https://www.exploit-db.com/exploits/40840/
2017-08-07
Published