← back
CVE-2015-7851

CVE-2015-7851

EPSS 3.9%
Directory traversal vulnerability in the save_config function in ntpd in ntp_control.c in NTP before 4.2.8p4, when used on systems that do not use '\' or '/' characters for directory separation such as OpenVMS, allows remote authenticated users to overwrite arbitrary files.
Affected products
n/a · n/a

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →
References
http://support.ntp.org/bin/view/Main/NtpBug2918http://support.ntp.org/bin/view/Main/SecurityNoticehttp://www.talosintel.com/reports/TALOS-2015-0062/