[ntp:security] recent Stack Overflow vulnerability posted
juergen perlinger
juergen.perlinger at t-online.de
Sat Dec 10 09:19:28 UTC 2016
On 12/09/2016 10:07 PM, Brian Martin wrote:
>
> NTP Security,
>
> Recently, a vulnerability was posted about ntpd [1] and shortly after,
> someone else appears to have verified the same issue [2]. However,
> something about these reports seems off to several of us and we were
> wondering if you were aware of them, and if so, have you validated the
> finding?
>
> Thank you,
>
> Brian Martin
> OSF / CVE Board
>
>
> [1]
> https://packetstormsecurity.com/files/139900/Linux-ntpd-4.2.8-derive_nonce-Stack-Overflow.html
>
> [2]
> https://packetstormsecurity.com/files/139962/ntpd-4.2.8-Stack-Overflow-Proof-Of-Concept.html
>
I have checked both POCs, and I am *not* able to assert these as a valid
attack on NTPv4.2.8p9.
I also checked the original NTPv4.2.8 release. Still no hit, with either
of the POCs.
The symptoms are slightly different (in one case it's an unknown key ID,
in the other a malformed argument list) but there is no problem with the
continued operation of NTPD, as far as I can tell.
Best regards,
J. Perlinger
More information about the security
mailing list