CVE-2015-7851

Directory traversal vulnerability in the save_config function in ntpd in ntp_control.c in NTP before 4.2.8p4, when used on systems that do not use ” or ‘/’ characters for directory separation such as OpenVMS, allows remote authenticated users to overwrite arbitrary files.

Source: CVE-2015-7851