Vulnerability Details : CVE-2015-7975
The nextvar function in NTP before 4.2.8p6 and 4.3.x before 4.3.90 does not properly validate the length of its input, which allows an attacker to cause a denial of service (application crash).
Vulnerability category: OverflowDenial of service
Exploit prediction scoring system (EPSS) score for CVE-2015-7975
Probability of exploitation activity in the next 30 days: 0.24%
Percentile, the proportion of vulnerabilities that are scored at or less: ~ 62 % EPSS Score History EPSS FAQ
CVSS scores for CVE-2015-7975
| Base Score | Base Severity | CVSS Vector | Exploitability Score | Impact Score | Score Source |
|---|---|---|---|---|---|
|
2.1
|
LOW | AV:L/AC:L/Au:N/C:N/I:N/A:P |
3.9
|
2.9
|
NIST |
|
6.2
|
MEDIUM | CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H |
2.5
|
3.6
|
NIST |
CWE ids for CVE-2015-7975
-
The product performs operations on a memory buffer, but it can read from or write to a memory location that is outside of the intended boundary of the buffer.Assigned by: nvd@nist.gov (Primary)
References for CVE-2015-7975
-
https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03766en_us
HPESBHF03766 rev.1 - HPE ConvergedSystem 700 Solution with Comware v5 Switches using NTP, Remote Denial of Service (DoS), Unauthorized Modification and Local Denial of Service (DoS)
-
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00059.html
[security-announce] SUSE-SU-2016:1175-1: important: Security update forThird Party Advisory
-
http://www.securitytracker.com/id/1034782
ntp Multiple Flaws Let Remote Users Spoof Messages, Obtain Potentially Sensitive Information, and Deny Service - SecurityTrackerThird Party Advisory;VDB Entry
-
http://support.ntp.org/bin/view/Main/NtpBug2937
NtpBug2937 < Main < NTPVendor Advisory
-
https://bto.bluecoat.com/security-advisory/sa113
SA113 : January 2016 NTP Security VulnerabilitiesThird Party Advisory
-
https://security.gentoo.org/glsa/201607-15
NTP: Multiple vulnerabilities (GLSA 201607-15) — Gentoo securityThird Party Advisory
-
http://www.securityfocus.com/bid/81959
NTP CVE-2015-7975 Local Denial of Service VulnerabilityThird Party Advisory;VDB Entry
-
https://security.netapp.com/advisory/ntap-20171031-0001/
January 2016 Network Time Protocol Daemon (ntpd) Vulnerabilities in NetApp Products | NetApp Product Security
-
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00060.html
[security-announce] SUSE-SU-2016:1177-1: important: Security update forThird Party Advisory
- https://security.FreeBSD.org/advisories/FreeBSD-SA-16:09.ntp.asc
-
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00038.html
[security-announce] openSUSE-SU-2016:1292-1: important: Security updateThird Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00048.html
[security-announce] SUSE-SU-2016:1311-1: important: Security update forThird Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00026.html
[security-announce] SUSE-SU-2016:1912-1: important: Security update forThird Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00042.html
[security-announce] SUSE-SU-2016:2094-1: important: Security update forThird Party Advisory
-
https://www.kb.cert.org/vuls/id/718152
VU#718152 - NTP.org ntpd contains multiple vulnerabilitiesThird Party Advisory;US Government Resource
-
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160127-ntpd
Multiple Vulnerabilities in Network Time Protocol Daemon Affecting Cisco Products: January 2016Third Party Advisory
-
http://www.ubuntu.com/usn/USN-3096-1
USN-3096-1: NTP vulnerabilities | Ubuntu security noticesThird Party Advisory
-
https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03750en_us
HPESBHF03750 rev.1 - HPE Network Products including Comware 5, Comware 7 and VCX running NTP, Remote Denial of Service (DoS), Unauthorized Modification, Local Denial of Service (DoS)
-
http://lists.opensuse.org/opensuse-updates/2016-05/msg00114.html
openSUSE-SU-2016:1423-1: moderate: Security update for ntpThird Party Advisory
-
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00020.html
[security-announce] SUSE-SU-2016:1247-1: important: Security update forThird Party Advisory
Products affected by CVE-2015-7975
- cpe:2.3:a:ntp:ntp:*:p5:*:*:*:*:*:*
- cpe:2.3:a:ntp:ntp:4.3.0:*:*:*:*:*:*:*
- cpe:2.3:a:ntp:ntp:4.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:ntp:ntp:4.3.8:*:*:*:*:*:*:*
- cpe:2.3:a:ntp:ntp:4.3.6:*:*:*:*:*:*:*
- cpe:2.3:a:ntp:ntp:4.3.7:*:*:*:*:*:*:*
- cpe:2.3:a:ntp:ntp:4.3.2:*:*:*:*:*:*:*
- cpe:2.3:a:ntp:ntp:4.3.3:*:*:*:*:*:*:*
- cpe:2.3:a:ntp:ntp:4.3.10:*:*:*:*:*:*:*
- cpe:2.3:a:ntp:ntp:4.3.11:*:*:*:*:*:*:*
- cpe:2.3:a:ntp:ntp:4.3.4:*:*:*:*:*:*:*
- cpe:2.3:a:ntp:ntp:4.3.5:*:*:*:*:*:*:*
- cpe:2.3:a:ntp:ntp:4.3.13:*:*:*:*:*:*:*
- cpe:2.3:a:ntp:ntp:4.3.14:*:*:*:*:*:*:*
- cpe:2.3:a:ntp:ntp:4.3.20:*:*:*:*:*:*:*
- cpe:2.3:a:ntp:ntp:4.3.21:*:*:*:*:*:*:*
- cpe:2.3:a:ntp:ntp:4.3.28:*:*:*:*:*:*:*
- cpe:2.3:a:ntp:ntp:4.3.29:*:*:*:*:*:*:*
- cpe:2.3:a:ntp:ntp:4.3.36:*:*:*:*:*:*:*
- cpe:2.3:a:ntp:ntp:4.3.37:*:*:*:*:*:*:*
- cpe:2.3:a:ntp:ntp:4.3.43:*:*:*:*:*:*:*
- cpe:2.3:a:ntp:ntp:4.3.44:*:*:*:*:*:*:*
- cpe:2.3:a:ntp:ntp:4.3.51:*:*:*:*:*:*:*
- cpe:2.3:a:ntp:ntp:4.3.52:*:*:*:*:*:*:*
- cpe:2.3:a:ntp:ntp:4.3.59:*:*:*:*:*:*:*
- cpe:2.3:a:ntp:ntp:4.3.66:*:*:*:*:*:*:*
- cpe:2.3:a:ntp:ntp:4.3.67:*:*:*:*:*:*:*
- cpe:2.3:a:ntp:ntp:4.3.74:*:*:*:*:*:*:*
- cpe:2.3:a:ntp:ntp:4.3.75:*:*:*:*:*:*:*
- cpe:2.3:a:ntp:ntp:4.3.81:*:*:*:*:*:*:*
- cpe:2.3:a:ntp:ntp:4.3.82:*:*:*:*:*:*:*
- cpe:2.3:a:ntp:ntp:4.3.89:*:*:*:*:*:*:*
- cpe:2.3:a:ntp:ntp:4.3.17:*:*:*:*:*:*:*
- cpe:2.3:a:ntp:ntp:4.3.18:*:*:*:*:*:*:*
- cpe:2.3:a:ntp:ntp:4.3.24:*:*:*:*:*:*:*
- cpe:2.3:a:ntp:ntp:4.3.25:*:*:*:*:*:*:*
- cpe:2.3:a:ntp:ntp:4.3.32:*:*:*:*:*:*:*
- cpe:2.3:a:ntp:ntp:4.3.33:*:*:*:*:*:*:*
- cpe:2.3:a:ntp:ntp:4.3.40:*:*:*:*:*:*:*
- cpe:2.3:a:ntp:ntp:4.3.47:*:*:*:*:*:*:*
- cpe:2.3:a:ntp:ntp:4.3.48:*:*:*:*:*:*:*
- cpe:2.3:a:ntp:ntp:4.3.55:*:*:*:*:*:*:*
- cpe:2.3:a:ntp:ntp:4.3.56:*:*:*:*:*:*:*
- cpe:2.3:a:ntp:ntp:4.3.62:*:*:*:*:*:*:*
- cpe:2.3:a:ntp:ntp:4.3.63:*:*:*:*:*:*:*
- cpe:2.3:a:ntp:ntp:4.3.70:*:*:*:*:*:*:*
- cpe:2.3:a:ntp:ntp:4.3.78:*:*:*:*:*:*:*
- cpe:2.3:a:ntp:ntp:4.3.79:*:*:*:*:*:*:*
- cpe:2.3:a:ntp:ntp:4.3.85:*:*:*:*:*:*:*
- cpe:2.3:a:ntp:ntp:4.3.86:*:*:*:*:*:*:*
- cpe:2.3:a:ntp:ntp:4.3.12:*:*:*:*:*:*:*
- cpe:2.3:a:ntp:ntp:4.3.19:*:*:*:*:*:*:*
- cpe:2.3:a:ntp:ntp:4.3.26:*:*:*:*:*:*:*
- cpe:2.3:a:ntp:ntp:4.3.27:*:*:*:*:*:*:*
- cpe:2.3:a:ntp:ntp:4.3.34:*:*:*:*:*:*:*
- cpe:2.3:a:ntp:ntp:4.3.35:*:*:*:*:*:*:*
- cpe:2.3:a:ntp:ntp:4.3.41:*:*:*:*:*:*:*
- cpe:2.3:a:ntp:ntp:4.3.42:*:*:*:*:*:*:*
- cpe:2.3:a:ntp:ntp:4.3.49:*:*:*:*:*:*:*
- cpe:2.3:a:ntp:ntp:4.3.50:*:*:*:*:*:*:*
- cpe:2.3:a:ntp:ntp:4.3.57:*:*:*:*:*:*:*
- cpe:2.3:a:ntp:ntp:4.3.58:*:*:*:*:*:*:*
- cpe:2.3:a:ntp:ntp:4.3.64:*:*:*:*:*:*:*
- cpe:2.3:a:ntp:ntp:4.3.65:*:*:*:*:*:*:*
- cpe:2.3:a:ntp:ntp:4.3.71:*:*:*:*:*:*:*
- cpe:2.3:a:ntp:ntp:4.3.72:*:*:*:*:*:*:*
- cpe:2.3:a:ntp:ntp:4.3.73:*:*:*:*:*:*:*
- cpe:2.3:a:ntp:ntp:4.3.80:*:*:*:*:*:*:*
- cpe:2.3:a:ntp:ntp:4.3.87:*:*:*:*:*:*:*
- cpe:2.3:a:ntp:ntp:4.3.88:*:*:*:*:*:*:*
- cpe:2.3:a:ntp:ntp:4.3.15:*:*:*:*:*:*:*
- cpe:2.3:a:ntp:ntp:4.3.16:*:*:*:*:*:*:*
- cpe:2.3:a:ntp:ntp:4.3.22:*:*:*:*:*:*:*
- cpe:2.3:a:ntp:ntp:4.3.23:*:*:*:*:*:*:*
- cpe:2.3:a:ntp:ntp:4.3.30:*:*:*:*:*:*:*
- cpe:2.3:a:ntp:ntp:4.3.31:*:*:*:*:*:*:*
- cpe:2.3:a:ntp:ntp:4.3.38:*:*:*:*:*:*:*
- cpe:2.3:a:ntp:ntp:4.3.39:*:*:*:*:*:*:*
- cpe:2.3:a:ntp:ntp:4.3.45:*:*:*:*:*:*:*
- cpe:2.3:a:ntp:ntp:4.3.46:*:*:*:*:*:*:*
- cpe:2.3:a:ntp:ntp:4.3.53:*:*:*:*:*:*:*
- cpe:2.3:a:ntp:ntp:4.3.54:*:*:*:*:*:*:*
- cpe:2.3:a:ntp:ntp:4.3.60:*:*:*:*:*:*:*
- cpe:2.3:a:ntp:ntp:4.3.61:*:*:*:*:*:*:*
- cpe:2.3:a:ntp:ntp:4.3.68:*:*:*:*:*:*:*
- cpe:2.3:a:ntp:ntp:4.3.69:*:*:*:*:*:*:*
- cpe:2.3:a:ntp:ntp:4.3.76:*:*:*:*:*:*:*
- cpe:2.3:a:ntp:ntp:4.3.77:*:*:*:*:*:*:*
- cpe:2.3:a:ntp:ntp:4.3.83:*:*:*:*:*:*:*
- cpe:2.3:a:ntp:ntp:4.3.84:*:*:*:*:*:*:*