CVE-2015-5219 - The ULOGTOD function in ntp.d in SNTP before 4.2.7p366 does not properly perform type conversions fr

CVE-2015-5219

Summary

The ULOGTOD function in ntp.d in SNTP before 4.2.7p366 does not properly perform type conversions from a precision value to a double, which allows remote attackers to cause a denial of service (infinite loop) via a crafted NTP packet.

References

Vulnerable Configurations

cpe:2.3:o:fedoraproject:fedora:22:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:22:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:23:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:23:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:21:*:*:*:*:*:*:*
cpe:2.3:o:fedoraproject:fedora:21:*:*:*:*:*:*:*
cpe:2.3:o:suse:manager_proxy:2.1:*:*:*:*:*:*:*
cpe:2.3:o:suse:manager_proxy:2.1:*:*:*:*:*:*:*
cpe:2.3:a:suse:linux_enterprise_debuginfo:11:sp3:*:*:*:*:*:*
cpe:2.3:a:suse:linux_enterprise_debuginfo:11:sp3:*:*:*:*:*:*
cpe:2.3:o:suse:manager:2.1:*:*:*:*:*:*:*
cpe:2.3:o:suse:manager:2.1:*:*:*:*:*:*:*
cpe:2.3:a:suse:linux_enterprise_debuginfo:11:sp2:*:*:*:*:*:*
cpe:2.3:a:suse:linux_enterprise_debuginfo:11:sp2:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:ltss:*:*:*
cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:ltss:*:*:*
cpe:2.3:o:suse:openstack_cloud:5:*:*:*:*:*:*:*
cpe:2.3:o:suse:openstack_cloud:5:*:*:*:*:*:*:*
cpe:2.3:o:suse:linux_enterprise_server:11:sp2:*:*:ltss:*:*:*
cpe:2.3:o:suse:linux_enterprise_server:11:sp2:*:*:ltss:*:*:*
cpe:2.3:o:suse:linux_enterprise_server:10:sp4:*:*:ltss:*:*:*
cpe:2.3:o:suse:linux_enterprise_server:10:sp4:*:*:ltss:*:*:*
cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_hpc_node:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_hpc_node:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*
cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*
cpe:2.3:a:ntp:ntp:4.2.7:p355:*:*:*:*:*:*
cpe:2.3:a:ntp:ntp:4.2.7:p355:*:*:*:*:*:*
cpe:2.3:o:novell:leap:42.2:*:*:*:*:*:*:*
cpe:2.3:o:novell:leap:42.2:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*
cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*
cpe:2.3:o:siemens:tim_4r-ie_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:siemens:tim_4r-ie_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:tim_4r-ie:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:tim_4r-ie:-:*:*:*:*:*:*:*
cpe:2.3:o:siemens:tim_4r-id_dnp3_firmware:*:*:*:*:*:*:*:*
cpe:2.3:o:siemens:tim_4r-id_dnp3_firmware:*:*:*:*:*:*:*:*
cpe:2.3:h:siemens:tim_4r-id_dnp3:-:*:*:*:*:*:*:*
cpe:2.3:h:siemens:tim_4r-id_dnp3:-:*:*:*:*:*:*:*
cpe:2.3:o:oracle:linux:6:-:*:*:*:*:*:*
cpe:2.3:o:oracle:linux:6:-:*:*:*:*:*:*

CVSS

Base:	5.0 (as of 13-02-2023 - 00:51)
Impact:
Exploitability:

CWE

CWE-704

CAPEC

Access

Vector	Complexity	Authentication
NETWORK	LOW	NONE

Impact

Confidentiality	Integrity	Availability
NONE	NONE	PARTIAL

cvss-vector via4

AV:N/AC:L/Au:N/C:N/I:N/A:P

redhat via4

advisories

rhsa
id RHSA-2016:0780
rhsa
id RHSA-2016:2583

rpms

ntp-0:4.2.6p5-10.el6
ntp-debuginfo-0:4.2.6p5-10.el6
ntp-doc-0:4.2.6p5-10.el6
ntp-perl-0:4.2.6p5-10.el6
ntpdate-0:4.2.6p5-10.el6
ntp-0:4.2.6p5-25.el7
ntp-debuginfo-0:4.2.6p5-25.el7
ntp-doc-0:4.2.6p5-25.el7
ntp-perl-0:4.2.6p5-25.el7
ntpdate-0:4.2.6p5-25.el7
sntp-0:4.2.6p5-25.el7

refmap via4

bid	76473
confirm	http://aix.software.ibm.com/aix/efixes/security/ntp_advisory4.asc http://bk1.ntp.org/ntp-dev/?PAGE=patch&REV=51786731Gr4-NOrTBC_a_uXO4wuGhg http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html https://bugzilla.redhat.com/show_bug.cgi?id=1255118 https://github.com/ntp-project/ntp/commit/5f295cd05c3c136d39f5b3e500a2d781bdbb59c8 https://www-01.ibm.com/support/docview.wss?uid=isg3T1024157 https://www-01.ibm.com/support/docview.wss?uid=swg21985122 https://www-01.ibm.com/support/docview.wss?uid=swg21986956 https://www-01.ibm.com/support/docview.wss?uid=swg21988706 https://www-01.ibm.com/support/docview.wss?uid=swg21989542 https://www.ibm.com/support/home/docdisplay?lndocid=migr-5099409
debian	DSA-3388
fedora	FEDORA-2015-14212 FEDORA-2015-14213 FEDORA-2015-77bfbc1bcd
mlist	[oss-security] 20150825 Several low impact ntp.org ntpd issues
suse	SUSE-SU:2016:1311 openSUSE-SU:2016:3280
ubuntu	USN-2783-1

Last major update

13-02-2023 - 00:51

Published

21-07-2017 - 14:29

Last modified

13-02-2023 - 00:51