NeXpose Vulnerability Database


< Previous
Next >


Cisco IOS NTP Buffer Overflow

SeveritySeverity CVSSCVSS PublishedPublished AddedAdded ModifiedModified
Critical (10) 10.0 (AV:N/AC:L/Au:N/C:C/I:C/A:C) Jun 18, 2001 Nov 1, 2004 Mar 17, 2009

Description:

By sending a carefully crafted NTP packet, it is possible to force the NTP daemon to overflow an internal buffer. Successful exploitation of this overflow will result in remote code execution.

Consult the official Cisco advisory for more information.

References:

Solution:

Upgrade to the latest version of Cisco IOS

Download and apply the upgrade from: http://www.cisco.com/univercd/cc/td/doc/product/software/

Upgrade to the latest version of Cisco IOS that your hardware supports. Upgrading IOS is often complicated by the fact that at any given time, Cisco is working on several different release trains simultaneously. Furthermore, upgrading to the latest version of IOS is not always possible without upgrading the router hardware (for example, adding memory). Consult Cisco's IOS support pages for more information the latest IOS releases. Please refer to http://www.cisco.com/warp/public/620/1.html for an explanation of the Cisco IOS versioning scheme.

It is possible to obtain custom-built IOS images via a Cisco support contract. The recommended method for obtaining updated IOS images is to record the results of the "show version" command on the router, and then to obtain a complete list of required fixes and bring this information to your Cisco support representative. Note that security fixes are not necessarily included in the latest releases -- you should specifically ask that the fixes be included in your image. Depending on your configuration, it may take several days to obtain an updated release that works for your hardware.

As of March 2009, the latest supported IOS release is Cisco IOS 12.4, with the latest "T" family release being 12.4(24)T.



Information on these pages is summary information extracted from the NeXpose Vulnerabilty Assessment system. Full details are provided within the NeXpose product for licensed users.