CVE-2015-5194 — HIGH (7.5) — White Hats Nepal

Q: What is CVE-2015-5194?

CVE-2015-5194 is a vulnerability with a CVSS score of 7.5 (HIGH). The log_config_command function in ntp_parser.y in ntpd in NTP before 4.2.7p42 allows remote attackers to cause a denial of service (ntpd crash) via crafted logconfig commands.

Q: How severe is CVE-2015-5194?

CVE-2015-5194 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2015-5194?

Check the references section above for vendor advisories and patch information. Affected products include: Fedoraproject Fedora, Suse Linux Enterprise Debuginfo, Suse Linux Enterprise Server, Suse Manager, Suse Manager Proxy.

Vulnerability Description

The log_config_command function in ntp_parser.y in ntpd in NTP before 4.2.7p42 allows remote attackers to cause a denial of service (ntpd crash) via crafted logconfig commands.

CVSS Score

7.5

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

NONE

Integrity

NONE

Availability

HIGH

Affected Products

Vendor	Product	Versions
Fedoraproject	Fedora	21
Suse	Linux Enterprise Debuginfo	11
Suse	Linux Enterprise Server	10
Suse	Manager	2.1
Suse	Manager Proxy	2.1
Suse	Openstack Cloud	5
Redhat	Enterprise Linux Desktop	6.0
Redhat	Enterprise Linux Hpc Node	6.0
Redhat	Enterprise Linux Server	6.0
Redhat	Enterprise Linux Workstation	6.0
Debian	Debian Linux	7.0
Canonical	Ubuntu Linux	12.04
Ntp	Ntp	<= 4.2.7

Related Weaknesses (CWE)

CWE-20

References

http://bk1.ntp.org/ntp-dev/?PAGE=patch&REV=4c4fc141LwvcoGp-lLGhkAFp3ZvtrAIssue TrackingPatchVendor Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2015-November/170926.hThird Party Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2015-October/169167.htThird Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00048.htmlThird Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00026.htmlThird Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00042.htmlThird Party Advisory
http://rhn.redhat.com/errata/RHSA-2016-0780.htmlThird Party Advisory
http://rhn.redhat.com/errata/RHSA-2016-2583.htmlThird Party Advisory
http://www.debian.org/security/2015/dsa-3388Third Party Advisory
http://www.openwall.com/lists/oss-security/2015/08/25/3Mailing ListPatchThird Party Advisory
http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.h
http://www.securityfocus.com/bid/76475Third Party AdvisoryVDB Entry
http://www.ubuntu.com/usn/USN-2783-1Third Party Advisory
https://bugzilla.redhat.com/show_bug.cgi?id=1254542Issue TrackingPatch
https://github.com/ntp-project/ntp/commit/553f2fa65865c31c5e3c48812cfd46176cffddIssue TrackingPatchThird Party Advisory

FAQ

What is CVE-2015-5194?

CVE-2015-5194 is a vulnerability with a CVSS score of 7.5 (HIGH). The log_config_command function in ntp_parser.y in ntpd in NTP before 4.2.7p42 allows remote attackers to cause a denial of service (ntpd crash) via crafted logconfig commands.

How severe is CVE-2015-5194?

CVE-2015-5194 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2015-5194?

Check the references section above for vendor advisories and patch information. Affected products include: Fedoraproject Fedora, Suse Linux Enterprise Debuginfo, Suse Linux Enterprise Server, Suse Manager, Suse Manager Proxy.