Berkeley Software Design, Inc. Information for VU#970472
Network Time Protocol ([x]ntpd) daemon contains buffer overflow in ntp_control:ctl_getitem() function
The version of ntp shipped with BSD/OS is vulnerable to this problem
so sites which have configured ntpd should update to the patched version
available from BSDI's web, ftp or patches servers.
The vendor has not provided us with any further information regarding this vulnerability.
The CERT/CC has no additional comments at this time.
If you have feedback, comments, or additional information about this vulnerability, please send us email.