NTP BUG 3505: NTPQ/NTPDC: Buffer Overflow in openhost()
Last update: June 27, 2022 20:45 UTC (51d68a4aa)
Summary
Description
The openhost()
function used by ntpq
and ntpdc
is vulnerable to a buffer overflow. This means that if one is able to provide ntpq
or ntpdc
with an excessively large hostname on the command line or a carefully-crafted byte stream, ntpq
or ntpdc
will suffer from the usual stack overflow problems.
Mitigation
Upgrade to 4.2.8p12 or later.
Credit
Reported by Fakhri Zulkifli.
Timeline