| VID |
12040 |
| Severity |
40 |
| Port |
123 |
| Protocol |
UDP |
| Class |
NTPD |
| Detailed Description |
Network Time Protocol Daemon (ntpd) versions 4.0.99k and earlier included with many operating systems are vulnerable to remote buffer overflow attack. It occurs when building response for a query with large readvar argument. In almost all cases, ntpd daemon is running with superuser privileges, allowing to gain REMOTE ROOT ACCESS to timeserver. |
| Recommendation |
Disable this service if you do not use it, or upgrade.
For Debian 2.2 potato:
Upgrade to the latest version of ntp (4.0.99g-2potato1 or later), as listed in Debian Security Advisory DSA-045-1. (http://www.securityfocus.com/archive/1/174354)
For NetBSD 1.4 and 1.5:
Apply the appropriate patch for your system, as listed in NetBSD Security Advisory 2001-004. See References. (http://www.securityfocus.com/archive/1/174411)
For other distributions:
Contact your vendor for upgrade or patch information. |
| Related URL |
CVE-2001-0414 (CVE) |
| Related URL |
2540 (SecurityFocus) |
| Related URL |
6321 (ISS) |
|
