DEBIAN-CVE-2015-5194

The logconfigcommand function in ntpparser.y in ntpd in NTP before 4.2.7p42 allows remote attackers to cause a denial of service ntpd crash via crafted logconfig commands...

CVE-2015-5194

CVE-2015-5194: ntpd’s log_config_command in ntp_parser.y allows remote attackers to crash ntpd via crafted logconfig commands. Affected are ntpd before 4.2.7p42; remediation is to upgrade to a fixed version (4.2.7p42+). Connected advisories from F5/IBM detail affected products and patch guidance ...

CVE-2015-5194

The logconfigcommand function in ntpparser.y in ntpd in NTP before 4.2.7p42 allows remote attackers to cause a denial of service ntpd crash via crafted logconfig commands...

ntp: crash with crafted logconfig configuration command

It was found that ntpd could crash due to an uninitialized variable when processing malformed logconfig configuration commands...

ntp security and bug fix update

4.2.6p5-10 - don't accept server/peer packets with zero origin timestamp CVE-2015-8138 - fix crash with reslist command CVE-2015-7977, CVE-2015-7978 4.2.6p5-9 - fix crash with invalid logconfig command CVE-2015-5194 - fix crash when referencing disabled statistic type CVE-2015-5195 - don't hang i...

ntp: crash with crafted logconfig configuration command

It was found that ntpd could crash due to an uninitialized variable when processing malformed logconfig configuration commands...

Ubuntu 14.04 LTS : NTP vulnerabilities (USN-2783-1)

The remote Ubuntu 14.04 LTS host has packages installed that are affected by multiple vulnerabilities as referenced in the USN-2783-1 advisory. Aleksis Kauppinen discovered that NTP incorrectly handled certain remote config packets. In a non-default configuration, a remote authenticated attacker...

NTP logconfig configuration command denial of service vulnerability

Network Time Protocol is a protocol used to synchronize a computer's time to its server or clock source e.g., quartz clock, GPS, etc.. NTP crashes due to uninitialized variables when processing the malformed logconfig configuration command ntpd, allowing remote attackers to exploit the...

UBUNTU-CVE-2015-5194

The logconfigcommand function in ntpparser.y in ntpd in NTP before 4.2.7p42 allows remote attackers to cause a denial of service ntpd crash via crafted logconfig commands...

OracleVM 3.3 : ntp (OVMSA-2015-0102)

The remote OracleVM system is missing necessary patches to address critical security updates : - reject packets without MAC when authentication is enabled CVE-2015-1798 - protect symmetric associations with symmetric key against DoS attack CVE-2015-1799 - fix generation of MD5 keys with ntp-keyge...

PT-2015-6797 · Nts +5 · Ntp +5

Name of the Vulnerable Software and Affected Versions: ntp versions prior to 4.2.7p42 Description: The issue allows remote attackers to cause a denial of service, resulting in the ntpd crash, via crafted logconfig commands. This is due to an uninitialized variable when processing malformed...