CVE - CVE-2015-5194

CVE-ID
CVE-2015-5194	Learn more at National Vulnerability Database (NVD) • CVSS Severity Rating • Fix Information • Vulnerable Software Versions • SCAP Mappings • CPE Information
Description
The log_config_command function in ntp_parser.y in ntpd in NTP before 4.2.7p42 allows remote attackers to cause a denial of service (ntpd crash) via crafted logconfig commands.
References
Note: References are provided for the convenience of the reader to help distinguish between vulnerabilities. The list is not intended to be complete.
MISC:76475 URL:http://www.securityfocus.com/bid/76475 MISC:DSA-3388 URL:http://www.debian.org/security/2015/dsa-3388 MISC:FEDORA-2015-14212 URL:http://lists.fedoraproject.org/pipermail/package-announce/2015-October/169167.html MISC:FEDORA-2015-77bfbc1bcd URL:http://lists.fedoraproject.org/pipermail/package-announce/2015-November/170926.html MISC:RHSA-2016:0780 URL:http://rhn.redhat.com/errata/RHSA-2016-0780.html MISC:RHSA-2016:2583 URL:http://rhn.redhat.com/errata/RHSA-2016-2583.html MISC:SUSE-SU:2016:1311 URL:http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00048.html MISC:SUSE-SU:2016:1912 URL:http://lists.opensuse.org/opensuse-security-announce/2016-07/msg00026.html MISC:SUSE-SU:2016:2094 URL:http://lists.opensuse.org/opensuse-security-announce/2016-08/msg00042.html MISC:USN-2783-1 URL:http://www.ubuntu.com/usn/USN-2783-1 MISC:[oss-security] 20150825 Several low impact ntp.org ntpd issues URL:http://www.openwall.com/lists/oss-security/2015/08/25/3 MISC:http://bk1.ntp.org/ntp-dev/?PAGE=patch&REV=4c4fc141LwvcoGp-lLGhkAFp3ZvtrA URL:http://bk1.ntp.org/ntp-dev/?PAGE=patch&REV=4c4fc141LwvcoGp-lLGhkAFp3ZvtrA MISC:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html URL:http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html MISC:https://bugzilla.redhat.com/show_bug.cgi?id=1254542 URL:https://bugzilla.redhat.com/show_bug.cgi?id=1254542 MISC:https://github.com/ntp-project/ntp/commit/553f2fa65865c31c5e3c48812cfd46176cffdd27 URL:https://github.com/ntp-project/ntp/commit/553f2fa65865c31c5e3c48812cfd46176cffdd27 MISC:https://www-01.ibm.com/support/docview.wss?uid=isg3T1024157 URL:https://www-01.ibm.com/support/docview.wss?uid=isg3T1024157 MISC:https://www-01.ibm.com/support/docview.wss?uid=swg21985122 URL:https://www-01.ibm.com/support/docview.wss?uid=swg21985122 MISC:https://www-01.ibm.com/support/docview.wss?uid=swg21986956 URL:https://www-01.ibm.com/support/docview.wss?uid=swg21986956 MISC:https://www-01.ibm.com/support/docview.wss?uid=swg21988706 URL:https://www-01.ibm.com/support/docview.wss?uid=swg21988706 MISC:https://www-01.ibm.com/support/docview.wss?uid=swg21989542 URL:https://www-01.ibm.com/support/docview.wss?uid=swg21989542
Assigning CNA
Red Hat, Inc.
Date Record Created
20150701	Disclaimer: The record creation date may reflect when the CVE ID was allocated or reserved, and does not necessarily indicate when this vulnerability was discovered, shared with the affected vendor, publicly disclosed, or updated in CVE.
Phase (Legacy)
Assigned (20150701)
Votes (Legacy)

Comments (Legacy)

Proposed (Legacy)
N/A
This is an record on the CVE List, which provides common identifiers for publicly known cybersecurity vulnerabilities.
Search CVE Using Keywords: You can also search by reference using the CVE Reference Maps.
For More Information: CVE Request Web Form (select "Other" from dropdown)

Use of the CVE® List and the associated references from this website are subject to the terms of use. CVE is sponsored by the U.S. Department of Homeland Security (DHS) Cybersecurity and Infrastructure Security Agency (CISA). Copyright © 1999–2024, The MITRE Corporation. CVE and the CVE logo are registered trademarks of The MITRE Corporation.