Denial of Service Vulnerability in SNTP's ULOGTOD Function

Denial of Service Vulnerability in SNTP's ULOGTOD Function

CVE-2015-5219 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:N/I:N/A:H

The ULOGTOD function in ntp.d in SNTP before 4.2.7p366 does not properly perform type conversions from a precision value to a double, which allows remote attackers to cause a denial of service (infinite loop) via a crafted NTP packet.

Learn more about our Web Application Penetration Testing UK.