[ntp:security] recent Stack Overflow vulnerability posted

juergen perlinger juergen.perlinger at t-online.de
Sat Dec 10 09:19:28 UTC 2016


On 12/09/2016 10:07 PM, Brian Martin wrote:
> 
> NTP Security,
> 
> Recently, a vulnerability was posted about ntpd [1] and shortly after,
> someone else appears to have verified the same issue [2]. However,
> something about these reports seems off to several of us and we were
> wondering if you were aware of them, and if so, have you validated the
> finding?
> 
> Thank you,
> 
> Brian Martin
> OSF / CVE Board
> 
> 
> [1]
> https://packetstormsecurity.com/files/139900/Linux-ntpd-4.2.8-derive_nonce-Stack-Overflow.html
> 
> [2]
> https://packetstormsecurity.com/files/139962/ntpd-4.2.8-Stack-Overflow-Proof-Of-Concept.html
> 
I have checked both POCs, and I am *not* able to assert these as a valid
attack on NTPv4.2.8p9.

I also checked the original NTPv4.2.8 release. Still no hit, with either
of the POCs.

The symptoms are slightly different (in one case it's an unknown key ID,
in the other a malformed argument list) but there is no problem with the
continued operation of NTPD, as far as I can tell.

Best regards,
 J. Perlinger





More information about the security mailing list