Threat Level: green Handler on Duty: Guy Bruneau

SANS ISC: NTPD autokey vulnerability - SANS Internet Storm Center SANS ISC InfoSec Forums

Watch ISC TV. Great for NOCs, SOCs and Living Rooms: https://isctv.sans.edu

Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!
NTPD autokey vulnerability

US Cert published VU#853097 the other day detailing an exploitable buffer overflow in the implementation of the autokey feature.  The folks at ntp.org have released version 4.2.4p7 to correct it, download here.  The announcement can be seen here.

I will be teaching next: Reverse-Engineering Malware: Malware Analysis Tools and Techniques - SANS Cyber Defence Australia 2022

Jim

423 Posts
ISC Handler
May 25th 2009

Sign Up for Free or Log In to start participating in the conversation!