NVD Vulnerability Detail

CVE-2015-5219

Summary	The ULOGTOD function in ntp.d in SNTP before 4.2.7p366 does not properly perform type conversions from a precision value to a double, which allows remote attackers to cause a denial of service (infinite loop) via a crafted NTP packet.
Publication Date	July 21, 2017, 11:29 p.m.
Registration Date	Jan. 26, 2021, 2:52 p.m.
Last Update	Nov. 21, 2024, 11:32 a.m.

CVSS3.1 : HIGH
スコア	7.5
Vector	CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H
攻撃元区分(AV)	ネットワーク
攻撃条件の複雑さ(AC)	低
攻撃に必要な特権レベル(PR)	不要
利用者の関与(UI)	不要
影響の想定範囲(S)	変更なし
機密性への影響(C)	なし
完全性への影響(I)	なし
可用性への影響(A)	高

CVSS2.0 : MEDIUM
Score	5.0
Vector	AV:N/AC:L/Au:N/C:N/I:N/A:P
攻撃元区分(AV)	ネットワーク
攻撃条件の複雑さ(AC)	低
攻撃前の認証要否(Au)	不要
機密性への影響(C)	なし
完全性への影響(I)	なし
可用性への影響(A)	低
Get all privileges.	いいえ
Get user privileges	いいえ
Get other privileges	いいえ
User operation required	いいえ

Affected software configurations

Configuration1	or higher	or less	more than	less than
cpe:2.3:o:fedoraproject:fedora:22:::::::*
cpe:2.3:o:fedoraproject:fedora:23:::::::*
cpe:2.3:o:fedoraproject:fedora:21:::::::*

Configuration2	or higher	or less	more than	less than
cpe:2.3:o:suse:manager_proxy:2.1:::::::*
cpe:2.3:a:suse:linux_enterprise_debuginfo:11:sp3::::::
cpe:2.3:o:suse:manager:2.1:::::::*
cpe:2.3:a:suse:linux_enterprise_debuginfo:11:sp2::::::
cpe:2.3:o:suse:linux_enterprise_server:11:sp3:::ltss:::*
cpe:2.3:o:suse:openstack_cloud:5:::::::*
cpe:2.3:o:suse:linux_enterprise_server:11:sp2:::ltss:::*
cpe:2.3:o:suse:linux_enterprise_server:10:sp4:::ltss:::*

Configuration3	or higher	or less	more than	less than
cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_hpc_node:6.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*

Configuration4	or higher	or less	more than	less than
cpe:2.3:o:debian:debian_linux:8.0:::::::*
cpe:2.3:o:debian:debian_linux:7.0:::::::*

Configuration5	or higher	or less	more than	less than
cpe:2.3:o:canonical:ubuntu_linux:12.04::::lts:::
cpe:2.3:o:canonical:ubuntu_linux:15.10:::::::*
cpe:2.3:o:canonical:ubuntu_linux:14.04::::lts:::
cpe:2.3:o:canonical:ubuntu_linux:15.04:::::::*

Configuration6		or higher	or less	more than	less than
cpe:2.3:a:ntp:ntp::p355::::::*			4.2.7

Configuration7	or higher	or less	more than	less than
cpe:2.3:o:novell:leap:42.2:::::::*
cpe:2.3:o:opensuse:leap:42.1:::::::*

Configuration8		or higher	or less	more than	less than
cpe:2.3:o:siemens:tim_4r-ie_firmware::::::::
execution environment
1	cpe:2.3:h:siemens:tim_4r-ie:-:::::::*

Configuration9		or higher	or less	more than	less than
cpe:2.3:o:siemens:tim_4r-id_dnp3_firmware::::::::
execution environment
1	cpe:2.3:h:siemens:tim_4r-id_dnp3:-:::::::*

Configuration10		or higher	or less	more than	less than
cpe:2.3:o:oracle:linux:6:-::::::

Related information, measures and tools

No	URL	タグ
1	http://aix.software.ibm.com/aix/efixes/security/ntp_advisory4.asc	Third Party Advisory
2	http://aix.software.ibm.com/aix/efixes/security/ntp_advisory4.asc	Third Party Advisory
3	http://bk1.ntp.org/ntp-dev/?PAGE=patch&REV=51786731Gr4-NOrTBC_a_uXO4wuGhg	Issue Tracking Patch Third Party Advisory
4	http://bk1.ntp.org/ntp-dev/?PAGE=patch&REV=51786731Gr4-NOrTBC_a_uXO4wuGhg	Issue Tracking Patch Third Party Advisory
5	http://lists.fedoraproject.org/pipermail/package-announce/2015-November/170926.html	Mailing List Third Party Advisory
6	http://lists.fedoraproject.org/pipermail/package-announce/2015-November/170926.html	Mailing List Third Party Advisory
7	http://lists.fedoraproject.org/pipermail/package-announce/2015-October/169167.html	Mailing List Third Party Advisory
8	http://lists.fedoraproject.org/pipermail/package-announce/2015-October/169167.html	Mailing List Third Party Advisory
9	http://lists.fedoraproject.org/pipermail/package-announce/2015-September/166992.html	Mailing List Third Party Advisory
10	http://lists.fedoraproject.org/pipermail/package-announce/2015-September/166992.html	Mailing List Third Party Advisory
11	http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00048.html	Broken Link
12	http://lists.opensuse.org/opensuse-security-announce/2016-05/msg00048.html	Broken Link
13	http://lists.opensuse.org/opensuse-updates/2016-12/msg00153.html	Broken Link
14	http://lists.opensuse.org/opensuse-updates/2016-12/msg00153.html	Broken Link
15	http://rhn.redhat.com/errata/RHSA-2016-0780.html	Third Party Advisory
16	http://rhn.redhat.com/errata/RHSA-2016-0780.html	Third Party Advisory
17	http://rhn.redhat.com/errata/RHSA-2016-2583.html	Third Party Advisory
18	http://rhn.redhat.com/errata/RHSA-2016-2583.html	Third Party Advisory
19	http://www.debian.org/security/2015/dsa-3388	Third Party Advisory
20	http://www.debian.org/security/2015/dsa-3388	Third Party Advisory
21	http://www.openwall.com/lists/oss-security/2015/08/25/3	Mailing List Patch Third Party Advisory
22	http://www.openwall.com/lists/oss-security/2015/08/25/3	Mailing List Patch Third Party Advisory
23	http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html	Third Party Advisory
24	http://www.oracle.com/technetwork/topics/security/linuxbulletinapr2016-2952096.html	Third Party Advisory
25	http://www.securityfocus.com/bid/76473	Third Party Advisory VDB Entry
26	http://www.securityfocus.com/bid/76473	Third Party Advisory VDB Entry
27	http://www.ubuntu.com/usn/USN-2783-1	Third Party Advisory
28	http://www.ubuntu.com/usn/USN-2783-1	Third Party Advisory
29	https://bugzilla.redhat.com/show_bug.cgi?id=1255118	Issue Tracking
30	https://bugzilla.redhat.com/show_bug.cgi?id=1255118	Issue Tracking
31	https://cert-portal.siemens.com/productcert/pdf/ssa-497656.pdf	Third Party Advisory
32	https://cert-portal.siemens.com/productcert/pdf/ssa-497656.pdf	Third Party Advisory
33	https://github.com/ntp-project/ntp/commit/5f295cd05c3c136d39f5b3e500a2d781bdbb59c8	Issue Tracking Patch Third Party Advisory
34	https://github.com/ntp-project/ntp/commit/5f295cd05c3c136d39f5b3e500a2d781bdbb59c8	Issue Tracking Patch Third Party Advisory
35	https://us-cert.cisa.gov/ics/advisories/icsa-21-103-11	Third Party Advisory US Government Resource
36	https://us-cert.cisa.gov/ics/advisories/icsa-21-103-11	Third Party Advisory US Government Resource
37	https://www.ibm.com/support/home/docdisplay?lndocid=migr-5099409	Third Party Advisory
38	https://www.ibm.com/support/home/docdisplay?lndocid=migr-5099409	Third Party Advisory
39	https://www-01.ibm.com/support/docview.wss?uid=isg3T1024157	Third Party Advisory
40	https://www-01.ibm.com/support/docview.wss?uid=isg3T1024157	Third Party Advisory
41	https://www-01.ibm.com/support/docview.wss?uid=swg21985122	Third Party Advisory
42	https://www-01.ibm.com/support/docview.wss?uid=swg21985122	Third Party Advisory
43	https://www-01.ibm.com/support/docview.wss?uid=swg21986956	Third Party Advisory
44	https://www-01.ibm.com/support/docview.wss?uid=swg21986956	Third Party Advisory
45	https://www-01.ibm.com/support/docview.wss?uid=swg21988706	Third Party Advisory
46	https://www-01.ibm.com/support/docview.wss?uid=swg21988706	Third Party Advisory
47	https://www-01.ibm.com/support/docview.wss?uid=swg21989542	Third Party Advisory
48	https://www-01.ibm.com/support/docview.wss?uid=swg21989542	Third Party Advisory

Common Vulnerabilities List

No	CWE	Name	URL
1	CWE-704	不正な型変換またはキャスト	https://cwe.mitre.org/data/definitions/704.html

JVN Vulnerability Information

SNTP の ntp.d の ULOGTOD 関数におけるサービス運用妨害 (DoS) の脆弱性

Title	SNTP の ntp.d の ULOGTOD 関数におけるサービス運用妨害 (DoS) の脆弱性
Summary	SNTP の ntp.d の ULOGTOD 関数は、精度値 (precision value) のダブル型への変換を適切に実行しないため、サービス運用妨害 (無限ループ) 状態にされる脆弱性が存在します。
Possible impacts	リモートの攻撃者により、巧妙に細工された NTP パケットを介して、サービス運用妨害 (無限ループ) 状態にされる可能性があります。
Solution	ベンダより正式な対策が公開されています。ベンダ情報を参照して適切な対策を実施してください。
Publication Date	Aug. 19, 2015, midnight
Registration Date	Aug. 15, 2017, 5:15 p.m.
Last Update	Aug. 15, 2017, 5:15 p.m.

Affected System

レッドハット

Red Hat Enterprise Linux Desktop

Red Hat Enterprise Linux HPC Node

Red Hat Enterprise Linux Server

Red Hat Enterprise Linux Workstation

NTP Project

NTP

Debian

Debian GNU/Linux

Fedora Project

Fedora

Canonical

Ubuntu

SUSE

SUSE Linux Enterprise Debuginfo

SUSE Linux Enterprise Server

SUSE Manager

SUSE Manager Proxy

SUSE OpenStack Cloud

openSUSE project

openSUSE Leap

CVE (情報セキュリティ共通脆弱性識別子)

No	Name	URL
Common Vulnerabilities and Exposures (CVE)
1	CVE-2015-5219	http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5219
National Vulnerability Database (NVD)
2	CVE-2015-5219	https://nvd.nist.gov/vuln/detail/CVE-2015-5219

CWE (共通脆弱性タイプ一覧)

No	Name	URL
JVNDB
1	CWE-704	https://cwe.mitre.org/data/definitions/704.html

ベンダー情報

No	Name	URL
Debian Security Advisory
1	DSA-3388	https://www.debian.org/security/2015/dsa-3388
Fedora Update Notification
2	FEDORA-2015-14212	https://lists.fedoraproject.org/pipermail/package-announce/2015-October/169167.html
3	FEDORA-2015-14213	https://lists.fedoraproject.org/pipermail/package-announce/2015-September/166992.html
4	FEDORA-2015-77bfbc1bcd	https://lists.fedoraproject.org/pipermail/package-announce/2015-November/170926.html
GitHub
5	[Bug 2382] Implement LOGTOD using ldexp() instead of shifting	https://github.com/ntp-project/ntp/commit/5f295cd05c3c136d39f5b3e500a2d781bdbb59c8
IBM SECURITY ADVISORY
6	Vulnerabilities in NTP affect AIX	http://aix.software.ibm.com/aix/efixes/security/ntp_advisory4.asc
IBM Support Document
7	1985122	https://www-01.ibm.com/support/docview.wss?uid=swg21985122
8	1986956	https://www-01.ibm.com/support/docview.wss?uid=swg21986956
9	1988706	https://www-01.ibm.com/support/docview.wss?uid=swg21988706
10	1989542	https://www-01.ibm.com/support/docview.wss?uid=swg21989542
11	MIGR-5099409	https://www.ibm.com/support/home/docdisplay?lndocid=migr-5099409
12	T1024157	https://www-01.ibm.com/support/docview.wss?uid=isg3T1024157
NTP Project
13	ntp-dev/1.2943 changes	http://bk1.ntp.org/ntp-dev/?PAGE=patch&REV=51786731Gr4-NOrTBC_a_uXO4wuGhg
opensuse-security-announce
14	SUSE-SU-2016:1311	https://lists.opensuse.org/opensuse-security-announce/2016-05/msg00048.html
opensuse-updates
15	openSUSE-SU-2016:3280	https://lists.opensuse.org/opensuse-updates/2016-12/msg00153.html
Red Hat Bugzilla
16	Bug 1255118	https://bugzilla.redhat.com/show_bug.cgi?id=1255118
Red Hat Security Advisory
17	RHSA-2016:0780	https://access.redhat.com/errata/RHSA-2016:0780
18	RHSA-2016:2583	https://access.redhat.com/errata/RHSA-2016:2583
Ubuntu Security Notice
19	USN-2783-1	https://usn.ubuntu.com/usn/USN-2783-1/

その他

No	Name	URL
JVN
1	JVNVU#96269392	https://jvn.jp/vu/JVNVU96269392/index.html

Change Log

No	Changed Details	Date of change
0	[2017年08月15日] 掲載	Feb. 17, 2018, 10:37 a.m.
2	[2021年06月16日] 参考情報：JVN (JVNVU#96269392) を追加	June 16, 2021, 2:07 p.m.

Configuration2	or higher	or less	more than	less than
cpe:2.3:o:suse:manager_proxy:2.1:::::::*
cpe:2.3:a:suse:linux_enterprise_debuginfo:11:sp3::::::
cpe:2.3:o:suse:manager:2.1:::::::*
cpe:2.3:a:suse:linux_enterprise_debuginfo:11:sp2::::::
cpe:2.3:o:suse:linux_enterprise_server:11:sp3:::ltss:::*
cpe:2.3:o:suse:openstack_cloud:5:::::::*
cpe:2.3:o:suse:linux_enterprise_server:11:sp2:::ltss:::*
cpe:2.3:o:suse:linux_enterprise_server:10:sp4:::ltss:::*

Configuration3	or higher	or less	more than	less than
cpe:2.3:o:redhat:enterprise_linux_desktop:7.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_workstation:7.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_server:7.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_hpc_node:6.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_hpc_node:7.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_desktop:6.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_server:6.0:::::::*
cpe:2.3:o:redhat:enterprise_linux_workstation:6.0:::::::*