University of Delaware Information for VU#970472
Network Time Protocol ([x]ntpd) daemon contains buffer overflow in ntp_control:ctl_getitem() function
The patch I sent out applies to the NTPv4 99k distribution which for
safety I fetched directly from its public place. For record:
--- ntp_control.c.1 Thu Apr 5 21:41:56 2001
+++ ntp_control.c Thu Apr 5 21:43:02 2001
@@ -1824,6 +1824,8 @@
while (cp < reqend && *cp !=
*tp++ = *cp++;
+ if (tp >= buf + sizeof(buf))
+ return (0);
if (cp < reqend)
*tp = '\0';
Not fancy; it's been a long day.
The vendor has not provided us with any further information regarding this vulnerability.
Target CVS repository:
Target patched version:
If you have feedback, comments, or additional information about this vulnerability, please send us email.