Wind River Support Network

HomeDefectsLIN6-10085
Fixed

LIN6-10085 : Security Advisory - ntp - CVE-2015-5146

Created: Jun 30, 2015    Updated: Dec 3, 2018
Resolved Date: Jul 6, 2015
Found In Version: 6.0.0.20
Fix Version: 6.0.0.23
Severity: Standard
Applicable for: Wind River Linux 6
Component/s: Userspace

Description

NTP CVE-2015-5146 [Sec 2853]

Under limited and specific circumstances an attacker can send a crafted packet to cause a vulnerable ntpd instance to crash. This requires each of the following to be true:

1. ntpd set up to allow for remote configuration (not allowed by default), and
2. knowledge of the configuration password, and
3. access to a computer entrusted to perform remote configuration.

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5146

Other Downloads


Live chat
Online