Raspbian

ntpd needs updating.

Bug #1576993 reported by Timothy Williams
256
This bug affects 1 person
Affects Status Importance Assigned to Milestone
Raspbian
Invalid
Undecided
Unassigned

Bug Description

I have my raspberry pi fully updated. The current ntpd version is 4.2.6p5. I have read that version prior to Version 4.2.8 are vulnerable to remote code execution trigged by a buffer overflow. I currently have not tested the public exploit to see if it crashes the process due to invalid offset however i do think the package would be vulnerable. Sample code: http://downloads.securityfocus.com/vulnerabilities/exploits/ntpd-exp.c

CVE References

Revision history for this message
peter green (plugwash) wrote :

Do you have a link to a CVE or similar for this vulnerability?

Revision history for this message
Timothy Williams (o-tim-3) wrote :

After some more research the report i seen was inaccurate linking a exploit code that affected a version that was irrelevant however it stated that versions prior to 4.2.8 were vulnerable to a buffer overflow which looks to be correct.

https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2014-9295

http://googleprojectzero.blogspot.com.au/2015/01/finding-and-exploiting-ntpd.html

Revision history for this message
peter green (plugwash) wrote :

Looking at the changelogs it seems debian fixed the bug you linked in versions 1:4.2.6.p5+dfsg-3.2 and 1:4.2.6.p5+dfsg-2+deb7u1

http://metadata.ftp-master.debian.org/changelogs//main/n/ntp/ntp_4.2.6.p5+dfsg-7+deb8u1_changelog

information type: Private Security → Public Security
Changed in raspbian:
status: New → Invalid
Revision history for this message
peter green (plugwash) wrote :

http://metadata.ftp-master.debian.org/changelogs//main/n/ntp/ntp_4.2.6.p5+dfsg-7+deb8u1_changelog

To post a comment you must log in.
This report contains Public Security information  
Everyone can see this security related information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.