frendeites
CVE Liste des failles et vulnérabilités
Découvrez les nouveaux vecteurs d'attaques et vulnérabilités informatiques
Retour

CVE-2015-7978 - CVE Vulnerability

Publié par . Publié dans DOS Denial of service

NTP before 4.2.8p6 and 4.3.0 before 4.3.90 allows a remote attackers to cause a denial of service (stack exhaustion) via an ntpdc relist command, which triggers recursive traversal of the restriction list. (CVSS:0.0) (Last Update:2017-01-30)

Vulnerability Details :

NTP before 4.2.8p6 and 4.3.0 before 4.3.90 allows a remote attackers to cause a denial of service (stack exhaustion) via an ntpdc relist command, which triggers recursive traversal of the restriction list.
Publish Date : 2017-01-30 Last Update Date : 2017-01-30

- CVSS Scores & Vulnerability Types

CVSS Score
0.0
Confidentiality Impact ???
Integrity Impact ???
Availability Impact ???
Access Complexity ???
Authentication ???
Gained Access None
Vulnerability Type(s) Denial Of Service
CWE ID CWE id is not defined for this vulnerability

- Related OVAL Definitions

Title Definition Id Class Family
RHSA-2016:0780: ntp security and bug fix update (Moderate) oval:com.redhat.rhsa:def:20160780 unix
RHSA-2016:2583: ntp security and bug fix update (Moderate) oval:com.redhat.rhsa:def:20162583 unix
OVAL (Open Vulnerability and Assessment Language) definitions define exactly what should be done to verify a vulnerability or a missing patch. Check out the OVAL definitions if you want to learn what you should do to verify a vulnerability.

- Products Affected By CVE-2015-7978

# Product Type Vendor Product Version Update Edition Language
No vulnerable product found. If the vulnerability is created recently it may take a few days to gather vulnerable products list and other information like cvss scores. Please check again in a few days.

- References For CVE-2015-7978

http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177507.html
FEDORA FEDORA-2016-34bc10a2c8
http://lists.fedoraproject.org/pipermail/package-announce/2016-January/176434.html
FEDORA FEDORA-2016-8bb1932088
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00059.html
SUSE SUSE-SU-2016:1175
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00060.html
SUSE SUSE-SU-2016:1177
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00020.html
SUSE SUSE-SU-2016:1247
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00038.html
SUSE openSUSE-SU-2016:1292
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00048.html
SUSE SUSE-SU-2016:1311
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00026.html
SUSE SUSE-SU-2016:1912
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00042.html
SUSE SUSE-SU-2016:2094
http://lists.opensuse.org/opensuse-updates/2016-05/msg00114.html
SUSE openSUSE-SU-2016:1423
http://rhn.redhat.com/errata/RHSA-2016-0780.html
REDHAT RHSA-2016:0780
http://rhn.redhat.com/errata/RHSA-2016-2583.html
REDHAT RHSA-2016:2583
http://support.ntp.org/bin/view/Main/SecurityNotice#April_2016_NTP_4_2_8p7_Security CONFIRM
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160127-ntpd
CISCO 20160120 Multiple Vulnerabilities in Network Time Protocol Daemon Affecting Cisco Products - January 2016
http://www.debian.org/security/2016/dsa-3629
DEBIAN DSA-3629
http://www.securityfocus.com/bid/81962
BID 81962 NTP CVE-2015-7978 Denial of Service Vulnerability Release Date:2016-10-10
http://www.securitytracker.com/id/1034782
SECTRACK 1034782
http://www.ubuntu.com/usn/USN-3096-1
UBUNTU USN-3096-1
https://bto.bluecoat.com/security-advisory/sa113 CONFIRM
https://security.gentoo.org/glsa/201607-15
GENTOO GLSA-201607-15
https://www.kb.cert.org/vuls/id/718152
CERT-VN VU#718152

- Metasploit Modules Related To CVE-2015-7978

There are not any metasploit modules related to this CVE entry (Please visit www.metasploit.com for more information)

Pour nous Contacter

 Des questions à nous soumettre ?
 Demande d'intervention ou devis
 Soumission d'un appel d'offre
 Inscription à une formation

Newsletter Cybersécurité

Soyez informé des évènements & nouveautés en cybersécurité et en sécurité informatique (SSI).

Ressources Sécurité

 Dernières vulnérabilités informatiques
 Blog sécurité informatique
 Glossaire sécurité informatique
 FAQ Questions Fréquentes

Notre expertise cybersécurité validée par de multiples certifications internationales

certifications sécurité informatique AKAOMA
Newsletter: abonnez-vous !

Recevez régulièrement les news en sécurité.
Garantissez votre veille permanente
Restez informé, rejoignez notre communauté !