1
PublicDateAtUSN: 2015-10-22
2
Candidate: CVE-2015-7852
5
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7852
6
http://support.ntp.org/bin/view/Main/SecurityNotice#October_2015_NTP_Security_Vulner
7
http://blog.talosintel.com/2015/10/ntpd-vulnerabilities.html
8
http://talosintel.com/reports/TALOS-2015-0063/
9
https://usn.ubuntu.com/usn/usn-2783-1
11
ntpq in NTP 4.2.x before 4.2.8p4, and 4.3.x before 4.3.77 allows remote
12
attackers to cause a denial of service (crash) via crafted mode 6 response
17
http://bugs.ntp.org/show_bug.cgi?id=2919
19
Discovered-by: Yves Younan and Aleksander Nikolich
23
upstream: https://github.com/ntp-project/ntp/commit/07a5b8141e354a998a52994c3c9cd547927e56ce
24
upstream_ntp: needs-triage
25
precise_ntp: released (1:4.2.6.p3+dfsg-1ubuntu3.6)
26
trusty_ntp: released (1:4.2.6.p5+dfsg-3ubuntu2.14.04.5)
27
vivid_ntp: released (1:4.2.6.p5+dfsg-3ubuntu6.2)
28
wily_ntp: released (1:4.2.6.p5+dfsg-3ubuntu8.1)
29
devel_ntp: released (1:4.2.6.p5+dfsg-3ubuntu8.1)
30
vivid/stable-phone-overlay_ntp: released (1:4.2.6.p5+dfsg-3ubuntu6.2)
31
vivid/ubuntu-core_ntp: DNE