This host is running NTP Daemon and is prone to stack overflow vulnerability.
Successful exploitation will let the attacker craft a specially malicious NTP request packet which can crash ntp daemon or can cause arbitrary code execution in the affected machine with local user's privilege. Impact level: Application.
Apply the security update according to the OS version. https://admin.fedoraproject.org/updates/search/ntp
This flaw is due to configuration error in ntp daemon's NTPv4 authentication code. If ntp daemon is configured to use Public Key Cryptography for NTP Packet authentication which lets the attacker send crafted NTP requests.
NTP version prior to 4.2.4p7 NTP version 4.2.5 to 4.2.5p73
- Monkey HTTPD Host Header Buffer Overflow Vulnerability
- Ziproxy PNG Image Processing Buffer Overflow Vulnerability
- Simple Web Server Connection Header Buffer Overflow Vulnerability
- Groovy Media Player '.m3u' File Remote Stack Buffer Overflow Vulnerability
- ScriptFTP 'GETLIST' or 'GETFILE' Commands Remote Buffer Overflow Vulnerability