Buffer overflow in ntpd ntp daemon 4.0.99k and earlier (aka xntpd and xntp3) allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long readvar argument.
CVSS 2.0
Severity: HIGH
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| dave_mills | ntpd | * |
| dave_mills | xntp3 | 5.93d |
| dave_mills | ntpd | 4.0.99 |
| dave_mills | ntpd | 4.0.99g |
| dave_mills | ntpd | 4.0.99f |
| dave_mills | ntpd | 4.0.99j |
| dave_mills | ntpd | 4.0.99d |
| dave_mills | ntpd | 4.0.99i |
| dave_mills | ntpd | 4.0.99h |
| dave_mills | ntpd | 4.0.99a |
| dave_mills | ntpd | 4.0.99b |
| dave_mills | xntp3 | 5.93e |
| dave_mills | xntp3 | 5.93 |
| dave_mills | ntpd | 4.0.99c |
| dave_mills | xntp3 | 5.93c |
| dave_mills | ntpd | 4.0.99e |
| dave_mills | xntp3 | 5.93b |
| dave_mills | xntp3 | 5.93a |
The xntpd ntp (ntpd) daemon before 4.2.0b, when run with the -u option and using a string to specify the group, uses the group ID of the user instead of the group, which causes xntpd to run with different privileges than intended.
CVSS 2.0
Severity: MEDIUM
Problem Type: NVD-CWE-Other,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| dave_mills | ntpd | * |