NTP Stack Buffer Overflow Vulnerability Network Vulnerability

Summary

This host has NTP installed and is prone to stack buffer overflow vulnerabilities.

Impact

Successful exploitation will allow attackers to execute arbitrary code or to cause the application to crash. Impact Level: Application.

Solution

Upgrade to NTP version 4.2.4p7-RC2 http://www.ntp.org/downloads.html

Insight

The flaw is due to a boundary error within the cookedprint() function in ntpq/ntpq.c while processing malicious response from a specially crafted remote time server.

Affected

NTP versions prior to 4.2.4p7-RC2 on Linux.

References

http://secunia.com/advisories/34608
http://www.vupen.com/english/advisories/2009/0999
http://xforce.iss.net/xforce/xfdb/49838

Updated on 2015-03-25

Severity

Classification

CVE CVE-2009-0159

CVSS	Base Score: 6.8 AV:N/AC:M/Au:N/C:P/I:P/A:P

Related Vulnerabilities

INN buffer overflow
VLC Media Player '.RM' File BOF Vulnerability (Linux)
VLC Media Player Stack Overflow Vulnerability (Lin-Mar09)
VLC Media Player USF and Text Subtitles Decoders BOF Vulnerabilities (Linux)
SquidGuard Multiple Buffer Overflow Vulnerabilities

Take action and discover your vulnerabilities