Ntp · Ntp Ntpd · CVE-2015-7703
**Name of the Vulnerable Software and Affected Versions**
NTP ntpd versions 4.2.x through 4.2.8p3
NTP ntpd versions 4.3.x through 4.3.76
**Description**
The issue allows remote attackers with an IP address that is allowed to send configuration requests, and with knowledge of the remote configuration password, to write to arbitrary files via the :config command. This is possible when ntpd is configured to allow remote configuration.
**Recommendations**
For NTP ntpd versions 4.2.x through 4.2.8p3, update to version 4.2.8p4 or later.
For NTP ntpd versions 4.3.x through 4.3.76, update to version 4.3.77 or later.