The "pidfile" or "driftfile" directives in NTP ntpd 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77, when ntpd is configured to allow remote configuration, allows remote attackers with an IP address that is allowed to send configuration requests, and with knowledge of the remote configuration password to write to arbitrary files via the :config command.
References
Link | Resource |
---|---|
http://rhn.redhat.com/errata/RHSA-2016-0780.html | Third Party Advisory |
http://rhn.redhat.com/errata/RHSA-2016-2583.html | Third Party Advisory |
http://support.ntp.org/bin/view/Main/NtpBug2902 | Vendor Advisory |
http://www.debian.org/security/2015/dsa-3388 | Third Party Advisory |
http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html | Third Party Advisory |
http://www.securityfocus.com/bid/77278 | Third Party Advisory VDB Entry |
http://www.securitytracker.com/id/1033951 | Third Party Advisory VDB Entry |
https://bugzilla.redhat.com/show_bug.cgi?id=1254547 | Issue Tracking Third Party Advisory VDB Entry |
https://security.gentoo.org/glsa/201607-15 | Third Party Advisory |
https://security.netapp.com/advisory/ntap-20171004-0001/ | Third Party Advisory |
Configurations
Configuration 1 (hide)
|
Configuration 2 (hide)
|
Configuration 3 (hide)
|
Configuration 4 (hide)
|
Configuration 5 (hide)
|
History
No history.
Information
Published : 2017-07-24 14:29
Updated : 2024-02-04 19:29
NVD link : CVE-2015-7703
Mitre link : CVE-2015-7703
CVE.ORG link : CVE-2015-7703
JSON object : View
Products Affected
netapp
- oncommand_performance_manager
- data_ontap
- clustered_data_ontap
- oncommand_unified_manager
debian
- debian_linux
redhat
- enterprise_linux_server_tus
- enterprise_linux_server_aus
- enterprise_linux_workstation
- enterprise_linux_server_eus
- enterprise_linux_server
- enterprise_linux_desktop
oracle
- linux
ntp
- ntp
CWE
CWE-20
Improper Input Validation