CVE-2015-7852
ntp: ntpq atoascii memory corruption vulnerability
Severity Score
Exploit Likelihood
Affected Versions
46Public Exploits
0Exploited in Wild
-Decision
Descriptions
ntpq in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (crash) via crafted mode 6 response packets.
ntpd en NTP 4.2.x en versiones anteriores a 4.2.8p4, y 4.3.x en versiones anteriores a 4.3.77 permite que atacantes remotos provoquen una denegaciĆ³n de servicio empleando paquetes de respuesta en modo 6 manipulados.
An off-by-one flaw, leading to a buffer overflow, was found in cookedprint functionality of ntpq. A specially crafted NTP packet could potentially cause ntpq to crash.
Multiple Cisco products incorporate a version of the ntpd package. Versions of this package are affected by one or more vulnerabilities that could allow an unauthenticated, remote attacker to create a denial of service (DoS) condition or modify the time being advertised by a device acting as a network time protocol (NTP) server. On October 21st, 2015, NTP.org released a security advisory detailing 13 issues regarding multiple DoS vulnerabilities, information disclosure vulnerabilities, and logic issues that may result in an attacker gaining the ability to modify an NTP server's advertised time.
CVSS Scores
SSVC
- Decision:-
Timeline
- 2015-10-16 CVE Reserved
- 2015-10-21 CVE Published
- 2024-08-06 CVE Updated
- 2025-03-30 EPSS Updated
- ---------- Exploited in Wild
- ---------- KEV Due Date
- ---------- First Exploit
CWE
- CWE-20: Improper Input Validation
- CWE-193: Off-by-one Error
CAPEC
References (11)
| URL | Tag | Source |
|---|---|---|
| http://www.oracle.com/technetwork/topics/security/linuxbulletinap... | Third Party Advisory |
|
| http://www.securityfocus.com/bid/77288 | Third Party Advisory | |
| http://www.securitytracker.com/id/1033951 | Third Party Advisory | |
| https://security.netapp.com/advisory/ntap-20171004-0001 | Third Party Advisory |
|
| URL | Date | SRC |
|---|
| URL | Date | SRC |
|---|---|---|
| http://rhn.redhat.com/errata/RHSA-2016-0780.html | 2020-06-18 | |
| http://rhn.redhat.com/errata/RHSA-2016-2583.html | 2020-06-18 | |
| http://www.debian.org/security/2015/dsa-3388 | 2020-06-18 | |
| https://security.gentoo.org/glsa/201607-15 | 2020-06-18 | |
| https://access.redhat.com/security/cve/CVE-2015-7852 | 2016-11-03 | |
| https://bugzilla.redhat.com/show_bug.cgi?id=1274261 | 2016-11-03 |