CVE-2015-5219

HIGH
New! CVE Severity Now Using CVSS v3

The calculated severity for CVEs has been updated to use CVSS v3 by default. CVEs that do not have a CVSS v3 score will fall back CVSS v2 for calculating severity. Severity display preferences can be toggled in the settings dropdown.

Description

The ULOGTOD function in ntp.d in SNTP before 4.2.7p366 does not properly perform type conversions from a precision value to a double, which allows remote attackers to cause a denial of service (infinite loop) via a crafted NTP packet.

References

https://www-01.ibm.com/support/docview.wss?uid=swg21989542

https://www-01.ibm.com/support/docview.wss?uid=swg21988706

https://www-01.ibm.com/support/docview.wss?uid=swg21986956

https://www-01.ibm.com/support/docview.wss?uid=swg21985122

https://www-01.ibm.com/support/docview.wss?uid=isg3T1024157

https://www.ibm.com/support/home/docdisplay?lndocid=migr-5099409

https://github.com/ntp-project/ntp/commit/5f295cd05c3c136d39f5b3e500a2d781bdbb59c8

https://bugzilla.redhat.com/show_bug.cgi?id=1255118

http://www.ubuntu.com/usn/USN-2783-1

http://www.securityfocus.com/bid/76473

http://www.openwall.com/lists/oss-security/2015/08/25/3

http://www.debian.org/security/2015/dsa-3388

http://rhn.redhat.com/errata/RHSA-2016-2583.html

http://rhn.redhat.com/errata/RHSA-2016-0780.html

http://lists.opensuse.org/opensuse-updates/2016-12/msg00153.html

http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00048.html

http://lists.fedoraproject.org/pipermail/package-announce/2015-September/166992.html

http://lists.fedoraproject.org/pipermail/package-announce/2015-October/169167.html

http://lists.fedoraproject.org/pipermail/package-announce/2015-November/170926.html

http://aix.software.ibm.com/aix/efixes/security/ntp_advisory4.asc

http://bk1.ntp.org/ntp-dev/?PAGE=patch&REV=51786731Gr4-NOrTBC_a_uXO4wuGhg

http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html

https://cert-portal.siemens.com/productcert/pdf/ssa-497656.pdf

https://us-cert.cisa.gov/ics/advisories/icsa-21-103-11

Details

Source: MITRE

Published: 2017-07-21

Updated: 2021-04-19

Type: CWE-704

Risk Information

CVSS v2

Base Score: 5

Vector: AV:N/AC:L/Au:N/C:N/I:N/A:P

Impact Score: 2.9

Exploitability Score: 10

Severity: MEDIUM

CVSS v3

Base Score: 7.5

Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

Impact Score: 3.6

Exploitability Score: 3.9

Severity: HIGH

Vulnerable Software

Configuration 1

OR

cpe:2.3:o:fedoraproject:fedora:23:*:*:*:*:*:*:*

cpe:2.3:o:fedoraproject:fedora:22:*:*:*:*:*:*:*

cpe:2.3:o:fedoraproject:fedora:21:*:*:*:*:*:*:*

Configuration 2

OR

cpe:2.3:o:suse:linux_enterprise_server:11:sp2:*:*:ltss:*:*:*

cpe:2.3:a:suse:linux_enterprise_debuginfo:11:sp2:*:*:*:*:*:*

cpe:2.3:a:suse:linux_enterprise_debuginfo:11:sp3:*:*:*:*:*:*

cpe:2.3:o:suse:linux_enterprise_server:10:sp4:*:*:ltss:*:*:*

cpe:2.3:o:suse:openstack_cloud:5:*:*:*:*:*:*:*

cpe:2.3:o:suse:manager_proxy:2.1:*:*:*:*:*:*:*

cpe:2.3:o:suse:manager:2.1:*:*:*:*:*:*:*

cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:ltss:*:*:*

Configuration 3

OR

cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server:7.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_server:6.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_hpc_node:6.0:*:*:*:*:*:*:*

cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:*:*:*:*:*:*:*

Configuration 4

OR

cpe:2.3:o:debian:debian_linux:8.0:*:*:*:*:*:*:*

cpe:2.3:o:debian:debian_linux:7.0:*:*:*:*:*:*:*

Configuration 5

OR

cpe:2.3:o:canonical:ubuntu_linux:15.04:*:*:*:*:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:15.10:*:*:*:*:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:14.04:*:*:*:lts:*:*:*

cpe:2.3:o:canonical:ubuntu_linux:12.04:*:*:*:lts:*:*:*

Configuration 6

OR

cpe:2.3:a:ntp:ntp:*:p355:*:*:*:*:*:* versions up to 4.2.7 (inclusive)

Configuration 7

OR

cpe:2.3:o:opensuse:leap:42.1:*:*:*:*:*:*:*

cpe:2.3:o:novell:leap:42.2:*:*:*:*:*:*:*

Configuration 8

AND

OR

cpe:2.3:o:siemens:tim_4r-ie_firmware:*:*:*:*:*:*:*:*

OR

cpe:2.3:h:siemens:tim_4r-ie:-:*:*:*:*:*:*:*

Configuration 9

AND

OR

cpe:2.3:o:siemens:tim_4r-id_dnp3_firmware:*:*:*:*:*:*:*:*

OR

cpe:2.3:h:siemens:tim_4r-id_dnp3:-:*:*:*:*:*:*:*

Configuration 10

OR

cpe:2.3:o:oracle:linux:6:-:*:*:*:*:*:*

Tenable Plugins

View all (33 total)

IDNameProductFamilySeverity
125008EulerOS Virtualization 3.0.1.0 : ntp (EulerOS-SA-2019-1555)NessusHuawei Local Security Checks
high
102322AIX NTP v4 Advisory : ntp_advisory4.asc (IV79954) (IV79954)NessusAIX Local Security Checks
high
102321AIX NTP v3 Advisory : ntp_advisory4.asc (IV79942) (IV79943) (IV79944) (IV79945) (IV79946)NessusAIX Local Security Checks
high
99822EulerOS 2.0 SP1 : ntp (EulerOS-SA-2016-1060)NessusHuawei Local Security Checks
high
96715SUSE SLES11 Security Update : ntp (SUSE-SU-2017:0255-1)NessusSuSE Local Security Checks
high
96173openSUSE Security Update : ntp (openSUSE-2016-1525)NessusSuSE Local Security Checks
high
95988SUSE SLES12 Security Update : ntp (SUSE-SU-2016:3196-1)NessusSuSE Local Security Checks
high
95987SUSE SLED12 / SLES12 Security Update : ntp (SUSE-SU-2016:3195-1)NessusSuSE Local Security Checks
high
95986SUSE SLES11 Security Update : ntp (SUSE-SU-2016:3193-1)NessusSuSE Local Security Checks
high
95850Scientific Linux Security Update : ntp on SL7.x x86_64 (20161103)NessusScientific Linux Local Security Checks
high
95330CentOS 7 : ntp (CESA-2016:2583)NessusCentOS Local Security Checks
high
94705Oracle Linux 7 : ntp (ELSA-2016-2583)NessusOracle Linux Local Security Checks
high
94546RHEL 7 : ntp (RHSA-2016:2583)NessusRed Hat Local Security Checks
high
91539Scientific Linux Security Update : ntp on SL6.x i386/x86_64 (20160510)NessusScientific Linux Local Security Checks
high
91419OracleVM 3.3 / 3.4 : ntp (OVMSA-2016-0082)NessusOracleVM Local Security Checks
high
91248SUSE SLES11 Security Update : ntp (SUSE-SU-2016:1311-1)NessusSuSE Local Security Checks
critical
91169CentOS 6 : ntp (CESA-2016:0780)NessusCentOS Local Security Checks
high
91151Oracle Linux 6 : ntp (ELSA-2016-0780)NessusOracle Linux Local Security Checks
high
91076RHEL 6 : ntp (RHSA-2016:0780)NessusRed Hat Local Security Checks
high
89288Fedora 21 : ntp-4.2.6p5-34.fc21 (2015-77bfbc1bcd)NessusFedora Local Security Checks
critical
88059AIX 5.3 TL 12 : ntp (IV79946) (deprecated)NessusAIX Local Security Checks
medium
88058AIX 7.2 TL 0 : ntp (IV79945) (deprecated)NessusAIX Local Security Checks
medium
88057AIX 7.1 TL 4 : ntp (IV79944) (deprecated)NessusAIX Local Security Checks
medium
88056AIX 7.1 TL 3 : ntp (IV79943) (deprecated)NessusAIX Local Security Checks
high
88055AIX 6.1 TL 9 : ntp (IV79942) (deprecated)NessusAIX Local Security Checks
medium
88026F5 Networks BIG-IP : SNTP vulnerability (K60352002)NessusF5 Networks Local Security Checks
high
86682Debian DSA-3388-1 : ntp - security updateNessusDebian Local Security Checks
critical
86640Debian DLA-335-1 : ntp security updateNessusDebian Local Security Checks
critical
86631Network Time Protocol Daemon (ntpd) 3.x / 4.x < 4.2.8p4 Multiple VulnerabilitiesNessusMisc.
critical
86630Ubuntu 12.04 LTS / 14.04 LTS / 15.04 / 15.10 : ntp vulnerabilities (USN-2783-1)NessusUbuntu Local Security Checks
critical
86331Fedora 22 : ntp-4.2.6p5-33.fc22 (2015-14212)NessusFedora Local Security Checks
high
86027Fedora 23 : ntp-4.2.6p5-33.fc23 (2015-14213)NessusFedora Local Security Checks
high
85751Amazon Linux AMI : ntp (ALAS-2015-593)NessusAmazon Linux Local Security Checks
high