Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

debian логотип

CVE-2015-7848

Опубликовано: 06 янв. 2017
Источник: debian
EPSS Низкий

Описание

An integer overflow can occur in NTP-dev.4.3.70 leading to an out-of-bounds memory copy operation when processing a specially crafted private mode packet. The crafted packet needs to have the correct message authentication code and a valid timestamp. When processed by the NTP daemon, it leads to an immediate crash.

Пакеты

ПакетСтатусВерсия исправленияРелизТип
ntpfixed1:4.2.8p4+dfsg-1package
ntpnot-affectedjessiepackage
ntpnot-affectedwheezypackage
ntpnot-affectedsqueezepackage

Примечания

  • http://support.ntp.org/bin/view/Main/SecurityNotice#October_2015_NTP_Security_Vulner

  • https://github.com/ntp-project/ntp/commit/c04c3d3d940dfe1a53132925c4f51aef017d2e0f

EPSS

Процентиль: 79%
0.01262
Низкий

Связанные уязвимости

ubuntu логотип

CVE-2015-7848

CVSS3: 7.5
ubuntu
около 9 лет назад

An integer overflow can occur in NTP-dev.4.3.70 leading to an out-of-bounds memory copy operation when processing a specially crafted private mode packet. The crafted packet needs to have the correct message authentication code and a valid timestamp. When processed by the NTP daemon, it leads to an immediate crash.

redhat логотип

CVE-2015-7848

redhat
больше 10 лет назад

An integer overflow can occur in NTP-dev.4.3.70 leading to an out-of-bounds memory copy operation when processing a specially crafted private mode packet. The crafted packet needs to have the correct message authentication code and a valid timestamp. When processed by the NTP daemon, it leads to an immediate crash.

nvd логотип

CVE-2015-7848

CVSS3: 7.5
nvd
около 9 лет назад

An integer overflow can occur in NTP-dev.4.3.70 leading to an out-of-bounds memory copy operation when processing a specially crafted private mode packet. The crafted packet needs to have the correct message authentication code and a valid timestamp. When processed by the NTP daemon, it leads to an immediate crash.

github логотип

GHSA-wpfq-v5vr-q6vg

CVSS3: 7.5
github
больше 3 лет назад

An integer overflow can occur in NTP-dev.4.3.70 leading to an out-of-bounds memory copy operation when processing a specially crafted private mode packet. The crafted packet needs to have the correct message authentication code and a valid timestamp. When processed by the NTP daemon, it leads to an immediate crash.

suse-cvrf логотип

openSUSE-SU-2015:2016-1

suse-cvrf
около 10 лет назад

Security update for ntp

EPSS

Процентиль: 79%
0.01262
Низкий