NTP BUG 3505: NTPQ/NTPDC: Buffer Overflow in openhost()
Last update: June 27, 2022 20:45 UTC (51d68a4aa)
openhost() function used by
ntpdc is vulnerable to a buffer overflow. This means that if one is able to provide
ntpdc with an excessively large hostname on the command line or a carefully-crafted byte stream,
ntpdc will suffer from the usual stack overflow problems.
Upgrade to 4.2.8p12 or later.
Reported by Fakhri Zulkifli.