Berkeley Software Design, Inc. Information for VU#970472
Network Time Protocol ([x]ntpd) daemon contains buffer overflow in ntp_control:ctl_getitem() function
- Vendor Information Help Date Notified:
- Statement Date:
- Date Updated: 10 Apr 2001
The version of ntp shipped with BSD/OS is vulnerable to this problem
so sites which have configured ntpd should update to the patched version
available from BSDI's web, ftp or patches servers.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.