An issue exists in NTPsec prior to 1.1.3. An authenticated attacker can write one byte out of bounds in ntpd via a malformed config request, related to config_remotely in ntp_config.c, yyparse in ntp_parser.tab.c, and yyerror in ntp_parser.y.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
ntpsec ntpsec |