Netapp

Data Ontap

33 vulnerabilities found.

Hinweis: Diese Liste kann unvollständig sein. Daten werden ohne Gewähr im Ursprungsformat bereitgestellt.
7.5

CVE-2018-18066

Exploit
  • EPSS 0.59%
  • Published 08.10.2018 18:29:00
  • Last modified 06.05.2025 15:15:54

snmp_oid_compare in snmplib/snmp_api.c in Net-SNMP before 5.8 has a NULL Pointer Exception bug that can be used by an unauthenticated attacker to remotely cause the instance to crash via a crafted UDP packet, resulting in Denial of Service.

6.5

CVE-2018-18065

Exploit
  • EPSS 4.29%
  • Published 08.10.2018 18:29:00
  • Last modified 21.11.2024 03:55:25

_set_key in agent/helpers/table_container.c in Net-SNMP before 5.8 has a NULL Pointer Exception bug that can be used by an authenticated attacker to remotely cause the instance to crash via a crafted UDP packet, resulting in Denial of Service.

5.3

CVE-2018-15473

Exploit
  • EPSS 90.29%
  • Published 17.08.2018 19:29:00
  • Last modified 21.11.2024 03:50:53

OpenSSH through 7.7 is prone to a user enumeration vulnerability due to not delaying bailout for an invalid authenticating user until after the packet containing the request has been fully parsed, related to auth2-gss.c, auth2-hostbased.c, and auth2-...

9.8

CVE-2015-7746

  • EPSS 0.64%
  • Published 01.09.2017 13:29:00
  • Last modified 20.04.2025 01:37:25

NetApp Data ONTAP before 8.2.4, when operating in 7-Mode, allows remote attackers to bypass authentication and (1) obtain sensitive information from or (2) modify volumes via vectors related to UTF-8 in the volume language.

5.9

CVE-2017-12859

  • EPSS 0.59%
  • Published 18.08.2017 16:29:00
  • Last modified 20.04.2025 01:37:25

NetApp Data ONTAP before 8.2.5, when operating in 7-Mode in NFS environments, allows remote attackers to cause a denial of service via unspecified vectors.

6.5

CVE-2015-7855

Exploit
  • EPSS 60.88%
  • Published 07.08.2017 20:29:00
  • Last modified 20.04.2025 01:37:25

The decodenetnum function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (assertion failure) via a 6 or mode 7 packet containing a long data value.

9.8

CVE-2015-7871

  • EPSS 76.65%
  • Published 07.08.2017 20:29:00
  • Last modified 20.04.2025 01:37:25

Crypto-NAK packets in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to bypass authentication.

8.8

CVE-2015-7854

  • EPSS 4.19%
  • Published 07.08.2017 20:29:00
  • Last modified 20.04.2025 01:37:25

Buffer overflow in the password management functionality in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote authenticated users to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted key file.

9.8

CVE-2015-7853

  • EPSS 20.96%
  • Published 07.08.2017 20:29:00
  • Last modified 20.04.2025 01:37:25

The datalen parameter in the refclock driver in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to execute arbitrary code or cause a denial of service (crash) via a negative input value.

5.9

CVE-2015-7852

  • EPSS 3.54%
  • Published 07.08.2017 20:29:00
  • Last modified 20.04.2025 01:37:25

ntpq in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (crash) via crafted mode 6 response packets.