CVE-2015-7976

CWE-254 CWE-20 — Improper Input Validation CWE-119 — Buffer Overflow CWE-200 — Information Exposure CWE-287 — Improper Authentication CWE-39911 documents10 sources

Severity

4.3MEDIUM

EPSS

3.2%

top 13.06%

CISA KEV

Not in KEV

Exploit

No known exploits

Affected products

NTP NTP Novell Suse Openstack Cloud Opensuse Leap +7 more

Timeline

PublishedJan 30

Latest updateMay 14

Description

The ntpq saveconfig command in NTP 4.1.2, 4.2.x before 4.2.8p6, 4.3, 4.3.25, 4.3.70, and 4.3.77 does not properly filter special characters, which allows attackers to cause unspecified impact via a crafted filename.

CVSS vector

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:NExploitability: 2.8 | Impact: 1.4

Affected Packages11 packages

▶Debianntp< 1:4.2.8p7+dfsg-1

▶NVDntp/ntp4.2.8+91

▶NVDsuse/manager2.1

▶NVDopensuse/leap42.1

▶NVDopensuse/opensuse13.2

🔴Vulnerability Details

GHSA

GHSA-gh77-qwr7-pqm7: The ntpq saveconfig command in NTP 4↗2022-05-14

▶

OSV

CVE-2015-7976: The ntpq saveconfig command in NTP 4↗2017-01-30

▶

CVEList

CVE-2015-7976: The ntpq saveconfig command in NTP 4↗2017-01-30

▶

📋Vendor Advisories

Ubuntu

NTP vulnerabilities↗2016-10-05

▶

Cisco

Multiple Vulnerabilities in Network Time Protocol Daemon Affecting Cisco Products: January 2016↗2016-01-28

▶

BSD

FreeBSD-SA-16:09.ntp: Multiple vulnerabilities of ntp↗2016-01-27

▶

Red Hat

ntp: 'ntpq saveconfig' command allows dangerous characters in filenames↗2016-01-20

▶

Debian

CVE-2015-7976: ntp - The ntpq saveconfig command in NTP 4.1.2, 4.2.x before 4.2.8p6, 4.3, 4.3.25, 4.3...↗2015

▶

💬Community

Bugzilla

CVE-2015-7976 ntp: 'ntpq saveconfig' command allows dangerous characters in filenames↗2016-01-20

▶

Bugzilla

CVE-2015-7974 CVE-2015-8138 CVE-2015-7973 CVE-2015-7975 CVE-2015-7976 CVE-2015-7977 CVE-2015-7978 CVE-2015-7979 CVE-2015-8158 CVE-2015-8139 CVE-2015-8140 ntp: various flaws [fedora-all]↗2016-01-20

▶