CVE-2015-7976 | Vulnerability Database | Aqua Security

The ntpq saveconfig command in NTP 4.1.2, 4.2.x before 4.2.8p6, 4.3, 4.3.25, 4.3.70, and 4.3.77 does not properly filter special characters, which allows attackers to cause unspecified impact via a crafted filename.

Affected Software

Name	Vendor	Start Version	End Version
Ntp	Ntp	4.1.2 (including)	4.1.2 (including)

References

http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00059.html
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00060.html
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00020.html
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00038.html
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00048.html
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00026.html
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00042.html
http://lists.opensuse.org/opensuse-updates/2016-05/msg00114.html
http://support.ntp.org/bin/view/Main/NtpBug2938
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160127-ntpd
http://www.securitytracker.com/id/1034782
http://www.ubuntu.com/usn/USN-3096-1
https://bto.bluecoat.com/security-advisory/sa113
https://security.FreeBSD.org/advisories/FreeBSD-SA-16:09.ntp.asc
https://security.gentoo.org/glsa/201607-15
https://security.netapp.com/advisory/ntap-20171031-0001/
https://www.kb.cert.org/vuls/id/718152

NVD	https://nvd.nist.gov/vuln/detail/CVE-2015-7976
CWE	https://cwe.mitre.org/data/definitions/254.html