National Vulnerability Database

National Vulnerability Database

National Vulnerability
Database

Vulnerability Change Record for CVE-2015-7976

Change History

Initial Analysis - 2/24/2017 2:00:20 PM

Action Type Old Value New Value
Added CPE Configuration
OR
     *cpe:2.3:a:ntp:ntp:4.2.8:p5:*:*:*:*:*:* (and previous)
Changed Reference Type
https://security.gentoo.org/glsa/201607-15 No Types Assigned
https://security.gentoo.org/glsa/201607-15 Third Party Advisory
Changed Reference Type
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00026.html No Types Assigned
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00026.html Third Party Advisory
Changed Reference Type
http://lists.opensuse.org/opensuse-updates/2016-05/msg00114.html No Types Assigned
http://lists.opensuse.org/opensuse-updates/2016-05/msg00114.html Third Party Advisory
Added CPE Configuration
OR
     *cpe:2.3:a:ntp:ntp:4.3.0:*:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.3.1:*:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.3.10:*:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.3.11:*:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.3.12:*:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.3.13:*:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.3.14:*:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.3.15:*:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.3.16:*:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.3.17:*:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.3.18:*:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.3.19:*:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.3.2:*:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.3.20:*:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.3.21:*:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.3.22:*:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.3.23:*:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.3.24:*:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.3.25:*:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.3.26:*:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.3.27:*:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.3.28:*:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.3.29:*:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.3.3:*:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.3.30:*:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.3.31:*:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.3.32:*:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.3.33:*:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.3.34:*:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.3.35:*:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.3.36:*:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.3.37:*:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.3.38:*:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.3.39:*:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.3.4:*:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.3.40:*:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.3.41:*:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.3.42:*:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.3.43:*:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.3.44:*:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.3.45:*:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.3.46:*:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.3.47:*:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.3.48:*:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.3.49:*:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.3.5:*:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.3.50:*:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.3.51:*:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.3.52:*:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.3.53:*:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.3.54:*:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.3.55:*:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.3.56:*:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.3.57:*:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.3.58:*:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.3.59:*:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.3.6:*:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.3.60:*:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.3.61:*:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.3.62:*:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.3.63:*:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.3.64:*:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.3.65:*:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.3.66:*:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.3.67:*:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.3.68:*:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.3.69:*:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.3.7:*:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.3.70:*:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.3.71:*:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.3.72:*:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.3.73:*:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.3.74:*:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.3.75:*:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.3.76:*:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.3.77:*:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.3.78:*:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.3.79:*:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.3.8:*:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.3.80:*:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.3.81:*:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.3.82:*:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.3.83:*:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.3.84:*:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.3.85:*:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.3.86:*:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.3.87:*:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.3.88:*:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.3.89:*:*:*:*:*:*:*
     *cpe:2.3:a:ntp:ntp:4.3.9:*:*:*:*:*:*:*
Changed Reference Type
http://www.securitytracker.com/id/1034782 No Types Assigned
http://www.securitytracker.com/id/1034782 Third Party Advisory, VDB Entry
Added CPE Configuration
OR
     *cpe:2.3:a:ntp:ntp:4.1.2:*:*:*:*:*:*:*
Changed Reference Type
https://www.kb.cert.org/vuls/id/718152 No Types Assigned
https://www.kb.cert.org/vuls/id/718152 Third Party Advisory, US Government Resource
Changed Reference Type
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00048.html No Types Assigned
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00048.html Third Party Advisory
Changed Reference Type
https://bto.bluecoat.com/security-advisory/sa113 No Types Assigned
https://bto.bluecoat.com/security-advisory/sa113 Third Party Advisory
Changed Reference Type
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00059.html No Types Assigned
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00059.html Third Party Advisory
Changed Reference Type
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00042.html No Types Assigned
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00042.html Third Party Advisory
Changed Reference Type
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00060.html No Types Assigned
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00060.html Third Party Advisory
Added CPE Configuration
OR
     *cpe:2.3:a:suse:linux_enterprise_debuginfo:11:sp2:*:*:*:*:*:*
     *cpe:2.3:a:suse:linux_enterprise_debuginfo:11:sp3:*:*:*:*:*:*
     *cpe:2.3:a:suse:linux_enterprise_debuginfo:11:sp4:*:*:*:*:*:*
     *cpe:2.3:a:suse:manager:2.1:*:*:*:*:*:*:*
     *cpe:2.3:a:suse:manager_proxy:2.1:*:*:*:*:*:*:*
     *cpe:2.3:o:novell:leap:42.1:*:*:*:*:*:*:*
     *cpe:2.3:o:novell:opensuse:13.2:*:*:*:*:*:*:*
     *cpe:2.3:o:novell:suse_openstack_cloud:5:*:*:*:*:*:*:*
     *cpe:2.3:o:suse:linux_enterprise_desktop:12:*:*:*:*:*:*:*
     *cpe:2.3:o:suse:linux_enterprise_desktop:12:sp1:*:*:*:*:*:*
     *cpe:2.3:o:suse:linux_enterprise_server:10:sp4:*:*:ltss:*:*:*
     *cpe:2.3:o:suse:linux_enterprise_server:11:sp2:*:*:ltss:*:*:*
     *cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:ltss:*:*:*
     *cpe:2.3:o:suse:linux_enterprise_server:11:sp4:*:*:*:*:*:*
     *cpe:2.3:o:suse:linux_enterprise_server:12:*:*:*:*:*:*:*
     *cpe:2.3:o:suse:linux_enterprise_server:12:sp1:*:*:*:*:*:*
Added CWE
CWE-254
Added CVSS V2
(AV:N/AC:L/Au:S/C:N/I:P/A:N)
Added CVSS V3
AV:N/AC:L/PR:L/UI:N/S:U/C:N/I:L/A:N
Changed Reference Type
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00020.html No Types Assigned
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00020.html Third Party Advisory
Changed Reference Type
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00038.html No Types Assigned
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00038.html Third Party Advisory
Changed Reference Type
http://support.ntp.org/bin/view/Main/NtpBug2938 No Types Assigned
http://support.ntp.org/bin/view/Main/NtpBug2938 Vendor Advisory
Changed Reference Type
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160127-ntpd No Types Assigned
http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20160127-ntpd Third Party Advisory
Changed Reference Type
http://www.ubuntu.com/usn/USN-3096-1 No Types Assigned
http://www.ubuntu.com/usn/USN-3096-1 Third Party Advisory