CVE-2015-5146 (retired)

Priority
Description
ntpd in ntp before 4.2.8p3 with remote configuration enabled allows remote
authenticated users with knowledge of the configuration password and access
to a computer entrusted to perform remote configuration to cause a denial
of service (service crash) via a NULL byte in a crafted configuration
directive packet.
Notes
 sarnold> non-default configuration, requires knowledge of remote
  authentication password, and ACL-authorized source
Assigned-to
mdeslaur
Package
Source: ntp (LP Ubuntu Debian)
Upstream:released (4.3.25, 4.2.8p3-RC1)
Ubuntu 16.04 LTS (Xenial Xerus):released (1:4.2.6.p5+dfsg-3ubuntu8.1)
Patches:
Upstream:https://github.com/ntp-project/ntp/commit/c3e7afb9cd88784c6b4f81182bd878fc3a2d23a1
More Information

Updated: 2019-08-23 09:07:04 UTC (commit 436fd4ed4cf0038ddd382cb8649607ace163dda7)