Rapid7 Vulnerability & Exploit Database

Oracle Linux: CVE-2015-7852: ELSA-2016-2583 - ntp security and bug fix update

Back to Search

Oracle Linux: CVE-2015-7852: ELSA-2016-2583 - ntp security and bug fix update

Severity
8
CVSS
(AV:N/AC:L/Au:N/C:P/I:P/A:P)
Published
10/27/2015
Created
07/25/2018
Added
05/12/2016
Modified
06/22/2020

Description

Crypto-NAK packets in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to bypass authentication.

Solution(s)

  • oracle-linux-upgrade-ntp
  • oracle-linux-upgrade-ntp-doc
  • oracle-linux-upgrade-ntp-perl
  • oracle-linux-upgrade-ntpdate
  • oracle-linux-upgrade-sntp

References

  • 75589
  • 76473
  • 76474
  • 76475
  • 77273
  • 77274
  • 77278
  • 77279
  • 77280
  • 77281
  • 77283
  • 77284
  • 77285
  • 77286
  • 77287
  • 77288
  • 77312
  • 718152
  • DSA-3388
  • Category I
  • 2017-A-0028
  • CVE-2015-5146
  • CVE-2015-5194
  • CVE-2015-5195
  • CVE-2015-5219
  • CVE-2015-5300
  • CVE-2015-7691
  • CVE-2015-7692
  • CVE-2015-7701
  • CVE-2015-7702
  • CVE-2015-7703
  • CVE-2015-7704
  • CVE-2015-7705
  • CVE-2015-7850
  • CVE-2015-7852
  • CVE-2015-7853
  • CVE-2015-7855
  • CVE-2015-7871
  • RHSA-2015:1930
  • RHSA-2015:2520
  • RHSA-2016:0780
  • RHSA-2016:2583
View more

insightVM

Advanced vulnerability management analytics and reporting.
Key Features
Free InsightVM Trial View All Features

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;