usn-3096-1
Vulnerability from osv_ubuntu
Published
2016-10-05 18:01
Modified
2026-02-10 04:41
Summary
ntp vulnerabilities
Details

Aanchal Malhotra discovered that NTP incorrectly handled authenticated broadcast mode. A remote attacker could use this issue to perform a replay attack. (CVE-2015-7973)

Matt Street discovered that NTP incorrectly verified peer associations of symmetric keys. A remote attacker could use this issue to perform an impersonation attack. (CVE-2015-7974)

Jonathan Gardner discovered that the NTP ntpq utility incorrectly handled memory. An attacker could possibly use this issue to cause ntpq to crash, resulting in a denial of service. This issue only affected Ubuntu 16.04 LTS. (CVE-2015-7975)

Jonathan Gardner discovered that the NTP ntpq utility incorrectly handled dangerous characters in filenames. An attacker could possibly use this issue to overwrite arbitrary files. (CVE-2015-7976)

Stephen Gray discovered that NTP incorrectly handled large restrict lists. An attacker could use this issue to cause NTP to crash, resulting in a denial of service. (CVE-2015-7977, CVE-2015-7978)

Aanchal Malhotra discovered that NTP incorrectly handled authenticated broadcast mode. A remote attacker could use this issue to cause NTP to crash, resulting in a denial of service. (CVE-2015-7979)

Jonathan Gardner discovered that NTP incorrectly handled origin timestamp checks. A remote attacker could use this issue to spoof peer servers. (CVE-2015-8138)

Jonathan Gardner discovered that the NTP ntpq utility did not properly handle certain incorrect values. An attacker could possibly use this issue to cause ntpq to hang, resulting in a denial of service. (CVE-2015-8158)

It was discovered that the NTP cronjob incorrectly cleaned up the statistics directory. A local attacker could possibly use this to escalate privileges. (CVE-2016-0727)

Stephen Gray and Matthew Van Gundy discovered that NTP incorrectly validated crypto-NAKs. A remote attacker could possibly use this issue to prevent clients from synchronizing. (CVE-2016-1547)

Miroslav Lichvar and Jonathan Gardner discovered that NTP incorrectly handled switching to interleaved symmetric mode. A remote attacker could possibly use this issue to prevent clients from synchronizing. (CVE-2016-1548)

Matthew Van Gundy, Stephen Gray and Loganaden Velvindron discovered that NTP incorrectly handled message authentication. A remote attacker could possibly use this issue to recover the message digest key. (CVE-2016-1550)

Yihan Lian discovered that NTP incorrectly handled duplicate IPs on unconfig directives. An authenticated remote attacker could possibly use this issue to cause NTP to crash, resulting in a denial of service. (CVE-2016-2516)

Yihan Lian discovered that NTP incorrectly handled certail peer associations. A remote attacker could possibly use this issue to cause NTP to crash, resulting in a denial of service. (CVE-2016-2518)

Jakub Prokes discovered that NTP incorrectly handled certain spoofed packets. A remote attacker could possibly use this issue to cause a denial of service. (CVE-2016-4954)

Miroslav Lichvar discovered that NTP incorrectly handled certain packets when autokey is enabled. A remote attacker could possibly use this issue to cause a denial of service. (CVE-2016-4955)

Miroslav Lichvar discovered that NTP incorrectly handled certain spoofed broadcast packets. A remote attacker could possibly use this issue to cause a denial of service. (CVE-2016-4956)

In the default installation, attackers would be isolated by the NTP AppArmor profile.


{
  "affected": [
    {
      "database_specific": {
        "cves_map": {
          "cves": [
            {
              "id": "CVE-2015-7973",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "low",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2015-7974",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:N",
                  "type": "CVSS_V3"
                },
                {
                  "score": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:H/A:N",
                  "type": "CVSS_V3"
                },
                {
                  "score": "low",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2015-7976",
              "severity": [
                {
                  "score": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
                  "type": "CVSS_V3"
                },
                {
                  "score": "low",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2015-7977",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2015-7978",
              "severity": [
                {
                  "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2015-7979",
              "severity": [
                {
                  "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "low",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2015-8138",
              "severity": [
                {
                  "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2015-8158",
              "severity": [
                {
                  "score": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "low",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2016-0727",
              "severity": [
                {
                  "score": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "low",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2016-1547",
              "severity": [
                {
                  "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2016-1548",
              "severity": [
                {
                  "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:L",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2016-1550",
              "severity": [
                {
                  "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2016-2516",
              "severity": [
                {
                  "score": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2016-2518",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
                  "type": "CVSS_V3"
                },
                {
                  "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
                  "type": "CVSS_V3"
                },
                {
                  "score": "low",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2016-4954",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:L",
                  "type": "CVSS_V3"
                },
                {
                  "score": "low",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2016-4955",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:L",
                  "type": "CVSS_V3"
                },
                {
                  "score": "low",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2016-4956",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
                  "type": "CVSS_V3"
                },
                {
                  "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L",
                  "type": "CVSS_V3"
                },
                {
                  "score": "low",
                  "type": "Ubuntu"
                }
              ]
            }
          ],
          "ecosystem": "Ubuntu:14.04:LTS"
        }
      },
      "ecosystem_specific": {
        "availability": "No subscription required",
        "binaries": [
          {
            "binary_name": "ntp",
            "binary_version": "1:4.2.6.p5+dfsg-3ubuntu2.14.04.10"
          },
          {
            "binary_name": "ntpdate",
            "binary_version": "1:4.2.6.p5+dfsg-3ubuntu2.14.04.10"
          }
        ]
      },
      "package": {
        "ecosystem": "Ubuntu:14.04:LTS",
        "name": "ntp",
        "purl": "pkg:deb/ubuntu/ntp@1:4.2.6.p5+dfsg-3ubuntu2.14.04.10?arch=source\u0026distro=trusty"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1:4.2.6.p5+dfsg-3ubuntu2.14.04.10"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ],
      "versions": [
        "1:4.2.6.p5+dfsg-3ubuntu2",
        "1:4.2.6.p5+dfsg-3ubuntu2.14.04.1",
        "1:4.2.6.p5+dfsg-3ubuntu2.14.04.2",
        "1:4.2.6.p5+dfsg-3ubuntu2.14.04.3",
        "1:4.2.6.p5+dfsg-3ubuntu2.14.04.5",
        "1:4.2.6.p5+dfsg-3ubuntu2.14.04.6",
        "1:4.2.6.p5+dfsg-3ubuntu2.14.04.7",
        "1:4.2.6.p5+dfsg-3ubuntu2.14.04.8"
      ]
    },
    {
      "database_specific": {
        "cves_map": {
          "cves": [
            {
              "id": "CVE-2015-7973",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:L/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "low",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2015-7974",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:C/C:N/I:H/A:N",
                  "type": "CVSS_V3"
                },
                {
                  "score": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:C/C:N/I:H/A:N",
                  "type": "CVSS_V3"
                },
                {
                  "score": "low",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2015-7975",
              "severity": [
                {
                  "score": "CVSS:3.0/AV:L/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "negligible",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2015-7976",
              "severity": [
                {
                  "score": "CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N",
                  "type": "CVSS_V3"
                },
                {
                  "score": "low",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2015-7977",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2015-7978",
              "severity": [
                {
                  "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2015-7979",
              "severity": [
                {
                  "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "low",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2015-8138",
              "severity": [
                {
                  "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:L/A:N",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2015-8158",
              "severity": [
                {
                  "score": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "low",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2016-0727",
              "severity": [
                {
                  "score": "CVSS:3.0/AV:L/AC:L/PR:L/UI:N/S:U/C:H/I:H/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "low",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2016-1547",
              "severity": [
                {
                  "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2016-1548",
              "severity": [
                {
                  "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:L/A:L",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2016-1550",
              "severity": [
                {
                  "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:N/A:N",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2016-2516",
              "severity": [
                {
                  "score": "CVSS:3.0/AV:N/AC:H/PR:L/UI:N/S:U/C:N/I:N/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "medium",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2016-2518",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
                  "type": "CVSS_V3"
                },
                {
                  "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
                  "type": "CVSS_V3"
                },
                {
                  "score": "low",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2016-4954",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:L",
                  "type": "CVSS_V3"
                },
                {
                  "score": "low",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2016-4955",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H",
                  "type": "CVSS_V3"
                },
                {
                  "score": "CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:C/C:N/I:N/A:L",
                  "type": "CVSS_V3"
                },
                {
                  "score": "low",
                  "type": "Ubuntu"
                }
              ]
            },
            {
              "id": "CVE-2016-4956",
              "severity": [
                {
                  "score": "CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:L",
                  "type": "CVSS_V3"
                },
                {
                  "score": "CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:N/I:N/A:L",
                  "type": "CVSS_V3"
                },
                {
                  "score": "low",
                  "type": "Ubuntu"
                }
              ]
            }
          ],
          "ecosystem": "Ubuntu:16.04:LTS"
        }
      },
      "ecosystem_specific": {
        "availability": "No subscription required",
        "binaries": [
          {
            "binary_name": "ntp",
            "binary_version": "1:4.2.8p4+dfsg-3ubuntu5.3"
          },
          {
            "binary_name": "ntpdate",
            "binary_version": "1:4.2.8p4+dfsg-3ubuntu5.3"
          }
        ]
      },
      "package": {
        "ecosystem": "Ubuntu:16.04:LTS",
        "name": "ntp",
        "purl": "pkg:deb/ubuntu/ntp@1:4.2.8p4+dfsg-3ubuntu5.3?arch=source\u0026distro=xenial"
      },
      "ranges": [
        {
          "events": [
            {
              "introduced": "0"
            },
            {
              "fixed": "1:4.2.8p4+dfsg-3ubuntu5.3"
            }
          ],
          "type": "ECOSYSTEM"
        }
      ],
      "versions": [
        "1:4.2.6.p5+dfsg-3ubuntu8",
        "1:4.2.6.p5+dfsg-3ubuntu8.1",
        "1:4.2.6.p5+dfsg-3ubuntu9",
        "1:4.2.8p4+dfsg-3ubuntu1",
        "1:4.2.8p4+dfsg-3ubuntu2",
        "1:4.2.8p4+dfsg-3ubuntu3",
        "1:4.2.8p4+dfsg-3ubuntu4",
        "1:4.2.8p4+dfsg-3ubuntu5",
        "1:4.2.8p4+dfsg-3ubuntu5.1",
        "1:4.2.8p4+dfsg-3ubuntu5.2"
      ]
    }
  ],
  "aliases": [],
  "details": "Aanchal Malhotra discovered that NTP incorrectly handled authenticated\nbroadcast mode. A remote attacker could use this issue to perform a replay\nattack. (CVE-2015-7973)\n\nMatt Street discovered that NTP incorrectly verified peer associations of\nsymmetric keys. A remote attacker could use this issue to perform an\nimpersonation attack. (CVE-2015-7974)\n\nJonathan Gardner discovered that the NTP ntpq utility incorrectly handled\nmemory. An attacker could possibly use this issue to cause ntpq to crash,\nresulting in a denial of service. This issue only affected Ubuntu 16.04\nLTS. (CVE-2015-7975)\n\nJonathan Gardner discovered that the NTP ntpq utility incorrectly handled\ndangerous characters in filenames. An attacker could possibly use this\nissue to overwrite arbitrary files. (CVE-2015-7976)\n\nStephen Gray discovered that NTP incorrectly handled large restrict lists.\nAn attacker could use this issue to cause NTP to crash, resulting in a\ndenial of service. (CVE-2015-7977, CVE-2015-7978)\n\nAanchal Malhotra discovered that NTP incorrectly handled authenticated\nbroadcast mode. A remote attacker could use this issue to cause NTP to\ncrash, resulting in a denial of service. (CVE-2015-7979)\n\nJonathan Gardner discovered that NTP incorrectly handled origin timestamp\nchecks. A remote attacker could use this issue to spoof peer servers.\n(CVE-2015-8138)\n\nJonathan Gardner discovered that the NTP ntpq utility did not properly\nhandle certain incorrect values. An attacker could possibly use this issue\nto cause ntpq to hang, resulting in a denial of service. (CVE-2015-8158)\n\nIt was discovered that the NTP cronjob incorrectly cleaned up the\nstatistics directory. A local attacker could possibly use this to escalate\nprivileges. (CVE-2016-0727)\n\nStephen Gray and Matthew Van Gundy discovered that NTP incorrectly\nvalidated crypto-NAKs. A remote attacker could possibly use this issue to\nprevent clients from synchronizing. (CVE-2016-1547)\n\nMiroslav Lichvar and Jonathan Gardner discovered that NTP incorrectly\nhandled switching to interleaved symmetric mode. A remote attacker could\npossibly use this issue to prevent clients from synchronizing.\n(CVE-2016-1548)\n\nMatthew Van Gundy, Stephen Gray and Loganaden Velvindron discovered that\nNTP incorrectly handled message authentication. A remote attacker could\npossibly use this issue to recover the message digest key. (CVE-2016-1550)\n\nYihan Lian discovered that NTP incorrectly handled duplicate IPs on\nunconfig directives. An authenticated remote attacker could possibly use\nthis issue to cause NTP to crash, resulting in a denial of service.\n(CVE-2016-2516)\n\nYihan Lian discovered that NTP incorrectly handled certail peer\nassociations. A remote attacker could possibly use this issue to cause NTP\nto crash, resulting in a denial of service. (CVE-2016-2518)\n\nJakub Prokes discovered that NTP incorrectly handled certain spoofed\npackets. A remote attacker could possibly use this issue to cause a denial\nof service. (CVE-2016-4954)\n\nMiroslav Lichvar discovered that NTP incorrectly handled certain packets\nwhen autokey is enabled. A remote attacker could possibly use this issue to\ncause a denial of service. (CVE-2016-4955)\n\nMiroslav Lichvar discovered that NTP incorrectly handled certain spoofed\nbroadcast packets. A remote attacker could possibly use this issue to\ncause a denial of service. (CVE-2016-4956)\n\nIn the default installation, attackers would be isolated by the NTP\nAppArmor profile.\n",
  "id": "USN-3096-1",
  "modified": "2026-02-10T04:41:02Z",
  "published": "2016-10-05T18:01:12Z",
  "references": [
    {
      "type": "ADVISORY",
      "url": "https://ubuntu.com/security/notices/USN-3096-1"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2015-7973"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2015-7974"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2015-7975"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2015-7976"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2015-7977"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2015-7978"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2015-7979"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2015-8138"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2015-8158"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2016-0727"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2016-1547"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2016-1548"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2016-1550"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2016-2516"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2016-2518"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2016-4954"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2016-4955"
    },
    {
      "type": "REPORT",
      "url": "https://ubuntu.com/security/CVE-2016-4956"
    }
  ],
  "related": [],
  "schema_version": "1.7.0",
  "summary": "ntp vulnerabilities",
  "upstream": [
    "UBUNTU-CVE-2015-7973",
    "UBUNTU-CVE-2015-7974",
    "UBUNTU-CVE-2015-7975",
    "UBUNTU-CVE-2015-7976",
    "UBUNTU-CVE-2015-7977",
    "UBUNTU-CVE-2015-7978",
    "UBUNTU-CVE-2015-7979",
    "UBUNTU-CVE-2015-8138",
    "UBUNTU-CVE-2015-8158",
    "UBUNTU-CVE-2016-0727",
    "UBUNTU-CVE-2016-1547",
    "UBUNTU-CVE-2016-1548",
    "UBUNTU-CVE-2016-1550",
    "UBUNTU-CVE-2016-2516",
    "UBUNTU-CVE-2016-2518",
    "UBUNTU-CVE-2016-4954",
    "UBUNTU-CVE-2016-4955",
    "UBUNTU-CVE-2016-4956"
  ]
}



Log in or create an account to share your comment.




Tags
Taxonomy of the tags.


Loading…

Loading…

Loading…

Forecast uses a logistic model when the trend is rising, or an exponential decay model when the trend is falling. Fitted via linearized least squares.

Sightings

Author Source Type Date Other

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or observed by the user.
  • Confirmed: The vulnerability has been validated from an analyst's perspective.
  • Published Proof of Concept: A public proof of concept is available for this vulnerability.
  • Exploited: The vulnerability was observed as exploited by the user who reported the sighting.
  • Patched: The vulnerability was observed as successfully patched by the user who reported the sighting.
  • Not exploited: The vulnerability was not observed as exploited by the user who reported the sighting.
  • Not confirmed: The user expressed doubt about the validity of the vulnerability.
  • Not patched: The vulnerability was not observed as successfully patched by the user who reported the sighting.

Loading…

Detection rules are retrieved from Rulezet.

Loading…

Loading…