7.5

CVE-2015-5195

ntp_openssl.m4 in ntpd in NTP before 4.2.7p112 allows remote attackers to cause a denial of service (segmentation fault) via a crafted statistics or filegen configuration command that is not enabled during compilation.
Daten sind bereitgestellt durch National Vulnerability Database (NVD)
FedoraprojectFedora Version21
FedoraprojectFedora Version22
FedoraprojectFedora Version23
DebianDebian Linux Version7.0
DebianDebian Linux Version8.0
CanonicalUbuntu Linux Version12.04 SwEditionlts
CanonicalUbuntu Linux Version14.04 SwEditionlts
CanonicalUbuntu Linux Version15.04
CanonicalUbuntu Linux Version15.10
NtpNtp Updatep111 Version <= 4.2.7
Zu dieser CVE wurde keine Warnung gefunden.
EPSS Metriken
Typ Quelle Score Percentile
EPSS FIRST.org 7.48% 0.937
CVSS Metriken
Quelle Base Score Exploit Score Impact Score Vector String
nvd@nist.gov 7.5 3.9 3.6
CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
nvd@nist.gov 5 10 2.9
AV:N/AC:L/Au:N/C:N/I:N/A:P
CWE-20 Improper Input Validation

The product receives input or data, but it does not validate or incorrectly validates that the input has the properties that are required to process the data safely and correctly.

http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html
http://www.debian.org/security/2015/dsa-3388
Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2016-2583.html
Third Party Advisory
http://rhn.redhat.com/errata/RHSA-2016-0780.html
Third Party Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2015-November/170926.html
Third Party Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2015-October/169167.html
Third Party Advisory
http://www.openwall.com/lists/oss-security/2015/08/25/3
Patch
Third Party Advisory
Mailing List
http://www.ubuntu.com/usn/USN-2783-1
Third Party Advisory
https://www-01.ibm.com/support/docview.wss?uid=isg3T1024157
Third Party Advisory
https://www-01.ibm.com/support/docview.wss?uid=swg21985122
Third Party Advisory
https://www-01.ibm.com/support/docview.wss?uid=swg21986956
Third Party Advisory
https://www-01.ibm.com/support/docview.wss?uid=swg21988706
Third Party Advisory
https://www-01.ibm.com/support/docview.wss?uid=swg21989542
Third Party Advisory
http://lists.fedoraproject.org/pipermail/package-announce/2015-September/166992.html
Third Party Advisory
http://www.securityfocus.com/bid/76474
Third Party Advisory
VDB Entry
https://bugzilla.redhat.com/show_bug.cgi?id=1254544
Issue Tracking
https://github.com/ntp-project/ntp/commit/52e977d79a0c4ace997e5c74af429844da2f27be
Patch
Third Party Advisory
Issue Tracking