CVE-2015-5194

Опубликовано: 21 июл. 2017

Источник: debian

Описание

The log_config_command function in ntp_parser.y in ntpd in NTP before 4.2.7p42 allows remote attackers to cause a denial of service (ntpd crash) via crafted logconfig commands.

Пакеты

Пакет	Статус	Версия исправления	Релиз	Тип
ntp	fixed	1:4.2.8p3+dfsg-1		package
ntp	no-dsa		jessie	package
ntp	no-dsa		wheezy	package
ntp	no-dsa		squeeze	package

Примечания

https://github.com/ntp-project/ntp/commit/553f2fa65865c31c5e3c48812cfd46176cffdd27
Fixed in 4.2.7p42

Связанные уязвимости

CVE-2015-5194

CVSS3: 7.5

ubuntu

около 8 лет назад

The log_config_command function in ntp_parser.y in ntpd in NTP before 4.2.7p42 allows remote attackers to cause a denial of service (ntpd crash) via crafted logconfig commands.

CVE-2015-5194

redhat

почти 10 лет назад

The log_config_command function in ntp_parser.y in ntpd in NTP before 4.2.7p42 allows remote attackers to cause a denial of service (ntpd crash) via crafted logconfig commands.

CVE-2015-5194

CVSS3: 7.5

nvd

около 8 лет назад

The log_config_command function in ntp_parser.y in ntpd in NTP before 4.2.7p42 allows remote attackers to cause a denial of service (ntpd crash) via crafted logconfig commands.

GHSA-3263-mvg8-28x9

CVSS3: 7.5

github

больше 3 лет назад

The log_config_command function in ntp_parser.y in ntpd in NTP before 4.2.7p42 allows remote attackers to cause a denial of service (ntpd crash) via crafted logconfig commands.

ELSA-2016-0780

oracle-oval

больше 9 лет назад

ELSA-2016-0780: ntp security and bug fix update (MODERATE)