CVE-2015-7979

NTP before 4.2.8p6 and 4.3.x before 4.3.90 allows remote attackers to cause a denial of service (client-server association tear down) by sending broadcast packets with invalid authentication to a broadcast client.
References
Link Resource
http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177507.html Third Party Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2016-January/176434.html Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00059.html Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00060.html Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00020.html Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00038.html Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00048.html Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00026.html Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00042.html Third Party Advisory
http://lists.opensuse.org/opensuse-updates/2016-05/msg00114.html Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2016-1552.html Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2016-2583.html
http://support.ntp.org/bin/view/Main/SecurityNotice#April_2016_NTP_4_2_8p7_Security Vendor Advisory
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160127-ntpd Third Party Advisory
http://www.debian.org/security/2016/dsa-3629 Third Party Advisory
http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html
http://www.securityfocus.com/bid/81816 Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1034782 Third Party Advisory VDB Entry
http://www.ubuntu.com/usn/USN-3096-1 Third Party Advisory
https://access.redhat.com/errata/RHSA-2016:1141 Third Party Advisory
https://bto.bluecoat.com/security-advisory/sa113 Third Party Advisory
https://cert-portal.siemens.com/productcert/pdf/ssa-497656.pdf
https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03750en_us
https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03766en_us
https://security.FreeBSD.org/advisories/FreeBSD-SA-16:09.ntp.asc
https://security.gentoo.org/glsa/201607-15 Third Party Advisory
https://security.netapp.com/advisory/ntap-20171031-0001/
https://us-cert.cisa.gov/ics/advisories/icsa-21-103-11
https://www.kb.cert.org/vuls/id/718152 Third Party Advisory US Government Resource
http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177507.html Third Party Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2016-January/176434.html Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00059.html Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00060.html Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00020.html Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00038.html Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00048.html Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00026.html Third Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00042.html Third Party Advisory
http://lists.opensuse.org/opensuse-updates/2016-05/msg00114.html Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2016-1552.html Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2016-2583.html
http://support.ntp.org/bin/view/Main/SecurityNotice#April_2016_NTP_4_2_8p7_Security Vendor Advisory
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160127-ntpd Third Party Advisory
http://www.debian.org/security/2016/dsa-3629 Third Party Advisory
http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html
http://www.securityfocus.com/bid/81816 Third Party Advisory VDB Entry
http://www.securitytracker.com/id/1034782 Third Party Advisory VDB Entry
http://www.ubuntu.com/usn/USN-3096-1 Third Party Advisory
https://access.redhat.com/errata/RHSA-2016:1141 Third Party Advisory
https://bto.bluecoat.com/security-advisory/sa113 Third Party Advisory
https://cert-portal.siemens.com/productcert/pdf/ssa-497656.pdf
https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03750en_us
https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03766en_us
https://security.FreeBSD.org/advisories/FreeBSD-SA-16:09.ntp.asc
https://security.gentoo.org/glsa/201607-15 Third Party Advisory
https://security.netapp.com/advisory/ntap-20171031-0001/
https://us-cert.cisa.gov/ics/advisories/icsa-21-103-11
https://www.kb.cert.org/vuls/id/718152 Third Party Advisory US Government Resource
Configurations

Configuration 1 (hide)

OR cpe:2.3:a:ntp:ntp:*:p5:*:*:*:*:*:*
cpe:2.3:a:ntp:ntp:4.3.0:*:*:*:*:*:*:*
cpe:2.3:a:ntp:ntp:4.3.1:*:*:*:*:*:*:*
cpe:2.3:a:ntp:ntp:4.3.2:*:*:*:*:*:*:*
cpe:2.3:a:ntp:ntp:4.3.3:*:*:*:*:*:*:*
cpe:2.3:a:ntp:ntp:4.3.4:*:*:*:*:*:*:*
cpe:2.3:a:ntp:ntp:4.3.5:*:*:*:*:*:*:*
cpe:2.3:a:ntp:ntp:4.3.6:*:*:*:*:*:*:*
cpe:2.3:a:ntp:ntp:4.3.7:*:*:*:*:*:*:*
cpe:2.3:a:ntp:ntp:4.3.8:*:*:*:*:*:*:*
cpe:2.3:a:ntp:ntp:4.3.10:*:*:*:*:*:*:*
cpe:2.3:a:ntp:ntp:4.3.11:*:*:*:*:*:*:*
cpe:2.3:a:ntp:ntp:4.3.12:*:*:*:*:*:*:*
cpe:2.3:a:ntp:ntp:4.3.13:*:*:*:*:*:*:*
cpe:2.3:a:ntp:ntp:4.3.14:*:*:*:*:*:*:*
cpe:2.3:a:ntp:ntp:4.3.15:*:*:*:*:*:*:*
cpe:2.3:a:ntp:ntp:4.3.16:*:*:*:*:*:*:*
cpe:2.3:a:ntp:ntp:4.3.17:*:*:*:*:*:*:*
cpe:2.3:a:ntp:ntp:4.3.18:*:*:*:*:*:*:*
cpe:2.3:a:ntp:ntp:4.3.19:*:*:*:*:*:*:*
cpe:2.3:a:ntp:ntp:4.3.20:*:*:*:*:*:*:*
cpe:2.3:a:ntp:ntp:4.3.21:*:*:*:*:*:*:*
cpe:2.3:a:ntp:ntp:4.3.22:*:*:*:*:*:*:*
cpe:2.3:a:ntp:ntp:4.3.23:*:*:*:*:*:*:*
cpe:2.3:a:ntp:ntp:4.3.24:*:*:*:*:*:*:*
cpe:2.3:a:ntp:ntp:4.3.25:*:*:*:*:*:*:*
cpe:2.3:a:ntp:ntp:4.3.26:*:*:*:*:*:*:*
cpe:2.3:a:ntp:ntp:4.3.27:*:*:*:*:*:*:*
cpe:2.3:a:ntp:ntp:4.3.28:*:*:*:*:*:*:*
cpe:2.3:a:ntp:ntp:4.3.29:*:*:*:*:*:*:*
cpe:2.3:a:ntp:ntp:4.3.30:*:*:*:*:*:*:*
cpe:2.3:a:ntp:ntp:4.3.31:*:*:*:*:*:*:*
cpe:2.3:a:ntp:ntp:4.3.32:*:*:*:*:*:*:*
cpe:2.3:a:ntp:ntp:4.3.33:*:*:*:*:*:*:*
cpe:2.3:a:ntp:ntp:4.3.34:*:*:*:*:*:*:*
cpe:2.3:a:ntp:ntp:4.3.35:*:*:*:*:*:*:*
cpe:2.3:a:ntp:ntp:4.3.36:*:*:*:*:*:*:*
cpe:2.3:a:ntp:ntp:4.3.37:*:*:*:*:*:*:*
cpe:2.3:a:ntp:ntp:4.3.38:*:*:*:*:*:*:*
cpe:2.3:a:ntp:ntp:4.3.39:*:*:*:*:*:*:*
cpe:2.3:a:ntp:ntp:4.3.40:*:*:*:*:*:*:*
cpe:2.3:a:ntp:ntp:4.3.41:*:*:*:*:*:*:*
cpe:2.3:a:ntp:ntp:4.3.42:*:*:*:*:*:*:*
cpe:2.3:a:ntp:ntp:4.3.43:*:*:*:*:*:*:*
cpe:2.3:a:ntp:ntp:4.3.44:*:*:*:*:*:*:*
cpe:2.3:a:ntp:ntp:4.3.45:*:*:*:*:*:*:*
cpe:2.3:a:ntp:ntp:4.3.46:*:*:*:*:*:*:*
cpe:2.3:a:ntp:ntp:4.3.47:*:*:*:*:*:*:*
cpe:2.3:a:ntp:ntp:4.3.48:*:*:*:*:*:*:*
cpe:2.3:a:ntp:ntp:4.3.49:*:*:*:*:*:*:*
cpe:2.3:a:ntp:ntp:4.3.50:*:*:*:*:*:*:*
cpe:2.3:a:ntp:ntp:4.3.51:*:*:*:*:*:*:*
cpe:2.3:a:ntp:ntp:4.3.52:*:*:*:*:*:*:*
cpe:2.3:a:ntp:ntp:4.3.53:*:*:*:*:*:*:*
cpe:2.3:a:ntp:ntp:4.3.54:*:*:*:*:*:*:*
cpe:2.3:a:ntp:ntp:4.3.55:*:*:*:*:*:*:*
cpe:2.3:a:ntp:ntp:4.3.56:*:*:*:*:*:*:*
cpe:2.3:a:ntp:ntp:4.3.57:*:*:*:*:*:*:*
cpe:2.3:a:ntp:ntp:4.3.58:*:*:*:*:*:*:*
cpe:2.3:a:ntp:ntp:4.3.59:*:*:*:*:*:*:*
cpe:2.3:a:ntp:ntp:4.3.60:*:*:*:*:*:*:*
cpe:2.3:a:ntp:ntp:4.3.61:*:*:*:*:*:*:*
cpe:2.3:a:ntp:ntp:4.3.62:*:*:*:*:*:*:*
cpe:2.3:a:ntp:ntp:4.3.63:*:*:*:*:*:*:*
cpe:2.3:a:ntp:ntp:4.3.64:*:*:*:*:*:*:*
cpe:2.3:a:ntp:ntp:4.3.65:*:*:*:*:*:*:*
cpe:2.3:a:ntp:ntp:4.3.66:*:*:*:*:*:*:*
cpe:2.3:a:ntp:ntp:4.3.67:*:*:*:*:*:*:*
cpe:2.3:a:ntp:ntp:4.3.68:*:*:*:*:*:*:*
cpe:2.3:a:ntp:ntp:4.3.69:*:*:*:*:*:*:*
cpe:2.3:a:ntp:ntp:4.3.70:*:*:*:*:*:*:*
cpe:2.3:a:ntp:ntp:4.3.71:*:*:*:*:*:*:*
cpe:2.3:a:ntp:ntp:4.3.72:*:*:*:*:*:*:*
cpe:2.3:a:ntp:ntp:4.3.73:*:*:*:*:*:*:*
cpe:2.3:a:ntp:ntp:4.3.74:*:*:*:*:*:*:*
cpe:2.3:a:ntp:ntp:4.3.75:*:*:*:*:*:*:*
cpe:2.3:a:ntp:ntp:4.3.76:*:*:*:*:*:*:*
cpe:2.3:a:ntp:ntp:4.3.77:*:*:*:*:*:*:*
cpe:2.3:a:ntp:ntp:4.3.78:*:*:*:*:*:*:*
cpe:2.3:a:ntp:ntp:4.3.79:*:*:*:*:*:*:*
cpe:2.3:a:ntp:ntp:4.3.80:*:*:*:*:*:*:*
cpe:2.3:a:ntp:ntp:4.3.81:*:*:*:*:*:*:*
cpe:2.3:a:ntp:ntp:4.3.82:*:*:*:*:*:*:*
cpe:2.3:a:ntp:ntp:4.3.83:*:*:*:*:*:*:*
cpe:2.3:a:ntp:ntp:4.3.84:*:*:*:*:*:*:*
cpe:2.3:a:ntp:ntp:4.3.85:*:*:*:*:*:*:*
cpe:2.3:a:ntp:ntp:4.3.86:*:*:*:*:*:*:*
cpe:2.3:a:ntp:ntp:4.3.87:*:*:*:*:*:*:*
cpe:2.3:a:ntp:ntp:4.3.88:*:*:*:*:*:*:*
cpe:2.3:a:ntp:ntp:4.3.89:*:*:*:*:*:*:*

History

21 Nov 2024, 02:37

Type Values Removed Values Added
References () http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177507.html - Third Party Advisory () http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177507.html - Third Party Advisory
References () http://lists.fedoraproject.org/pipermail/package-announce/2016-January/176434.html - Third Party Advisory () http://lists.fedoraproject.org/pipermail/package-announce/2016-January/176434.html - Third Party Advisory
References () http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00059.html - Third Party Advisory () http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00059.html - Third Party Advisory
References () http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00060.html - Third Party Advisory () http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00060.html - Third Party Advisory
References () http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00020.html - Third Party Advisory () http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00020.html - Third Party Advisory
References () http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00038.html - Third Party Advisory () http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00038.html - Third Party Advisory
References () http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00048.html - Third Party Advisory () http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00048.html - Third Party Advisory
References () http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00026.html - Third Party Advisory () http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00026.html - Third Party Advisory
References () http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00042.html - Third Party Advisory () http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00042.html - Third Party Advisory
References () http://lists.opensuse.org/opensuse-updates/2016-05/msg00114.html - Third Party Advisory () http://lists.opensuse.org/opensuse-updates/2016-05/msg00114.html - Third Party Advisory
References () http://rhn.redhat.com/errata/RHSA-2016-1552.html - Third Party Advisory () http://rhn.redhat.com/errata/RHSA-2016-1552.html - Third Party Advisory
References () http://rhn.redhat.com/errata/RHSA-2016-2583.html - () http://rhn.redhat.com/errata/RHSA-2016-2583.html -
References () http://support.ntp.org/bin/view/Main/SecurityNotice#April_2016_NTP_4_2_8p7_Security - Vendor Advisory () http://support.ntp.org/bin/view/Main/SecurityNotice#April_2016_NTP_4_2_8p7_Security - Vendor Advisory
References () http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160127-ntpd - Third Party Advisory () http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160127-ntpd - Third Party Advisory
References () http://www.debian.org/security/2016/dsa-3629 - Third Party Advisory () http://www.debian.org/security/2016/dsa-3629 - Third Party Advisory
References () http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html - () http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html -
References () http://www.securityfocus.com/bid/81816 - Third Party Advisory, VDB Entry () http://www.securityfocus.com/bid/81816 - Third Party Advisory, VDB Entry
References () http://www.securitytracker.com/id/1034782 - Third Party Advisory, VDB Entry () http://www.securitytracker.com/id/1034782 - Third Party Advisory, VDB Entry
References () http://www.ubuntu.com/usn/USN-3096-1 - Third Party Advisory () http://www.ubuntu.com/usn/USN-3096-1 - Third Party Advisory
References () https://access.redhat.com/errata/RHSA-2016:1141 - Third Party Advisory () https://access.redhat.com/errata/RHSA-2016:1141 - Third Party Advisory
References () https://bto.bluecoat.com/security-advisory/sa113 - Third Party Advisory () https://bto.bluecoat.com/security-advisory/sa113 - Third Party Advisory
References () https://cert-portal.siemens.com/productcert/pdf/ssa-497656.pdf - () https://cert-portal.siemens.com/productcert/pdf/ssa-497656.pdf -
References () https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03750en_us - () https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03750en_us -
References () https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03766en_us - () https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03766en_us -
References () https://security.FreeBSD.org/advisories/FreeBSD-SA-16:09.ntp.asc - () https://security.FreeBSD.org/advisories/FreeBSD-SA-16:09.ntp.asc -
References () https://security.gentoo.org/glsa/201607-15 - Third Party Advisory () https://security.gentoo.org/glsa/201607-15 - Third Party Advisory
References () https://security.netapp.com/advisory/ntap-20171031-0001/ - () https://security.netapp.com/advisory/ntap-20171031-0001/ -
References () https://us-cert.cisa.gov/ics/advisories/icsa-21-103-11 - () https://us-cert.cisa.gov/ics/advisories/icsa-21-103-11 -
References () https://www.kb.cert.org/vuls/id/718152 - Third Party Advisory, US Government Resource () https://www.kb.cert.org/vuls/id/718152 - Third Party Advisory, US Government Resource

Information

Published : 2017-01-30 21:59

Updated : 2024-11-21 02:37


NVD link : CVE-2015-7979

Mitre link : CVE-2015-7979

CVE.ORG link : CVE-2015-7979


JSON object : View

Products Affected

ntp

  • ntp
CWE
CWE-19

Data Processing Errors