CVE-2015-7976 Information

Description

The ntpq saveconfig command in NTP 4.1.2 4.2.x before 4.2.8p6 4.3 4.3.25 4.3.70 and 4.3.77 does not properly filter special characters which allows attackers to cause unspecified impact via a crafted filename.

CVSS Vector

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

Reference

http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00059.html http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00060.html http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00020.html http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00038.html http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00048.html http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00026.html http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00042.html http://lists.opensuse.org/opensuse-updates/2016-05/msg00114.html http://support.ntp.org/bin/view/Main/NtpBug2938 http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160127-ntpd http://www.securitytracker.com/id/1034782 http://www.ubuntu.com/usn/USN-3096-1 https://bto.bluecoat.com/security-advisory/sa113 https://security.FreeBSD.org/advisories/FreeBSD-SA-16:09.ntp.asc https://security.gentoo.org/glsa/201607-15 https://security.netapp.com/advisory/ntap-20171031-0001/ https://www.kb.cert.org/vuls/id/718152

Attack Complexity

LOW

Privileges Required

LOW

User Interaction Required

LOW

Scope

NONE

Confidentiality Impact

UNCHANGED

Integrity Impact

NONE

Availability Impact

LOW

Base Score

NONE

Base Severity

4.3