CVE-2015-7851

medium
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

Directory traversal vulnerability in the save_config function in ntpd in ntp_control.c in NTP before 4.2.8p4, when used on systems that do not use '\' or '/' characters for directory separation such as OpenVMS, allows remote authenticated users to overwrite arbitrary files.

References

http://support.ntp.org/bin/view/Main/NtpBug2918

http://support.ntp.org/bin/view/Main/SecurityNotice

http://www.talosintel.com/reports/TALOS-2015-0062/

Details

Source: MITRE

Published: 2020-01-28

Updated: 2020-06-18

Type: CWE-22

Risk Information

CVSS v2

Base Score: 3.5

Vector: AV:N/AC:M/Au:S/C:N/I:P/A:N

Impact Score: 2.9

Exploitability Score: 6.8

Severity: LOW

CVSS v3

Base Score: 6.5

Vector: CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:H/A:N

Impact Score: 3.6

Exploitability Score: 2.8

Severity: MEDIUM

Tenable Plugins

View all (12 total)

IDNameProductFamilySeverity
106497pfSense < 2.2.5 Multiple Vulnerabilities (SA-15_08)NessusFirewalls
high
93186SUSE SLES10 Security Update : ntp (SUSE-SU-2016:1912-1)NessusSuSE Local Security Checks
critical
92485GLSA-201607-15 : NTP: Multiple vulnerabilitiesNessusGentoo Local Security Checks
critical
91403openSUSE Security Update : ntp (openSUSE-2016-649)NessusSuSE Local Security Checks
critical
91248SUSE SLES11 Security Update : ntp (SUSE-SU-2016:1311-1)NessusSuSE Local Security Checks
critical
90991SUSE SLED12 / SLES12 Security Update : ntp (SUSE-SU-2016:1247-1)NessusSuSE Local Security Checks
critical
87010SUSE SLED11 / SLES11 Security Update : ntp (SUSE-SU-2015:2058-1)NessusSuSE Local Security Checks
critical
86964openSUSE Security Update : ntp (openSUSE-2015-767)NessusSuSE Local Security Checks
critical
86664Slackware 13.0 / 13.1 / 13.37 / 14.0 / 14.1 / current : ntp (SSA:2015-302-03)NessusSlackware Local Security Checks
critical
86640Debian DLA-335-1 : ntp security updateNessusDebian Local Security Checks
critical
86631Network Time Protocol Daemon (ntpd) 3.x / 4.x < 4.2.8p4 Multiple VulnerabilitiesNessusMisc.
critical
86519FreeBSD : ntp -- 13 low- and medium-severity vulnerabilities (c4a18a12-77fc-11e5-a687-206a8a720317)NessusFreeBSD Local Security Checks
critical