Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2001-0414

Overview

Vulnerability Score 10.0 10.0
CVE Id CVE-2001-0414
Last Modified 05 Sep 2008 04:24:02
Published 18 Jun 2001 12:00:00
Confidentiality Impact COMPLETE COMPLETE
Integrity Impact COMPLETE COMPLETE
Availability Impact COMPLETE COMPLETE
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2001-0414

Summary

Buffer overflow in ntpd ntp daemon 4.0.99k and earlier (aka xntpd and xntp3) allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long readvar argument.

Vulnerable Systems

Application

  • Dave Mills Ntpd 4.0.99

  • Dave Mills Ntpd 4.0.99a

  • Dave Mills Ntpd 4.0.99b

  • Dave Mills Ntpd 4.0.99c

  • Dave Mills Ntpd 4.0.99d

  • Dave Mills Ntpd 4.0.99e

  • Dave Mills Ntpd 4.0.99f

  • Dave Mills Ntpd 4.0.99g

  • Dave Mills Ntpd 4.0.99h

  • Dave Mills Ntpd 4.0.99i

  • Dave Mills Ntpd 4.0.99j

  • Dave Mills Ntpd 4.0.99k

  • Dave Mills Xntp3 5.93

  • Dave Mills Xntp3 5.93a

  • Dave Mills Xntp3 5.93b

  • Dave Mills Xntp3 5.93c

  • Dave Mills Xntp3 5.93d

  • Dave Mills Xntp3 5.93e


References

BID - 2540

MANDRAKE - MDKSA-2001:036

DEBIAN - DSA-045

XF - ntpd-remote-bo(6321)

REDHAT - RHSA-2001:045

OSVDB - 805

CALDERA - CSSA-2001-013

BUGTRAQ - 20010409 ntpd - new Debian 2.2 (potato) version is also vulnerable

BUGTRAQ - 20010409 PROGENY-SA-2001-02: ntpd remote buffer overflow

BUGTRAQ - 20010409 ntp-4.99k23.tar.gz is available

BUGTRAQ - 20010408 [slackware-security] buffer overflow fix for NTP

BUGTRAQ - 20010406 Immunix OS Security update for ntp and xntp3

BUGTRAQ - 20010405 Re: ntpd =< 4.0.99k remote buffer overflow]

BUGTRAQ - 20010404 ntpd =< 4.0.99k remote buffer overflow

SUSE - SuSE-SA:2001:10

CONECTIVA - CLA-2001:392

BUGTRAQ - 20010418 IBM MSS Outside Advisory Redistribution: IBM AIX: Buffer Overflow Vulnerability in (x)ntp

BUGTRAQ - 20010413 PROGENY-SA-2001-02A: [UPDATE] ntpd remote buffer overflow

BUGTRAQ - 20010409 [ESA-20010409-01] xntp buffer overflow

SCO - SSE074

SCO - SSE073

NETBSD - NetBSD-SA2001-004

FREEBSD - FreeBSD-SA-01:31


Last Updated: 27 May 2016 10:36:15