Wind River Support Network

HomeDefectsLIN5-20613
Fixed

LIN5-20613 : Security Advisory - ntp - CVE-2015-5146

Created: Jun 30, 2015    Updated: Dec 19, 2017
Resolved Date: Jul 6, 2015
Found In Version: 5.0.1.27
Fix Version: 5.0.1.29
Severity: Standard
Applicable for: Wind River Linux 5
Component/s: Userspace

Description

NTP CVE-2015-5146 [Sec 2853]

Under limited and specific circumstances an attacker can send a crafted packet to cause a vulnerable ntpd instance to crash. This requires each of the following to be true:

1. ntpd set up to allow for remote configuration (not allowed by default), and
2. knowledge of the configuration password, and
3. access to a computer entrusted to perform remote configuration.

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5146

Other Downloads


Live chat
Online