NTP BUG 1151: Remote exploit if autokey is enabled
Last update: February 11, 2022 20:40 UTC (b87954544)
|4 Mar 2009
10 Sep 2007
||All releases from 4.0.99m/4.1.70 (2001-08-15) through 4.2.4 before 4.2.4p7 and 4.2.5 before 4.2.5p74.
||Resolved in 4.2.4p and 4.2.5p74.
When Autokey Authentication is enabled (i.e. the
ntp.conf file contains a
crypto pw ... directive) a remote attacker can send a carefully crafted packet that can overflow a stack buffer and potentially allow malicious code to be executed with the privilege level of the
- Upgrade to 4.2.4p7 or 4.2.5p74, or later.
- Disable Autokey Authentication by removing, or commenting out, all configuration directives beginning with the
crypto keyword in your
This vulnerability was discovered by Chis Ries of CMU.