Bug 26358

Summary: [SECURITY] ntpd(8) is vulnerable to remote buffer overflow
Product: Base System Reporter: Przemyslaw Frasunek <venglin>
Component: binAssignee: freebsd-bugs (Nobody) <bugs>
Status: Closed FIXED    
Severity: Affects Only Me    
Priority: Normal    
Version: 4.2-STABLE   
Hardware: Any   
OS: Any   

Description Przemyslaw Frasunek 2001-04-04 21:40:00 UTC 
	There is a remote exploitable buffer overflow, allowing to gain root
	privileges in all versions of ntpd (Network Time Protocol Daemon).
	Overflow occurs, when daemon builds response for malicious packet.

Fix: 

Unknown.
How-To-Repeat: 
	Proof of concept code: http://www.frasunek.com/sources/security/ntpdx.c
Comment 1 Poul-Henning Kamp freebsd_committer freebsd_triage 2001-04-05 00:07:30 UTC 
State Changed
From-To: open->closed

Fixed. 

A private notice to security-officer@freebsd.org would have been better.