NTP users are strongly urged to take immediate action to ensure that their NTP daemons are not susceptible to being used in distributed denial-of-service (DDoS) attacks. Please also take this opportunity to defeat denial-of-service attacks by implementing Ingress and Egress filtering through BCP38.

ntp-4.2.8p18 was released on 25 May 2024 and addresses 40 bugs and provides 40 improvements.

Please see the NTP 4.2.8p18 Changelog for details.

Bug 2668 - Buffer overflow in ctl_putdata()
Summary: Buffer overflow in ctl_putdata()
Status: RESOLVED FIXED
Alias: None
Product: ntp
Classification: Unclassified
Component: ntpd (show other bugs)
Version: 4.2.6
Hardware: N/A All
: P1 critical
Assignee: Harlan Stenn
URL:
Depends on:
Blocks: 2655
  Show dependency tree
 
Reported: 2014-11-03 00:31 UTC by Harlan Stenn
Modified: 2022-02-11 09:32 UTC (History)
5 users (show)

See Also:
stenn: blocking4.2.6+
stenn: blocking4.2.8+


Attachments
patch for the ctl_putdata issue (1.18 KB, patch)
2014-11-24 15:13 UTC, Stephen Röttger
no flags Details | Diff

Note You need to log in before you can comment on or make changes to this bug.
Description Harlan Stenn 2014-11-03 00:31:06 UTC
+++ This bug was initially created as a clone of Bug #2655 +++

4) ntpd/ntp_control.c:1027 <ctl_putdata> (buffer overflow, needs privileges)
 fix: check if dlen is greater than the buffer and either break it up or
bail out
Comment 1 Stephen Röttger 2014-11-24 15:13:45 UTC
Created attachment 1158 [details]
patch for the ctl_putdata issue

this patch will split the data into multiple packets and send them individually
Comment 2 Harlan Stenn 2014-12-12 11:14:33 UTC
Fixed in my ntp-dev-sec/ subdir.
Comment 3 Harlan Stenn 2014-12-20 06:06:29 UTC
Fixed in 4.2.8.