Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: InfoSec Handlers Diary Blog InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

NTPD autokey vulnerability

Published: 2009-05-25
Last Updated: 2009-05-25 23:17:17 UTC
by Jim Clausing (Version: 1)
0 comment(s)

US Cert published VU#853097 the other day detailing an exploitable buffer overflow in the implementation of the autokey feature.  The folks at ntp.org have released version 4.2.4p7 to correct it, download here.  The announcement can be seen here.

Keywords: autokey NTP
0 comment(s)
Diary Archives