This host has NTP installed and is prone to stack buffer overflow vulnerabilities.
Successful exploitation will allow attackers to execute arbitrary code or to cause the application to crash. Impact Level: Application.
Upgrade to NTP version 4.2.4p7-RC2 http://www.ntp.org/downloads.html
The flaw is due to a boundary error within the cookedprint() function in ntpq/ntpq.c while processing malicious response from a specially crafted remote time server.
NTP versions prior to 4.2.4p7-RC2 on Linux.
- Novell File Reporter 'SRS' Tag Arbitrary File Deletion Vulnerability
- Novell Groupwise Client ActiveX Control Buffer Overflow Vulnerability
- IpTools Tiny TCP/IP Servers Remote Buffer Overflow Vulnerability
- BigAnt IM Server 'USV' Request Buffer Overflow Vulnerability
- ScriptFTP 'GETLIST' or 'GETFILE' Commands Remote Buffer Overflow Vulnerability