ntp -- Crafted null dereference attack from a trusted source with an authenticated mode 6 packet
Network Time Foundation reports:
A crafted malicious authenticated mode 6 (ntpq) packet from a
permitted network address can trigger a NULL pointer dereference,
Note that for this attack to work, the sending
system must be on an address that the target's ntpd accepts mode 6
packets from, and must use a private key that is specifically
listed as being used for mode 6 authorization.
Impact: The ntpd daemon can crash due to the NULL pointer
dereference, causing a denial of service.
- Use restrict noquery to limit addresses that can send mode 6
- Limit access to the private controlkey in ntp.keys.
- Upgrade to 4.2.8p13, or later.
Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright