|
| Description: | | Multiple stack-based buffer overflows in ntpd in NTP before 4.2.8 allow remote attackers to execute arbitrary code via a crafted packet, related to (1) the crypto_recv function when the Autokey Authentication feature is used, (2) the ctl_putdata function, and (3) the configure function. |
|
| Impact: | | A buffer overflow vulnerability can be triggered by an attacker in the context of the vulnerable product. Further attacks include arbitrary code execution and denial of service. |
|
| Affected OS: | | Windows, Solaris, Other Unix, FreeBSD, Linux |
|
| Reference: | | SecurityFocusBID:71761
|
|