CVE-2015-5300 — HIGH (7.5) — White Hats Nepal

Q: How severe is CVE-2015-5300?

CVE-2015-5300 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.

Q: Is there a patch for CVE-2015-5300?

Check the references section above for vendor advisories and patch information. Affected products include: Fedoraproject Fedora, Suse Linux Enterprise Debuginfo, Opensuse Leap, Opensuse Opensuse, Suse Linux Enterprise Desktop.

Vulnerability Description

The panic_gate check in NTP before 4.2.8p5 is only re-enabled after the first change to the system clock that was greater than 128 milliseconds by default, which allows remote attackers to set NTP to an arbitrary time when started with the -g option, or to alter the time by up to 900 seconds otherwise by responding to an unspecified number of requests from trusted sources, and leveraging a resulting denial of service (abort and restart).

CVSS Score

7.5

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality

NONE

Integrity

NONE

Availability

HIGH

Affected Products

Vendor	Product	Versions
Fedoraproject	Fedora	21
Suse	Linux Enterprise Debuginfo	11
Opensuse	Leap	42.1
Opensuse	Opensuse	13.2
Suse	Linux Enterprise Desktop	12
Suse	Linux Enterprise Server	10
Suse	Linux Enterprise Software Development Kit	12
Suse	Manager	2.1
Suse	Manager Proxy	2.1
Suse	Openstack Cloud	5
Suse	Suse Linux Enterprise Server	12
Redhat	Enterprise Linux Desktop	6.0
Redhat	Enterprise Linux Hpc Node	6.0
Redhat	Enterprise Linux Hpc Node Eus	7.1
Redhat	Enterprise Linux Server	6.0
Redhat	Enterprise Linux Server Eus	6.7.z
Redhat	Enterprise Linux Workstation	6.0
Debian	Debian Linux	7.0
Canonical	Ubuntu Linux	12.04
Ntp	Ntp	<= 4.2.8

Related Weaknesses (CWE)

CWE-361

References

http://aix.software.ibm.com/aix/efixes/security/ntp_advisory5.ascThird Party Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2015-November/170684.hThird Party Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2015-November/170926.hThird Party Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2016-February/177507.hThird Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00059.htmlThird Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-04/msg00060.htmlThird Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00020.htmlThird Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00038.htmlThird Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00048.htmlThird Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00026.htmlThird Party Advisory
http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00042.htmlThird Party Advisory
http://lists.opensuse.org/opensuse-updates/2016-05/msg00114.htmlThird Party Advisory
http://rhn.redhat.com/errata/RHSA-2015-1930.htmlThird Party Advisory
http://seclists.org/bugtraq/2016/Feb/164Mailing ListThird Party Advisory
http://support.ntp.org/bin/view/Main/NtpBug2956Issue TrackingPatchVendor Advisory

FAQ

What is CVE-2015-5300?

CVE-2015-5300 is a vulnerability with a CVSS score of 7.5 (HIGH). The panic_gate check in NTP before 4.2.8p5 is only re-enabled after the first change to the system clock that was greater than 128 milliseconds by default, which allows remote attackers to set NTP to ...

How severe is CVE-2015-5300?

CVE-2015-5300 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.

Is there a patch for CVE-2015-5300?

Check the references section above for vendor advisories and patch information. Affected products include: Fedoraproject Fedora, Suse Linux Enterprise Debuginfo, Opensuse Leap, Opensuse Opensuse, Suse Linux Enterprise Desktop.