Lucene search
F5F5:K17525HistoryNov 06, 2015 - 12:00 a.m.
K17525 : NTP vulnerability CVE-2015-7853
2015-11-0600:00:00
my.f5.com
24
Security Advisory Description
The datalen parameter in the refclock driver in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to execute arbitrary code or cause a denial of service (crash) via a negative input value. (CVE-2015-7853)
Impact
Running a custom refclock driver in ntpdcould overflow a data buffer under certain conditions. Running a custom installed refclock driver is not a supported configuration in F5 products.
| CPE | Name | Operator | Version |
|---|---|---|---|
| big-ip afm | eq | 11.3.0 | |
| big-ip afm | eq | 11.4.0 | |
| big-ip afm | eq | 11.4.1 | |
| big-ip afm | eq | 11.5.0 | |
| big-ip afm | eq | 11.5.1 | |
| big-ip afm | eq | 11.5.2 | |
| big-ip afm | eq | 11.5.3 | |
| big-ip afm | eq | 11.6.0 | |
| big-ip afm | eq | 11.6.1 | |
| big-ip afm | eq | 12.0.0 |
Related
talos
talos
Network Time Protocol Reference Clock Memory Corruption Vulnerability
2015-10-21 00:00:00
debiancve
debiancve
CVE-2015-7853
2017-08-07 20:29:00
nessus
nessus
Rockwell Automation Stratix Network Time Protocol Reference Clock Memory Corruption (CVE-2015-7853)
2023-11-15 00:00:00
F5 Networks BIG-IP : NTP vulnerability (K17525)
2016-05-25 00:00:00
EulerOS Virtualization 2.5.3 : ntp (EulerOS-SA-2019-1222)
2019-04-09 00:00:00
nvd
nvd
CVE-2015-7853
2017-08-07 20:29:00
ubuntucve
ubuntucve
CVE-2015-7853
2015-10-22 00:00:00
f5
f5
SOL17525 - NTP vulnerability CVE-2015-7853
2015-11-02 00:00:00
cve
cve
CVE-2015-7853
2017-08-07 20:29:00
cvelist
cvelist
CVE-2015-7853
2017-08-07 20:00:00
prion
prion
Input validation
2017-08-07 20:29:00
mageia
mageia
Updated ntp package fixes security vulnerabilities
2015-10-30 23:11:10
openvas
openvas
Mageia: Security Advisory (MGASA-2015-0418)
2015-11-08 00:00:00
Huawei EulerOS: Security Advisory for ntp (EulerOS-SA-2019-1222)
2020-01-23 00:00:00
Huawei EulerOS: Security Advisory for ntp (EulerOS-SA-2019-1719)
2020-01-23 00:00:00
ibm
ibm
aix
aix
Vulnerabilities in NTP affect AIX,Vulnerabilities in NTP affect VIOS
2016-01-21 09:13:20
freebsd_advisory
freebsd_advisory
FreeBSD-SA-15:25.ntp
2015-10-26 00:00:00
ics
ics
Siemens SIMATIC NET CP 443-1 OPC UA
2021-06-08 12:00:00
Rockwell Automation Stratix 5900
2017-05-10 12:00:00
freebsd
freebsd
ntp -- 13 low- and medium-severity vulnerabilities
2015-10-21 00:00:00
arista
arista
Security Advisory 0016
2015-11-04 00:00:00
archlinux
archlinux
ntp: multiple issues
2015-10-22 00:00:00
slackware
slackware
[slackware-security] ntp
2015-10-29 22:49:05
securityvulns
securityvulns
ntp multiple security vulnerabilities
2015-11-01 00:00:00
[USN-2783-1] NTP vulnerabilities
2015-11-01 00:00:00
cisco
cisco
Multiple Vulnerabilities in ntpd Affecting Cisco Products - October 2015
2015-10-21 23:00:00
ubuntu
ubuntu
NTP vulnerabilities
2015-10-27 00:00:00
symantec
symantec
SA103 : October 2015 NTP Security Vulnerabilities
2015-11-24 08:00:00
suse
suse
Security update for ntp (important)
2016-05-06 13:07:50
Security update for ntp (important)
2016-05-17 15:09:17
Security update for yast2-ntp-client (important)
2016-08-17 21:08:25
gentoo
gentoo
NTP: Multiple vulnerabilities
2016-07-20 00:00:00