CVE-2015-7975

Published: Jan 30, 2017Modified: May 13, 2026

6.2

Vector

CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Exploitability: 2.5 / Impact: 3.6

Source: NVD

Description

The nextvar function in NTP before 4.2.8p6 and 4.3.x before 4.3.90 does not properly validate the length of its input, which allows an attacker to cause a denial of service (application crash).

Affected (90)

Products: Ntp: Ntp

Ntp

1 product

Ntp

Configuration A

90 vulnerable

Vulnerable Software	Affected Versions
Ntp Ntp	Up to 4.2.8
Ntp Ntp	Version 4.3.0
Ntp Ntp	Version 4.3.10
Ntp Ntp	Version 4.3.11
Ntp Ntp	Version 4.3.12
Ntp Ntp	Version 4.3.13
Ntp Ntp	Version 4.3.14
Ntp Ntp	Version 4.3.15
Ntp Ntp	Version 4.3.16
Ntp Ntp	Version 4.3.17
Ntp Ntp	Version 4.3.18
Ntp Ntp	Version 4.3.19
Ntp Ntp	Version 4.3.1
Ntp Ntp	Version 4.3.20
Ntp Ntp	Version 4.3.21
Ntp Ntp	Version 4.3.22
Ntp Ntp	Version 4.3.23
Ntp Ntp	Version 4.3.24
Ntp Ntp	Version 4.3.25
Ntp Ntp	Version 4.3.26
Ntp Ntp	Version 4.3.27
Ntp Ntp	Version 4.3.28
Ntp Ntp	Version 4.3.29
Ntp Ntp	Version 4.3.2
Ntp Ntp	Version 4.3.30
Ntp Ntp	Version 4.3.31
Ntp Ntp	Version 4.3.32
Ntp Ntp	Version 4.3.33
Ntp Ntp	Version 4.3.34
Ntp Ntp	Version 4.3.35
Ntp Ntp	Version 4.3.36
Ntp Ntp	Version 4.3.37
Ntp Ntp	Version 4.3.38
Ntp Ntp	Version 4.3.39
Ntp Ntp	Version 4.3.3
Ntp Ntp	Version 4.3.40
Ntp Ntp	Version 4.3.41
Ntp Ntp	Version 4.3.42
Ntp Ntp	Version 4.3.43
Ntp Ntp	Version 4.3.44
Ntp Ntp	Version 4.3.45
Ntp Ntp	Version 4.3.46
Ntp Ntp	Version 4.3.47
Ntp Ntp	Version 4.3.48
Ntp Ntp	Version 4.3.49
Ntp Ntp	Version 4.3.4
Ntp Ntp	Version 4.3.50
Ntp Ntp	Version 4.3.51
Ntp Ntp	Version 4.3.52
Ntp Ntp	Version 4.3.53
Ntp Ntp	Version 4.3.54
Ntp Ntp	Version 4.3.55
Ntp Ntp	Version 4.3.56
Ntp Ntp	Version 4.3.57
Ntp Ntp	Version 4.3.58
Ntp Ntp	Version 4.3.59
Ntp Ntp	Version 4.3.5
Ntp Ntp	Version 4.3.60
Ntp Ntp	Version 4.3.61
Ntp Ntp	Version 4.3.62
Ntp Ntp	Version 4.3.63
Ntp Ntp	Version 4.3.64
Ntp Ntp	Version 4.3.65
Ntp Ntp	Version 4.3.66
Ntp Ntp	Version 4.3.67
Ntp Ntp	Version 4.3.68
Ntp Ntp	Version 4.3.69
Ntp Ntp	Version 4.3.6
Ntp Ntp	Version 4.3.70
Ntp Ntp	Version 4.3.71
Ntp Ntp	Version 4.3.72
Ntp Ntp	Version 4.3.73
Ntp Ntp	Version 4.3.74
Ntp Ntp	Version 4.3.75
Ntp Ntp	Version 4.3.76
Ntp Ntp	Version 4.3.77
Ntp Ntp	Version 4.3.78
Ntp Ntp	Version 4.3.79
Ntp Ntp	Version 4.3.7
Ntp Ntp	Version 4.3.80
Ntp Ntp	Version 4.3.81
Ntp Ntp	Version 4.3.82
Ntp Ntp	Version 4.3.83
Ntp Ntp	Version 4.3.84
Ntp Ntp	Version 4.3.85
Ntp Ntp	Version 4.3.86
Ntp Ntp	Version 4.3.87
Ntp Ntp	Version 4.3.88
Ntp Ntp	Version 4.3.89
Ntp Ntp	Version 4.3.8

Related CWEs

CWE-119

Improper Restriction of Operations within the Bounds of a Memory Buffer

The product performs operations on a memory buffer, but it reads from or writes to a memory location outside the buffer's intended boundary. This may result in read or write operations on unexpected memory locations that could be linked to other variables, data structures, or internal program data.

References (40)

http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00059.html

Source: cve@mitre.org

Third Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00060.html

Source: cve@mitre.org

Third Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00020.html

Source: cve@mitre.org

Third Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00038.html

Source: cve@mitre.org

Third Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00048.html

Source: cve@mitre.org

Third Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00026.html

Source: cve@mitre.org

Third Party Advisory

http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00042.html

Source: cve@mitre.org

Third Party Advisory

http://lists.opensuse.org/opensuse-updates/2016-05/msg00114.html

Source: cve@mitre.org

Third Party Advisory

http://support.ntp.org/bin/view/Main/NtpBug2937

Source: cve@mitre.org

Vendor Advisory

http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160127-ntpd

Source: cve@mitre.org

Third Party Advisory

http://www.securityfocus.com/bid/81959

Source: cve@mitre.org

Third Party AdvisoryVDB Entry

http://www.securitytracker.com/id/1034782

Source: cve@mitre.org

Third Party AdvisoryVDB Entry

http://www.ubuntu.com/usn/USN-3096-1

Source: cve@mitre.org

Third Party Advisory

https://bto.bluecoat.com/security-advisory/sa113

Source: cve@mitre.org

Third Party Advisory

https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03750en_us

Source: cve@mitre.org

https://h20566.www2.hpe.com/hpsc/doc/public/display?docLocale=en_US&docId=emr_na-hpesbhf03766en_us

Source: cve@mitre.org

https://security.FreeBSD.org/advisories/FreeBSD-SA-16:09.ntp.asc

Source: cve@mitre.org

https://security.gentoo.org/glsa/201607-15

Source: cve@mitre.org

Third Party Advisory

https://security.netapp.com/advisory/ntap-20171031-0001/

Source: cve@mitre.org

https://www.kb.cert.org/vuls/id/718152

Source: cve@mitre.org

Third Party AdvisoryUS Government Resource

http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00059.html