Main Vulnerability Database Exploits ID:6142 - Exploit for Stack out-of-bounds read in NTPsec - CVE-2019-6444

ID:6142 - Exploit for Stack out-of-bounds read in NTPsec - CVE-2019-6444

Published: June 17, 2021

Vulnerability identifier: #VU17183

Vulnerability risk: Low

CVE-ID: CVE-2019-6444

CWE-ID: CWE-125

Exploitation vector: Remote access

Vulnerable software:
NTPsec

Link to public exploit:

https://www.exploit-db.com/exploits/46176/

Vulnerability description

The vulnerability allows a remote authenticated attacker to perform a denial of service (DoS) attack.

The vulnerability exists due to attacker-controlled data is dereferenced by ntohl() in ntpd. A remote attacker can trigger stack-based buffer over-read in process_control() in ntp_control.c perform a denial of service attack.

Remediation

Update to version 1.1.3.

ID:6142 - Exploit for Stack out-of-bounds read in NTPsec - CVE-2019-6444

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human