Your submission was sent successfully! Close

CVE-2015-5219

Published: 25 August 2015

The ULOGTOD function in ntp.d in SNTP before 4.2.7p366 does not properly perform type conversions from a precision value to a double, which allows remote attackers to cause a denial of service (infinite loop) via a crafted NTP packet.

Priority

Low

CVSS 3 base score: 7.5

Status

Package Release Status
ntp
Launchpad, Ubuntu, Debian
precise
Released (1:4.2.6.p3+dfsg-1ubuntu3.6)
trusty
Released (1:4.2.6.p5+dfsg-3ubuntu2.14.04.5)
upstream Needed

vivid
Released (1:4.2.6.p5+dfsg-3ubuntu6.2)
wily
Released (1:4.2.6.p5+dfsg-3ubuntu8.1)