Lucene search

[email protected]NVD:CVE-2015-5194

HistoryJul 21, 2017 - 2:29 p.m.

CVE-2015-5194

2017-07-2114:29:00

CWE-20

[email protected]

web.nvd.nist.gov

CVSS2

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:N/I:N/A:P

CVSS3

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

NONE

User Interaction

NONE

Scope

UNCHANGED

Confidentiality Impact

NONE

Integrity Impact

NONE

Availability Impact

HIGH

CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

AI Score

7.2

Confidence

High

EPSS

0.055

Percentile

93.3%

JSON

The log_config_command function in ntp_parser.y in ntpd in NTP before 4.2.7p42 allows remote attackers to cause a denial of service (ntpd crash) via crafted logconfig commands.

Affected configurations

Nvd

Node

fedoraprojectfedoraMatch21

fedoraprojectfedoraMatch22

Node

suselinux_enterprise_debuginfoMatch11sp2

suselinux_enterprise_debuginfoMatch11sp3

suselinux_enterprise_serverMatch10sp4ltss

suselinux_enterprise_serverMatch11sp2ltss

suselinux_enterprise_serverMatch11sp3ltss

susemanagerMatch2.1

susemanager_proxyMatch2.1

suseopenstack_cloudMatch5

Node

redhatenterprise_linux_desktopMatch6.0

redhatenterprise_linux_desktopMatch7.0

redhatenterprise_linux_hpc_nodeMatch6.0

redhatenterprise_linux_hpc_nodeMatch7.0

redhatenterprise_linux_serverMatch6.0

redhatenterprise_linux_serverMatch7.0

redhatenterprise_linux_workstationMatch6.0

redhatenterprise_linux_workstationMatch7.0

Node

debiandebian_linuxMatch7.0

debiandebian_linuxMatch8.0

Node

canonicalubuntu_linuxMatch12.04lts

canonicalubuntu_linuxMatch14.04lts

canonicalubuntu_linuxMatch15.04

canonicalubuntu_linuxMatch15.10

Node

ntpntpRange≤4.2.7p40

VendorProductVersionCPE
fedoraprojectfedora21cpe:2.3:o:fedoraproject:fedora:21:*:*:*:*:*:*:*
fedoraprojectfedora22cpe:2.3:o:fedoraproject:fedora:22:*:*:*:*:*:*:*
suselinux_enterprise_debuginfo11cpe:2.3:a:suse:linux_enterprise_debuginfo:11:sp2:*:*:*:*:*:*
suselinux_enterprise_debuginfo11cpe:2.3:a:suse:linux_enterprise_debuginfo:11:sp3:*:*:*:*:*:*
suselinux_enterprise_server10cpe:2.3:o:suse:linux_enterprise_server:10:sp4:*:*:ltss:*:*:*
suselinux_enterprise_server11cpe:2.3:o:suse:linux_enterprise_server:11:sp2:*:*:ltss:*:*:*
suselinux_enterprise_server11cpe:2.3:o:suse:linux_enterprise_server:11:sp3:*:*:ltss:*:*:*
susemanager2.1cpe:2.3:o:suse:manager:2.1:*:*:*:*:*:*:*
susemanager_proxy2.1cpe:2.3:o:suse:manager_proxy:2.1:*:*:*:*:*:*:*
suseopenstack_cloud5cpe:2.3:o:suse:openstack_cloud:5:*:*:*:*:*:*:*

Vendor	Product	Version	CPE
fedoraproject	fedora	21	cpe:2.3:o:fedoraproject:fedora:21:::::::*
fedoraproject	fedora	22	cpe:2.3:o:fedoraproject:fedora:22:::::::*
suse	linux_enterprise_debuginfo	11	cpe:2.3:a:suse:linux_enterprise_debuginfo:11:sp2::::::
suse	linux_enterprise_debuginfo	11	cpe:2.3:a:suse:linux_enterprise_debuginfo:11:sp3::::::
suse	linux_enterprise_server	10	cpe:2.3:o:suse:linux_enterprise_server:10:sp4:::ltss:::*
suse	linux_enterprise_server	11	cpe:2.3:o:suse:linux_enterprise_server:11:sp2:::ltss:::*
suse	linux_enterprise_server	11	cpe:2.3:o:suse:linux_enterprise_server:11:sp3:::ltss:::*
suse	manager	2.1	cpe:2.3:o:suse:manager:2.1:::::::*
suse	manager_proxy	2.1	cpe:2.3:o:suse:manager_proxy:2.1:::::::*
suse	openstack_cloud	5	cpe:2.3:o:suse:openstack_cloud:5:::::::*