Update Protection against Multiple Vendors NTP Daemon Autokey Stack Buffer Overflow Vulnerability
| Check Point Reference: | CPAI-2009-134 | |
| Date Published: | ||
| Severity: | ||
| Source: | Secunia Advisory: SA35130 | |
| Industry Reference(s): | CVE-2009-1252 | |
| Protection Provided by: |
Security Gateway
|
|
| Who is Vulnerable? Network Time Protocol Project. NTP prior to 4.2.4p7 | ||
| Vulnerability Description A buffer overflow vulnerability has been reported in the ntpd (NTP daemon). The ntpd daemon implements the Network Time Protocol (NTP) which sets and maintains the system time-of-day in synchronism with Internet standard time servers. A remote attacker may exploit this issue to crash the service and execute arbitrary code. |
||
|
Update/Patch Available Update to version 4.2.4p7: NTP Software Downloads |
|
|
Vulnerability Details The vulnerability is due to a boundary error in the ntpd when processing crafted packets sent to the daemon. A remote attacker may exploit this flaw to execute arbitrary code via specially crafted packet. Successful exploitation will terminate the affected service and may allow execution of arbitrary code on the vulnerable system. |
Protection Overview
This protection will detect and block malformed packets sent to the NTP daemon.
In order for the protection to be activated, update your Security Gateway product to the latest IPS update. For information on how to update IPS, go to SBP-2006-05, Protection tab and select the version of your choice.
To configure the defense, select your product from the list below and follow the related protection steps.