CVE-2015-7703

HIGH

NTP ntpd <4.2.8p4-4.3.77 - Code Injection

Title source: llm
STIX 2.1

Description

The "pidfile" or "driftfile" directives in NTP ntpd 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77, when ntpd is configured to allow remote configuration, allows remote attackers with an IP address that is allowed to send configuration requests, and with knowledge of the remote configuration password to write to arbitrary files via the :config command.

References (10)

Core 10
Core References
Third Party Advisory vendor-advisory x_refsource_redhat
http://rhn.redhat.com/errata/RHSA-2016-0780.html
Third Party Advisory vendor-advisory x_refsource_gentoo
https://security.gentoo.org/glsa/201607-15
Third Party Advisory x_refsource_confirm
https://security.netapp.com/advisory/ntap-20171004-0001/
Third Party Advisory vendor-advisory x_refsource_redhat
http://rhn.redhat.com/errata/RHSA-2016-2583.html
Third Party Advisory, VDB Entry vdb-entry x_refsource_sectrack
http://www.securitytracker.com/id/1033951
Third Party Advisory, VDB Entry vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/77278
Vendor Advisory x_refsource_confirm
http://support.ntp.org/bin/view/Main/NtpBug2902
Third Party Advisory vendor-advisory x_refsource_debian
http://www.debian.org/security/2015/dsa-3388
Issue Tracking, Third Party Advisory, VDB Entry x_refsource_confirm
https://bugzilla.redhat.com/show_bug.cgi?id=1254547

Scores

CVSS v3 7.5
EPSS 0.0382
EPSS Percentile 88.8%
Attack Vector NETWORK
CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:H/A:N

Details

CWE
CWE-20
Status published
Products (28)
debian/debian_linux 7.0
debian/debian_linux 8.0
debian/debian_linux 9.0
netapp/clustered_data_ontap
netapp/data_ontap
netapp/oncommand_performance_manager
netapp/oncommand_unified_manager
ntp/ntp 4.2.8 (17 CPE variants)
ntp/ntp 4.2.0 - 4.2.8
oracle/linux 6
... and 18 more
Published Jul 24, 2017
Tracked Since Feb 18, 2026