Date: 4 Apr 2001 20:34:35 -0000 From: venglin@freebsd.lublin.pl To: FreeBSD-gnats-submit@freebsd.org Subject: bin/26358: [SECURITY] ntpd(8) is vulnerable to remote buffer overflow Message-ID: <20010404203435.6899.qmail@riget.scene.pl>
next in thread | raw e-mail | index | archive | help
>Number: 26358 >Category: bin >Synopsis: [SECURITY] ntpd(8) is vulnerable to remote buffer overflow >Confidential: no >Severity: serious >Priority: high >Responsible: freebsd-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Wed Apr 04 13:40:00 PDT 2001 >Closed-Date: >Last-Modified: >Originator: Przemyslaw Frasunek >Release: FreeBSD 4.2-STABLE i386 >Organization: czuby.net >Environment: ntpd shipped with FreeBSD 4.2-STABLE. >Description: There is a remote exploitable buffer overflow, allowing to gain root privileges in all versions of ntpd (Network Time Protocol Daemon). Overflow occurs, when daemon builds response for malicious packet. >How-To-Repeat: Proof of concept code: http://www.frasunek.com/sources/security/ntpdx.c >Fix: Unknown. >Release-Note: >Audit-Trail: >Unformatted: To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-bugs" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20010404203435.6899.qmail>