[20039] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Re: ntpd =< 4.0.99k remote buffer overflow

daemon@ATHENA.MIT.EDU (Gary E. Miller)
Thu Apr 5 20:41:53 2001

MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Message-ID:  <Pine.LNX.4.32.0104041436490.591-100000@catbert.rellim.com>
Date:         Wed, 4 Apr 2001 14:38:13 -0700
Reply-To: "Gary E. Miller" <gem@RELLIM.COM>
From: "Gary E. Miller" <gem@RELLIM.COM>
X-To:         Przemyslaw Frasunek <venglin@FREEBSD.LUBLIN.PL>
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To:  <20010404222701.X91913@riget.scene.pl>

Yo All!

ftp.udel.edu lists ntp 4.0.99k as the newest available.

Any patches yet?

Have the maintainers been notified?

RGDS
GARY
---------------------------------------------------------------------------
Gary E. Miller Rellim 20340 Empire Ave, Suite E-3, Bend, OR 97701
	gem@rellim.com  Tel:+1(541)382-8588 Fax: +1(541)382-8676

On Wed, 4 Apr 2001, Przemyslaw Frasunek wrote:

> /*
>  * Network Time Protocol Daemon (ntpd) shipped with many systems is vuln
> erable
>  * to remote buffer overflow attack. It occurs when building response fo
> r
>  * a query with large readvar argument. In almost all cases, ntpd is run
> ning
>  * with superuser privileges, allowing to gain REMOTE ROOT ACCESS to tim
> eserver.


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[20039] in bugtraq

Re: ntpd =< 4.0.99k remote buffer overflow

daemon@ATHENA.MIT.EDU (Gary E. Miller)Thu Apr 5 20:41:53 2001

daemon@ATHENA.MIT.EDU (Gary E. Miller)
Thu Apr 5 20:41:53 2001