MidnightBSD

Advisories for dave_mills

CVE-2001-0414 HIGH

Buffer overflow in ntpd ntp daemon 4.0.99k and earlier (aka xntpd and xntp3) allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long readvar argument.

CVSS 2.0

Severity: HIGH

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
dave_mills ntpd *
dave_mills xntp3 5.93d
dave_mills ntpd 4.0.99
dave_mills ntpd 4.0.99g
dave_mills ntpd 4.0.99f
dave_mills ntpd 4.0.99j
dave_mills ntpd 4.0.99d
dave_mills ntpd 4.0.99i
dave_mills ntpd 4.0.99h
dave_mills ntpd 4.0.99a
dave_mills ntpd 4.0.99b
dave_mills xntp3 5.93e
dave_mills xntp3 5.93
dave_mills ntpd 4.0.99c
dave_mills xntp3 5.93c
dave_mills ntpd 4.0.99e
dave_mills xntp3 5.93b
dave_mills xntp3 5.93a
CVE-2005-2496 MEDIUM

The xntpd ntp (ntpd) daemon before 4.2.0b, when run with the -u option and using a string to specify the group, uses the group ID of the user instead of the group, which causes xntpd to run with different privileges than intended.

CVSS 2.0

Severity: MEDIUM

Problem Type: NVD-CWE-Other,

Products Affected

Vendor Product Version
dave_mills ntpd *