Back to search
CVE-2015-5300
Published: Jul 21, 2017
Modified: Aug 6, 2024
PUBLISHED
Description
The panic_gate check in NTP before 4.2.8p5 is only re-enabled after the first change to the system clock that was greater than 128 milliseconds by default, which allows remote attackers to set NTP to an arbitrary time when started with the -g option, or to alter the time by up to 900 seconds otherwise by responding to an unspecified number of requests from trusted sources, and leveraging a resulting denial of service (abort and restart).
| Vendor | Product | Versions |
|---|---|---|
n/a | n/a | affected n/a |
References
RHSA-2015:1930
vendor-advisory
x_refsource_REDHAT
SUSE-SU:2016:1912
vendor-advisory
x_refsource_SUSE
[slackware-security] 20160223 ntp (SSA:2016-054-04)
mailing-list
x_refsource_MLIST
openSUSE-SU:2016:1423
vendor-advisory
x_refsource_SUSE
http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html
x_refsource_CONFIRM
USN-2783-1
vendor-advisory
x_refsource_UBUNTU
SUSE-SU:2016:1177
vendor-advisory
x_refsource_SUSE
https://ics-cert.us-cert.gov/advisories/ICSA-15-356-01
x_refsource_MISC
https://bugzilla.redhat.com/show_bug.cgi?id=1271076
x_refsource_CONFIRM
https://www-01.ibm.com/support/docview.wss?uid=swg21980676
x_refsource_CONFIRM
https://support.citrix.com/article/CTX220112
x_refsource_CONFIRM
FEDORA-2015-77bfbc1bcd
vendor-advisory
x_refsource_FEDORA
https://www.ibm.com/support/home/docdisplay?lndocid=migr-5099428
x_refsource_CONFIRM
FEDORA-2015-f5f5ec7b6b
vendor-advisory
x_refsource_FEDORA
DSA-3388
vendor-advisory
x_refsource_DEBIAN
http://aix.software.ibm.com/aix/efixes/security/ntp_advisory5.asc
x_refsource_CONFIRM
https://www.cs.bu.edu/~goldbe/NTPattack.html
x_refsource_MISC
SUSE-SU:2016:2094
vendor-advisory
x_refsource_SUSE
FEDORA-2016-34bc10a2c8
vendor-advisory
x_refsource_FEDORA
1034670
vdb-entry
x_refsource_SECTRACK
https://www-01.ibm.com/support/docview.wss?uid=isg3T1024073
x_refsource_CONFIRM
77312
vdb-entry
x_refsource_BID
SUSE-SU:2016:1311
vendor-advisory
x_refsource_SUSE
FreeBSD-SA-16:02
vendor-advisory
x_refsource_FREEBSD
https://www-01.ibm.com/support/docview.wss?uid=swg21979393
x_refsource_CONFIRM
openSUSE-SU:2016:1292
vendor-advisory
x_refsource_SUSE
https://www-01.ibm.com/support/docview.wss?uid=nas8N1021264
x_refsource_CONFIRM
SUSE-SU:2016:1247
vendor-advisory
x_refsource_SUSE
https://www-01.ibm.com/support/docview.wss?uid=isg3T1023885
x_refsource_CONFIRM
https://bto.bluecoat.com/security-advisory/sa113
x_refsource_CONFIRM
https://www-01.ibm.com/support/docview.wss?uid=swg21983501
x_refsource_CONFIRM
https://www-01.ibm.com/support/docview.wss?uid=ssg1S1005821
x_refsource_CONFIRM
http://support.ntp.org/bin/view/Main/NtpBug2956
x_refsource_CONFIRM
https://www-01.ibm.com/support/docview.wss?uid=swg21983506
x_refsource_CONFIRM
SUSE-SU:2016:1175
vendor-advisory
x_refsource_SUSE
https://security.netapp.com/advisory/ntap-20171004-0001/
x_refsource_CONFIRM
Security Training
Train your team to recognize and prevent security threats with our comprehensive security awareness program.
Start TrainingVulnerability Scanning
Discover vulnerabilities in your applications and infrastructure before attackers do.
Scan Now