BSA-2017-296

Security Advisory ID : BSA-2017-296 Component : NTP Revision : 2.0: Interim Stack-based buffer overflow in thereslistfunction inntpqin NTP before 4.2.8p10 and 4.3.x before 4.3.94 allows remote servers have unspecified impact via a longflagstrvariable in a restriction list response. Affected...

Network Time Protocol Private Mode 'reslist' NULL Pointer Dereference Vulnerability

Summary An unauthenticated ntpdc reslist command can cause a segmentation fault in ntpd by causing a NULL pointer dereference. The following conditions must be met: 1. Mode 7 must be enabled. By default, mode 7 is disabled. 2. A large enough number of entries must exist in the restrict list to...