NTP BUG 2939: reslist NULL pointer dereference

Last update: February 15, 2022 20:59 UTC (43fbd379b)


Summary

Resolved 4.2.8p6 19 Jan 2016
References Bug 2939 CVE-2015-7977
Affects All ntp-4 releases up to, but not including 4.2.8p6,
and 4.3.0 up to, but not including 4.3.90.
Resolved in 4.2.8p6.
CVSS2 Score 4.3 AV:N/AC:M/Au:N/C:N/I:N/A:P

Description

An unauthenticated ntpdc reslist command can cause a segmentation fault in ntpd by causing a NULL pointer dereference.


Mitigation


Credit

This weakness was discovered by Stephen Gray of Cisco ASIG.


Timeline