Attacker Value
Unknown
CVE-2015-5219
CVE-2015-5219
(Last updated October 05, 2023) ▾
MITRE ATT&CK
Log in to add MITRE ATT&CK tag
Add MITRE ATT&CK tactics and techniques that apply to this CVE.
Description
The ULOGTOD function in ntp.d in SNTP before 4.2.7p366 does not properly perform type conversions from a precision value to a double, which allows remote attackers to cause a denial of service (infinite loop) via a crafted NTP packet.
Add Assessment
No one has assessed this topic. Be the first to add your voice to the community.
CVSS V3 Severity and Metrics
Data provided by the National Vulnerability Database (NVD)
Base Score:
7.5 High
Impact Score:
3.6
Exploitability Score:
3.9
Attack Vector (AV):
Network
Attack Complexity (AC):
Low
Privileges Required (PR):
None
User Interaction (UI):
None
Scope (S):
Unchanged
Confidentiality (C):
None
Integrity (I):
None
Availability (A):
High
General Information
Vendors
- canonical,
- debian,
- fedoraproject,
- novell,
- ntp,
- opensuse,
- oracle,
- redhat,
- siemens,
- suse
Products
- debian linux 7.0,
- debian linux 8.0,
- enterprise linux desktop 6.0,
- enterprise linux desktop 7.0,
- enterprise linux hpc node 6.0,
- enterprise linux hpc node 7.0,
- enterprise linux server 6.0,
- enterprise linux server 7.0,
- enterprise linux workstation 6.0,
- enterprise linux workstation 7.0,
- fedora 21,
- fedora 22,
- fedora 23,
- leap 42.1,
- leap 42.2,
- linux 6,
- linux enterprise debuginfo 11,
- linux enterprise server 10,
- linux enterprise server 11,
- manager 2.1,
- manager proxy 2.1,
- ntp,
- openstack cloud 5,
- tim 4r-id dnp3 firmware,
- tim 4r-ie firmware,
- ubuntu linux 12.04,
- ubuntu linux 14.04,
- ubuntu linux 15.04,
- ubuntu linux 15.10
References
Advisory
