Cyberthreat Blog, Author at Cyberthreat Blog from Fortify24x7 Page 27334 of 28407

CVE-2015-7849

Posted by Cyberthreat Blog | Aug 7, 2017 | CVE Notifications |

Use-after-free vulnerability in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote authenticated users to possibly execute arbitrary code or cause a denial of service (crash) via crafted packets.

CVE-2015-7705

Posted by Cyberthreat Blog | Aug 7, 2017 | CVE Notifications |

The rate limiting feature in NTP 4.x before 4.2.8p4 and 4.3.x before 4.3.77 allows remote attackers to have unspecified impact via a large number of crafted requests.

CVE-2015-7704

Posted by Cyberthreat Blog | Aug 7, 2017 | CVE Notifications |

The ntpd client in NTP 4.x before 4.2.8p4 and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service via a number of crafted “KOD” messages.

CVE-2015-7701

Posted by Cyberthreat Blog | Aug 7, 2017 | CVE Notifications |

Memory leak in the CRYPTO_ASSOC function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (memory consumption).

CVE-2015-7853

Posted by Cyberthreat Blog | Aug 7, 2017 | CVE Notifications |

The datalen parameter in the refclock driver in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to execute arbitrary code or cause a denial of service (crash) via a negative input value.

Author: Cyberthreat Blog

CVE-2015-7849

CVE-2015-7705

CVE-2015-7704

CVE-2015-7701

CVE-2015-7853