Network Time Protocol daemon (ntpd) Multiple Vulnerabilities

Last Update Date: 22 Dec 2014 10:45 Release Date: 22 Dec 2014 4213 Views

RISK: Medium Risk

Medium Risk

TYPE: Servers - Other Servers

TYPE: Other Servers

The buffer overflow vulnerabilities were identified in ntpd, which may allow a remote unauthenticated attacker to execute arbitrary malicious code with the privilege level of the ntpd process. The weak default key and non-cryptographic random number generator in ntp-keygen may allow an attacker to gain information regarding the integrity checking and authentication encryption schemes.

Impact

  • Denial of Service
  • Elevation of Privilege
  • Remote Code Execution
  • Information Disclosure

System / Technologies affected

  • Versions prior to 4.2.8

Solutions

Before installation of the software, please visit the software manufacturer web-site for more details.
  • Update to version 4.2.8

Vulnerability Identifier

Source

Related Link

Share with

Previous

WordPress Download Manager Security Bypass Vulnerability

19 Dec 2014 3916 Views

Next

"Misfortune Cookie" Vulnerability on Multiple Broadband Routers

22 Dec 2014 3955 Views

We use cookies to give you the best possible experience on our website. By continuing to browse this site, you give consent for cookies to be used. For more details please read our Cookie Policy.

PRIVACY POLICY