Denial of Service Vulnerability in ntpd with Remote Configuration Enabled

Denial of Service Vulnerability in ntpd with Remote Configuration Enabled

CVE-2015-5146 · LOW Severity

AV:N/AC:M/AU:S/C:N/I:N/A:P

ntpd in ntp before 4.2.8p3 with remote configuration enabled allows remote authenticated users with knowledge of the configuration password and access to a computer entrusted to perform remote configuration to cause a denial of service (service crash) via a NULL byte in a crafted configuration directive packet.

Learn more about our User Device Pen Test.