CVE-2015-7976medium
Description
The ntpq saveconfig command in NTP 4.1.2, 4.2.x before 4.2.8p6, 4.3, 4.3.25, 4.3.70, and 4.3.77 does not properly filter special characters, which allows attackers to cause unspecified impact via a crafted filename.
References
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00059.html
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00060.html
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00020.html
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00038.html
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00048.html
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00026.html
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00042.html
http://lists.opensuse.org/opensuse-updates/2016-05/msg00114.html
http://support.ntp.org/bin/view/Main/NtpBug2938
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160127-ntpd
http://www.securitytracker.com/id/1034782
http://www.ubuntu.com/usn/USN-3096-1
https://bto.bluecoat.com/security-advisory/sa113
https://security.FreeBSD.org/advisories/FreeBSD-SA-16:09.ntp.asc
https://security.gentoo.org/glsa/201607-15
Details
Source: MITRE
Published: 2017-01-30
Updated: 2018-10-30
Type: CWE-254
Risk Information
CVSS v2
Base Score: 4
Vector: AV:N/AC:L/Au:S/C:N/I:P/A:N
Impact Score: 2.9
Exploitability Score: 8
Severity: MEDIUM
CVSS v3
Base Score: 4.3
Vector: CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Impact Score: 1.4
Exploitability Score: 2.8
Severity: MEDIUM