Vulnerability identifier: #VU7386
Vulnerability risk: Low
Exploitation vector: Network
Exploit availability: No
The vulnerability allows a remote authenticated attacker to cause DoS condition.
The weakness exists due to multiple buffer overflows in the ctl_put() functions in NTP. A remote attacker can an overly long string argument, trigger memory corruption and cause the application to crash.
Successful exploitation of the vulnerability results in denial of service.
Install update from vendor's website.
Vulnerable software versions
IBM AIX: 5.3, 6.1, 7.1, 7.2
Can this vulnerability be exploited remotely?
Yes. This vulnerability can be exploited by a remote authenticated user via the Internet.
Is there known malware, which exploits this vulnerability?
No. We are not aware of malware exploiting this vulnerability.