NTP BUG 3505: NTPQ/NTPDC: Buffer Overflow in openhost()
Last update: April 22, 2024 18:49 UTC (7e7bd5857)
Summary
Description
The openhost()
function used by ntpq
and ntpdc
is vulnerable to a buffer overflow. This means that if one is able to provide ntpq
or ntpdc
with an excessively large hostname on the command line or a carefully-crafted byte stream, ntpq
or ntpdc
will suffer from the usual stack overflow problems.
Mitigation
Upgrade to 4.2.8p12 or later.
Credit
Reported by Fakhri Zulkifli.
Timeline