CVE-2015-7976 — MEDIUM (4.3)

Vulnerability Description

The ntpq saveconfig command in NTP 4.1.2, 4.2.x before 4.2.8p6, 4.3, 4.3.25, 4.3.70, and 4.3.77 does not properly filter special characters, which allows attackers to cause unspecified impact via a crafted filename.

CVSS Score

4.3

MEDIUM

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

NONE

Integrity

LOW

Availability

NONE

Affected Products

Vendor	Product	Versions
Ntp	Ntp	4.1.2
Suse	Linux Enterprise Debuginfo	11
Suse	Manager	2.1
Suse	Manager Proxy	2.1
Novell	Suse Openstack Cloud	5
Opensuse	Leap	42.1
Opensuse	Opensuse	13.2
Suse	Linux Enterprise Desktop	12
Suse	Linux Enterprise Server	10
Suse	Suse Linux Enterprise Server	12

Related Weaknesses (CWE)

CWE-254

References

http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00059.htmlThird Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00060.htmlThird Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00020.htmlThird Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00038.htmlThird Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00048.htmlThird Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00026.htmlThird Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00042.htmlThird Party Advisory
http://lists.opensuse.org/opensuse-updates/2016-05/msg00114.htmlThird Party Advisory
http://support.ntp.org/bin/view/Main/NtpBug2938Vendor Advisory
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20Third Party Advisory
http://www.securitytracker.com/id/1034782Third Party AdvisoryVDB Entry
http://www.ubuntu.com/usn/USN-3096-1Third Party Advisory
https://bto.bluecoat.com/security-advisory/sa113Third Party Advisory
https://security.FreeBSD.org/advisories/FreeBSD-SA-16:09.ntp.asc
https://security.gentoo.org/glsa/201607-15Third Party Advisory

FAQ

What is CVE-2015-7976?

CVE-2015-7976 is a vulnerability with a CVSS score of 4.3 (MEDIUM). The ntpq saveconfig command in NTP 4.1.2, 4.2.x before 4.2.8p6, 4.3, 4.3.25, 4.3.70, and 4.3.77 does not properly filter special characters, which allows attackers to cause unspecified impact via a cr...

How severe is CVE-2015-7976?

CVE-2015-7976 has been rated MEDIUM with a CVSS base score of 4.3/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2015-7976?

Check the references section above for vendor advisories and patch information. Affected products include: Ntp Ntp, Suse Linux Enterprise Debuginfo, Suse Manager, Suse Manager Proxy, Novell Suse Openstack Cloud.