Network Time Protocol Multiple Stack Based Buffer Overflow Vulnerabilities
危険度: 高
CVE識別番号: CVE-2014-9295
概要
Multiple stack-based buffer overflows in ntpd in NTP before 4.2.8 allow remote attackers to execute arbitrary code via a crafted packet, related to (1) the crypto_recv function when the Autokey Authentication feature is used, (2) the ctl_putdata function, and (3) the configure function.
トレンドマイクロの対策
Apply associated Trend Micro DPI Rules.
対応方法
Trend Micro Deep Security DPI Rule Number: 1006435
Trend Micro Deep Security DPI Rule Name: 1006435 - Network Time Protocol configure() Stack Based Buffer Overflow Vulnerability
影響を受けるソフトウェア
- ntp ntp 4.2.7