- Home
- CVEs with nessus.description==CVE-2015-5194
The log_config_command function in ntp_parser.y in ntpd in NTP before 4.2.7p42 allows remote attackers to cause a denial of service (ntpd crash) via crafted logconfig commands.
CVE-2015-5195 ntp_openssl.m4 in ntpd in NTP before 4.2.7p112 allows remote attackers to cause a denial of service (segmentation fault) via a crafted statistics or filegen configuration command that is not enabled during compilation.
Impact
The ntpd process could stop responding, due to an uninitialized variable, when processing malformed configuration commands.
F5 has evaluated this vulnerability as having low impact to the BIG-IP product line for the following reasons :
This issue is not exposed in a BIG-IP system default configuration.
The configuration that exposes the issue is not recommended by F5.
Max CVSS | 0 |
Min CVSS | 0 |
Total Count | 2 |
| ID | CVSS | Summary | Last (major) update | Published |
Back to Top
Mark selected
Back to Top