CVE Vulnerabilities

CVE-2015-8158

Published: Jan 30, 2017 | Modified: Jan 05, 2018
CVSS 3.x
5.9
MEDIUM
Source:
NVD
CVSS:3.0/AV:N/AC:H/PR:N/UI:N/S:U/C:N/I:N/A:H
CVSS 2.x
4.3 MEDIUM
AV:N/AC:M/Au:N/C:N/I:N/A:P
RedHat/V2
4.3 LOW
AV:N/AC:M/Au:N/C:N/I:N/A:P
RedHat/V3
Ubuntu
LOW

The getresponse function in ntpq in NTP versions before 4.2.8p9 and 4.3.x before 4.3.90 allows remote attackers to cause a denial of service (infinite loop) via crafted packets with incorrect values.

Affected Software

Name Vendor Start Version End Version
Ntp Ntp * 4.2.8 (including)
Ntp Ntp 4.3.0 (including) 4.3.0 (including)
Ntp Ntp 4.3.1 (including) 4.3.1 (including)
Ntp Ntp 4.3.2 (including) 4.3.2 (including)
Ntp Ntp 4.3.3 (including) 4.3.3 (including)
Ntp Ntp 4.3.4 (including) 4.3.4 (including)
Ntp Ntp 4.3.5 (including) 4.3.5 (including)
Ntp Ntp 4.3.6 (including) 4.3.6 (including)
Ntp Ntp 4.3.7 (including) 4.3.7 (including)
Ntp Ntp 4.3.8 (including) 4.3.8 (including)
Ntp Ntp 4.3.10 (including) 4.3.10 (including)
Ntp Ntp 4.3.11 (including) 4.3.11 (including)
Ntp Ntp 4.3.12 (including) 4.3.12 (including)
Ntp Ntp 4.3.13 (including) 4.3.13 (including)
Ntp Ntp 4.3.14 (including) 4.3.14 (including)
Ntp Ntp 4.3.15 (including) 4.3.15 (including)
Ntp Ntp 4.3.16 (including) 4.3.16 (including)
Ntp Ntp 4.3.17 (including) 4.3.17 (including)
Ntp Ntp 4.3.18 (including) 4.3.18 (including)
Ntp Ntp 4.3.19 (including) 4.3.19 (including)
Ntp Ntp 4.3.20 (including) 4.3.20 (including)
Ntp Ntp 4.3.21 (including) 4.3.21 (including)
Ntp Ntp 4.3.22 (including) 4.3.22 (including)
Ntp Ntp 4.3.23 (including) 4.3.23 (including)
Ntp Ntp 4.3.24 (including) 4.3.24 (including)
Ntp Ntp 4.3.25 (including) 4.3.25 (including)
Ntp Ntp 4.3.26 (including) 4.3.26 (including)
Ntp Ntp 4.3.27 (including) 4.3.27 (including)
Ntp Ntp 4.3.28 (including) 4.3.28 (including)
Ntp Ntp 4.3.29 (including) 4.3.29 (including)
Ntp Ntp 4.3.30 (including) 4.3.30 (including)
Ntp Ntp 4.3.31 (including) 4.3.31 (including)
Ntp Ntp 4.3.32 (including) 4.3.32 (including)
Ntp Ntp 4.3.33 (including) 4.3.33 (including)
Ntp Ntp 4.3.34 (including) 4.3.34 (including)
Ntp Ntp 4.3.35 (including) 4.3.35 (including)
Ntp Ntp 4.3.36 (including) 4.3.36 (including)
Ntp Ntp 4.3.37 (including) 4.3.37 (including)
Ntp Ntp 4.3.38 (including) 4.3.38 (including)
Ntp Ntp 4.3.39 (including) 4.3.39 (including)
Ntp Ntp 4.3.40 (including) 4.3.40 (including)
Ntp Ntp 4.3.41 (including) 4.3.41 (including)
Ntp Ntp 4.3.42 (including) 4.3.42 (including)
Ntp Ntp 4.3.43 (including) 4.3.43 (including)
Ntp Ntp 4.3.44 (including) 4.3.44 (including)
Ntp Ntp 4.3.45 (including) 4.3.45 (including)
Ntp Ntp 4.3.46 (including) 4.3.46 (including)
Ntp Ntp 4.3.47 (including) 4.3.47 (including)
Ntp Ntp 4.3.48 (including) 4.3.48 (including)
Ntp Ntp 4.3.49 (including) 4.3.49 (including)
Ntp Ntp 4.3.50 (including) 4.3.50 (including)
Ntp Ntp 4.3.51 (including) 4.3.51 (including)
Ntp Ntp 4.3.52 (including) 4.3.52 (including)
Ntp Ntp 4.3.53 (including) 4.3.53 (including)
Ntp Ntp 4.3.54 (including) 4.3.54 (including)
Ntp Ntp 4.3.55 (including) 4.3.55 (including)
Ntp Ntp 4.3.56 (including) 4.3.56 (including)
Ntp Ntp 4.3.57 (including) 4.3.57 (including)
Ntp Ntp 4.3.58 (including) 4.3.58 (including)
Ntp Ntp 4.3.59 (including) 4.3.59 (including)
Ntp Ntp 4.3.60 (including) 4.3.60 (including)
Ntp Ntp 4.3.61 (including) 4.3.61 (including)
Ntp Ntp 4.3.62 (including) 4.3.62 (including)
Ntp Ntp 4.3.63 (including) 4.3.63 (including)
Ntp Ntp 4.3.64 (including) 4.3.64 (including)
Ntp Ntp 4.3.65 (including) 4.3.65 (including)
Ntp Ntp 4.3.66 (including) 4.3.66 (including)
Ntp Ntp 4.3.67 (including) 4.3.67 (including)
Ntp Ntp 4.3.68 (including) 4.3.68 (including)
Ntp Ntp 4.3.69 (including) 4.3.69 (including)
Ntp Ntp 4.3.70 (including) 4.3.70 (including)
Ntp Ntp 4.3.71 (including) 4.3.71 (including)
Ntp Ntp 4.3.72 (including) 4.3.72 (including)
Ntp Ntp 4.3.73 (including) 4.3.73 (including)
Ntp Ntp 4.3.74 (including) 4.3.74 (including)
Ntp Ntp 4.3.75 (including) 4.3.75 (including)
Ntp Ntp 4.3.76 (including) 4.3.76 (including)
Ntp Ntp 4.3.77 (including) 4.3.77 (including)
Ntp Ntp 4.3.78 (including) 4.3.78 (including)
Ntp Ntp 4.3.79 (including) 4.3.79 (including)
Ntp Ntp 4.3.80 (including) 4.3.80 (including)
Ntp Ntp 4.3.81 (including) 4.3.81 (including)
Ntp Ntp 4.3.82 (including) 4.3.82 (including)
Ntp Ntp 4.3.83 (including) 4.3.83 (including)
Ntp Ntp 4.3.84 (including) 4.3.84 (including)
Ntp Ntp 4.3.85 (including) 4.3.85 (including)
Ntp Ntp 4.3.86 (including) 4.3.86 (including)
Ntp Ntp 4.3.87 (including) 4.3.87 (including)
Ntp Ntp 4.3.88 (including) 4.3.88 (including)
Ntp Ntp 4.3.89 (including) 4.3.89 (including)
Red Hat Enterprise Linux 7 RedHat ntp-0:4.2.6p5-25.el7 *
Ntp Ubuntu precise *
Ntp Ubuntu trusty *
Ntp Ubuntu upstream *
Ntp Ubuntu vivid *
Ntp Ubuntu vivid/stable-phone-overlay *
Ntp Ubuntu wily *
Ntp Ubuntu xenial *

References