Home

CVE-2015-7855

Description

The decodenetnum function in ntpd in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote attackers to cause a denial of service (assertion failure) via a 6 or mode 7 packet containing a long data value.

Risk Information

Base Score
6.5
MODERATE
Vector
CVSS:3.1/AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:N/A:H
EPSS Score
Exploitation Probability
60.116

Associated Vulnerability

VulnerabilityOS Platform
Multiple Vulnerabilities are affected in Netapp Oncommand Balance -Windows
Multiple Vulnerabilities in ntpd Affecting Cisco Products - October 2015 For Cisco IOS XE SoftwareNCM
Multiple Vulnerabilities in ntpd Affecting Cisco Products - October 2015 For Cisco IOSNCM
Multiple Vulnerabilities in ntpd Affecting Cisco Products - October 2015 For Cisco NX-OS SoftwareNCM
Improper Input Validation Vulnerability (CVE-2015-7855)NCM

Patch Details

Click to see the patches provided by ManageEngine for this CVE
Patch IDPatch Description
PATCH-1706107Security Update for Cisco IOS XE Software 5.2(1)SV5(1.3a)
PATCH-1706090Security Update for Cisco IOS Amsterdam-17.2.1r
PATCH-1706149Security Update for Cisco NX-OS Software 4.1(3a)UCSM

References

https://nvd.nist.gov/vuln/detail/CVE-2023-1234
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2023-1234