University of Delaware Information for VU#970472

Network Time Protocol ([x]ntpd) daemon contains buffer overflow in ntp_control:ctl_getitem() function



Vendor Statement

The patch I sent out applies to the NTPv4 99k distribution which for
safety I fetched directly from its public place. For record:

--- ntp_control.c.1 Thu Apr  5 21:41:56 2001
+++ ntp_control.c Thu Apr  5 21:43:02 2001
@@ -1824,6 +1824,8 @@
while (cp < reqend && *cp !=
*tp++ = *cp++;
+ if (tp >= buf + sizeof(buf))
+ return (0);
if (cp < reqend)
*tp = '\0';

Not fancy; it's been a long day.

Vendor Information

The vendor has not provided us with any further information regarding this vulnerability.

Vendor References



Target CVS repository:

Target patched version:

If you have feedback, comments, or additional information about this vulnerability, please send us email.