Network Time Protocol CVE-2015-7848 Denial of Service Vulnerability



Network Time Protocol is prone to a denial-of-service vulnerability.

An attacker can leverage this issue to crash the affected application, denying service to legitimate users.

Information

Bugtraq ID: 77275
Class: Failure to Handle Exceptional Conditions
CVE: CVE-2015-7848

Remote: Yes
Local: No
Published: Oct 21 2015 12:00AM
Updated: May 10 2017 04:07PM
Credit: Aleksandar Nikolic of Cisco Talos
Vulnerable: Slackware Slackware Linux 14.1
Slackware Linux x86_64 -current
Slackware Linux 14.1 x86_64
Slackware Linux 14.0 x86_64
Slackware Linux 14.0
Slackware Linux 13.37 x86_64
Slackware Linux 13.37
Slackware Linux 13.1 x86_64
Slackware Linux 13.1
Slackware Linux 13.0 x86_64
Slackware Linux 13.0
Slackware Linux -current
Rockwell Automation Stratix 5900 0
NTP NTP 4.3.25
NTP NTP 4.3
NTP NTP 4.2.8
NTP NTP 4.2.6
NTP NTP 4.2.5 p74
NTP NTP 4.2.5 p150
NTP NTP 4.2.4 p7
NTP NTP 4.2.4 p6
NTP NTP 4.2.4 p5
NTP NTP 4.2.4 p4
NTP NTP 4.2.2 p4
NTP NTP 4.2.2 p1
NTP NTP 4.1.2
NTP NTP 4.3.70
NTP NTP 4.2.8p3
NTP NTP 4.2.8p2
NTP NTP 4.2.7p111
NTP NTP 4.2.7p11
NTP NTP 4.2.5p3
NTP NTP 4.2.5p186
NTP NTP 4.2.0.a
Juniper Junos OS 0
IBM QLogic Virtual Fabric Extension Module for IBM BladeCenter 9.0
IBM QLogic 8Gb Intelligent Pass-thru Module and SAN Switch Module 7.10
IBM Flex System FC3171 8Gb SAN Switch and SAN Pass-thru 9.1.0.00
IBM DS8800 86.31.167.0 (R6.3)
IBM DS8800 0
IBM DS8700 87.51.14.X (R7.5)
IBM DS8700 87.41.17.X (R7.4)
IBM DS8700 76.31.143.0 (R6.3)
FreeBSD Freebsd 9.3-RELEASE-p9
FreeBSD FreeBSD 9.3-RELEASE-p6
FreeBSD FreeBSD 9.3-RELEASE-p5
FreeBSD FreeBSD 9.3-RELEASE-p3
FreeBSD Freebsd 9.3-RELEASE-p25
FreeBSD Freebsd 9.3-RELEASE-p24
FreeBSD Freebsd 9.3-RELEASE-p22
FreeBSD Freebsd 9.3-RELEASE-p21
FreeBSD FreeBSD 9.3-RELEASE-p2
FreeBSD Freebsd 9.3-RELEASE-p13
FreeBSD Freebsd 9.3-RELEASE-p10
FreeBSD FreeBSD 9.3-RELEASE-p1
FreeBSD FreeBSD 9.3-RC3-p1
FreeBSD FreeBSD 9.3-RC2-p1
FreeBSD FreeBSD 9.3-RC2
FreeBSD FreeBSD 9.3-RC1-p2
FreeBSD FreeBSD 9.3-RC
FreeBSD FreeBSD 9.3-PRERELEASE
FreeBSD FreeBSD 9.3-BETA3-p2
FreeBSD FreeBSD 9.3-BETA1-p2
FreeBSD FreeBSD 9.3-BETA1-p1
FreeBSD FreeBSD 9.3-BETA1
FreeBSD FreeBSD 9.3
FreeBSD Freebsd 10.2-RC2-p1
FreeBSD Freebsd 10.2-RC1-p2
FreeBSD Freebsd 10.2-RC1-p1
FreeBSD Freebsd 10.2-PRERELEASE
FreeBSD Freebsd 10.2-BETA2-p3
FreeBSD Freebsd 10.2-BETA2-p2
FreeBSD Freebsd 10.2
FreeBSD FreeBSD 10.1-STABLE
FreeBSD Freebsd 10.1-RELENG
FreeBSD Freebsd 10.1-RELEASE-p9
FreeBSD Freebsd 10.1-RELEASE-p6
FreeBSD Freebsd 10.1-RELEASE-p5
FreeBSD Freebsd 10.1-RELEASE-p19
FreeBSD Freebsd 10.1-RELEASE-p17
FreeBSD Freebsd 10.1-RELEASE-p16
FreeBSD FreeBSD 10.1-RELEASE-p1
FreeBSD Freebsd 10.1-RELEASE
FreeBSD FreeBSD 10.1-RC4-p1
FreeBSD FreeBSD 10.1-RC3-p1
FreeBSD FreeBSD 10.1-RC2-p3
FreeBSD FreeBSD 10.1-RC2-p1
FreeBSD FreeBSD 10.1-RC1-p1
FreeBSD FreeBSD 10.1-PRERELEASE
FreeBSD FreeBSD 10.1-BETA3-p1
FreeBSD FreeBSD 10.1-BETA1-p1
FreeBSD FreeBSD 10.1
Extremenetworks Summit WM3000 Series 0
Extremenetworks Purview Appliance 6.3
Extremenetworks Purview Appliance 6.0
Extremenetworks NetSight Appliance 6.3
Extremenetworks NetSight Appliance 6.0
Extremenetworks NAC Appliance 6.3
Extremenetworks NAC Appliance 6.0
Extremenetworks ExtremeXOS 15.7.4
Extremenetworks ExtremeXOS 15.7.3 Patch 8
Extremenetworks ExtremeXOS 15.7.3 Patch 1
Extremenetworks ExtremeXOS 15.7.2
Extremenetworks ExtremeXOS 15.7
Extremenetworks ExtremeXOS 15.6.4
Extremenetworks ExtremeXOS 15.4.1.0
Extremenetworks ExtremeXOS 15.3


Not Vulnerable: Rockwell Automation Stratix 5900 15.6.3
NTP NTP 4.3.77
NTP NTP 4.2.8p4
IBM QLogic Virtual Fabric Extension Module for IBM BladeCenter 9.0.3.14.0
IBM QLogic 8Gb Intelligent Pass-thru Module and SAN Switch Module 7.10.1.37.00
IBM Flex System FC3171 8Gb SAN Switch and SAN Pass-thru 9.1.7.03.00
FreeBSD FreeBSD 9.3-STABLE
FreeBSD Freebsd 9.3-RELEASE-p29
FreeBSD Freebsd 10.2-STABLE
FreeBSD Freebsd 10.2-RELEASE-p6
FreeBSD Freebsd 10.1-RELEASE-p23
Extremenetworks Purview Appliance 6.4
Extremenetworks NetSight Appliance 6.4
Extremenetworks NAC Appliance 6.4
Extremenetworks ExtremeXOS 21.1
Extremenetworks ExtremeXOS 16.2


Exploit


Attackers can use standard commands to exploit this issue.


Related Posts