CVE-2015-7854
- EPSS 4.19%
- Veröffentlicht 07.08.2017 20:29:00
- Zuletzt bearbeitet 20.04.2025 01:37:25
Buffer overflow in the password management functionality in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote authenticated users to cause a denial of service (daemon crash) or possibly execute arbitrary code via a crafted key file.
CVE-2015-7855
- EPSS 60.88%
- Veröffentlicht 07.08.2017 20:29:00
- Zuletzt bearbeitet 20.04.2025 01:37:25
The decodenetnum function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (assertion failure) via a 6 or mode 7 packet containing a long data value.
CVE-2015-7871
- EPSS 76.65%
- Veröffentlicht 07.08.2017 20:29:00
- Zuletzt bearbeitet 20.04.2025 01:37:25
Crypto-NAK packets in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to bypass authentication.
CVE-2015-7703
- EPSS 4.95%
- Veröffentlicht 24.07.2017 14:29:00
- Zuletzt bearbeitet 20.04.2025 01:37:25
The "pidfile" or "driftfile" directives in NTP ntpd 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77, when ntpd is configured to allow remote configuration, allows remote attackers with an IP address that is allowed to send configuration requests, and w...
CVE-2016-1563
- EPSS 0.13%
- Veröffentlicht 07.04.2016 10:59:02
- Zuletzt bearbeitet 12.04.2025 10:46:40
NetApp Clustered Data ONTAP 8.3.1 does not properly verify X.509 certificates from TLS servers, which allows man-in-the-middle attackers to spoof servers and obtain sensitive information via a crafted certificate.