CVE-2015-7704 — HIGH (7.5) — White Hats Nepal

Q: What is CVE-2015-7704?

CVE-2015-7704 is a vulnerability with a CVSS score of 7.5 (HIGH). The ntpd client in NTP 4.x before 4.2.8p4 and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service via a number of crafted "KOD" messages.

Q: How severe is CVE-2015-7704?

CVE-2015-7704 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2015-7704?

Check the references section above for vendor advisories and patch information. Affected products include: Ntp Ntp, Debian Debian Linux, Netapp Oncommand Performance Manager, Netapp Oncommand Unified Manager, Netapp Clustered Data Ontap.

Vulnerability Description

The ntpd client in NTP 4.x before 4.2.8p4 and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service via a number of crafted "KOD" messages.

CVSS Score

7.5

HIGH

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

NONE

Integrity

NONE

Availability

HIGH

Affected Products

Vendor	Product	Versions
Ntp	Ntp	>= 4.2.0, < 4.2.8
Debian	Debian Linux	7.0
Netapp	Oncommand Performance Manager	-
Netapp	Oncommand Unified Manager	-
Netapp	Clustered Data Ontap	-
Netapp	Data Ontap	-
Redhat	Enterprise Linux Desktop	6.0
Redhat	Enterprise Linux Server	6.0
Redhat	Enterprise Linux Server Aus	6.5
Redhat	Enterprise Linux Server Eus	6.5
Redhat	Enterprise Linux Server Tus	6.5
Redhat	Enterprise Linux Workstation	6.0
Mcafee	Enterprise Security Manager	< 10.4.0
Citrix	Xenserver	6.0.2

Related Weaknesses (CWE)

CWE-20

References

http://bugs.ntp.org/show_bug.cgi?id=2901Issue TrackingVendor Advisory
http://rhn.redhat.com/errata/RHSA-2015-1930.htmlThird Party Advisory
http://rhn.redhat.com/errata/RHSA-2015-2520.htmlThird Party Advisory
http://support.ntp.org/bin/view/Main/NtpBug2901Vendor Advisory
http://support.ntp.org/bin/view/Main/SecurityNotice#October_2015_NTP_4_2_8p4_SecRelease NotesVendor Advisory
http://www.debian.org/security/2015/dsa-3388Third Party Advisory
http://www.oracle.com/technetwork/topics/security/bulletinapr2016-2952098.htmlThird Party Advisory
http://www.securityfocus.com/bid/77280Third Party AdvisoryVDB Entry
http://www.securitytracker.com/id/1033951Third Party AdvisoryVDB Entry
https://bugzilla.redhat.com/show_bug.cgi?id=1271070Issue TrackingThird Party AdvisoryVDB Entry
https://eprint.iacr.org/2015/1020.pdfTechnical DescriptionThird Party Advisory
https://h20566.www2.hpe.com/portal/site/hpsc/public/kb/docDisplay?docId=emr_na-cThird Party AdvisoryVDB Entry
https://kc.mcafee.com/corporate/index?page=content&id=SB10284Third Party Advisory
https://security.gentoo.org/glsa/201607-15Third Party AdvisoryVDB Entry
https://security.netapp.com/advisory/ntap-20171004-0001/Third Party Advisory

FAQ

What is CVE-2015-7704?

CVE-2015-7704 is a vulnerability with a CVSS score of 7.5 (HIGH). The ntpd client in NTP 4.x before 4.2.8p4 and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service via a number of crafted "KOD" messages.

How severe is CVE-2015-7704?

CVE-2015-7704 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2015-7704?

Check the references section above for vendor advisories and patch information. Affected products include: Ntp Ntp, Debian Debian Linux, Netapp Oncommand Performance Manager, Netapp Oncommand Unified Manager, Netapp Clustered Data Ontap.