CVE-2015-7850

Published: Aug 7, 2017Modified: May 13, 2026

6.5

Vector

CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H

Exploitability: 2.8 / Impact: 3.6

Source: NVD

Description

ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote authenticated users to cause a denial of service (infinite loop or crash) by pointing the key file at the log file.

Affected (27)

Products: Ntp: Ntp · Debian: Debian Linux · Netapp: Clustered Data Ontap, Data Ontap, Oncommand Balance, Oncommand Performance Manager, Oncommand Unified Manager

1 product

1 product

5 products

Oncommand Performance Manager

Oncommand Unified Manager

Configuration A

19 vulnerable

Vulnerable Software	Affected Versions
Ntp Ntp	From 4.2.0 to 4.2.8
Ntp Ntp	From 4.3.0 to 4.3.77
Ntp Ntp	Version 4.2.8
Ntp Ntp	Version 4.2.8 p1-beta1
Ntp Ntp	Version 4.2.8 p1-beta2
Ntp Ntp	Version 4.2.8 p1-beta3
Ntp Ntp	Version 4.2.8 p1-beta4
Ntp Ntp	Version 4.2.8 p1-beta5
Ntp Ntp	Version 4.2.8 p1-rc1
Ntp Ntp	Version 4.2.8 p1-rc2
Ntp Ntp	Version 4.2.8 p1
Ntp Ntp	Version 4.2.8 p2-rc1
Ntp Ntp	Version 4.2.8 p2-rc2
Ntp Ntp	Version 4.2.8 p2-rc3
Ntp Ntp	Version 4.2.8 p2
Ntp Ntp	Version 4.2.8 p3-rc1
Ntp Ntp	Version 4.2.8 p3-rc2
Ntp Ntp	Version 4.2.8 p3-rc3
Ntp Ntp	Version 4.2.8 p3

Configuration B

3 vulnerable

Vulnerable Software	Affected Versions
Debian Debian Linux	Version 7.0
Debian Debian Linux	Version 8.0
Debian Debian Linux	Version 9.0

Configuration C

5 vulnerable

Vulnerable Software	Affected Versions
Netapp Clustered Data Ontap	All versions
Netapp Data Ontap	All versions
Netapp Oncommand Balance	All versions
Netapp Oncommand Performance Manager	All versions
Netapp Oncommand Unified Manager	All versions