Lucene search

K

Veracode Vulnerability DatabaseVERACODE:16916

HistoryMay 02, 2019 - 5:29 a.m.

Denial Of Service (DoS)

2019-05-0205:29:36

Veracode Vulnerability Database

sca.analysiscenter.veracode.com

4

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

ntp is vulnerable to denial of service. It was found that ntpd would exit with a segmentation fault when a statistics type that was not enabled during compilation (e.g. timingstats) was referenced by the statistics or filegen configuration command.

CPENameOperatorVersion
ntpeq4.2.6p5__1.el6
ntpeq4.2.4p8__3.el6
ntpeq4.2.6p5__2.el6_5
ntpeq4.2.6p5__2.el6_6
ntpeq4.2.6p5__5.el6
ntpeq4.2.4p8__2.el6
ntpeq4.2.6p5__5.el6_7.2
ntpeq4.2.6p5__5.el6_7.4
ntpeq4.2.6p5__3.el6_6
ntpeq4.2.6p5__1.el6

Rows per page:

1-10 of 181

References

lists.fedoraproject.org/pipermail/package-announce/2015-November/170926.html

lists.fedoraproject.org/pipermail/package-announce/2015-October/169167.html

lists.fedoraproject.org/pipermail/package-announce/2015-September/166992.html

rhn.redhat.com/errata/RHSA-2016-0780.html

rhn.redhat.com/errata/RHSA-2016-2583.html

www.debian.org/security/2015/dsa-3388

www.openwall.com/lists/oss-security/2015/08/25/3

www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html

www.securityfocus.com/bid/76474

www.ubuntu.com/usn/USN-2783-1

access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/6.8_Release_Notes/index.html

access.redhat.com/documentation/en-US/Red_Hat_Enterprise_Linux/6/html/6.8_Technical_Notes/index.html

access.redhat.com/errata/RHSA-2016:0780

access.redhat.com/errata/RHSA-2016:2583

access.redhat.com/security/cve/CVE-2015-5195

access.redhat.com/security/updates/classification/#moderate

bugzilla.redhat.com/show_bug.cgi?id=1254544

bugzilla.redhat.com/show_bug.cgi?id=1286969

github.com/ntp-project/ntp/commit/52e977d79a0c4ace997e5c74af429844da2f27be

rhn.redhat.com/errata/RHSA-2016-0780.html

www-01.ibm.com/support/docview.wss?uid=isg3T1024157

www-01.ibm.com/support/docview.wss?uid=swg21985122

www-01.ibm.com/support/docview.wss?uid=swg21986956

www-01.ibm.com/support/docview.wss?uid=swg21988706

www-01.ibm.com/support/docview.wss?uid=swg21989542

7.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

5 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

Related for VERACODE:16916

ubuntucve1 debiancve1 prion1 cve2 openvas13 nessus20 f52 fedora3 mageia1 amazon1 centos2 redhat2 oraclelinux2 ibm7 osv2 securityvulns2 debian2 ubuntu1