FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

ntp -- denial of service vulnerability

Affected packages
ntp < 4.2.8p5
ntp-devel < 4.3.78
10.2 <= FreeBSD < 10.2_9
10.1 <= FreeBSD < 10.1_26
9.3 <= FreeBSD < 9.3_33

Details

VuXML ID 4eae4f46-b5ce-11e5-8a2b-d050996490d0
Discovery 2015-10-21
Entry 2016-01-08
Modified 2016-08-09

Network Time Foundation reports:

NTF's NTP Project has been notified of the following 1 medium-severity vulnerability that is fixed in ntp-4.2.8p5, released on Thursday, 7 January 2016:

NtpBug2956: Small-step/Big-step CVE-2015-5300

References

CVE Name CVE-2015-5300
FreeBSD Advisory SA-16:02.ntp
URL http://support.ntp.org/bin/view/Main/NtpBug2956
URL http://support.ntp.org/bin/view/Main/SecurityNotice#January_2016_NTP_4_2_8p5_Securit
URL https://www.cs.bu.edu/~goldbe/NTPattack.html