NTP Vulnerabilities
Created 4/11/01
CVE 2001-0414
Impact
If this vulnerability is present, a remote attacker could
gain root access to an affected system.
Background
The Network Time Protocol (NTP)
is used to synchronize a computer's system clock with that
of a time server. The NTP daemon (ntpd)
processes NTP queries from clients. ntpd is
often included in Unix and Linux operating system distributions.
The Problem
Due to a buffer overflow condition in ntpd,
it is possible for a remote attacker to execute arbitrary commands with
the same privileges as the ntpd process, which
is usually root. The buffer overflow occurs in the
processing of queries with a very long readvar
argument.
Versions of ntpd prior to and including
4.0.99k are affected by this vulnerability.
Resolution
To find out if your version of ntpd is
vulnerable, enter the command:
ntpq -c version
If the version is 4.0.99k or lower, then upgrade your
ntpd package to the latest version.
Where can I read more about this?
This vulnerability was reported in CIAC Bulletin L-071
and in security advisories from many vendors, including
NetBSD,
Red Hat,
Debian,
Caldera,
Sun, and
Cisco.
Note that this vulnerability could affect any system on
which ntpd is running, even if the vendor
is not listed above.