Rapid7 Vulnerability & Exploit Database

RHSA-2001:045: Network Time Daemon (ntpd) has potential remote root exploit

Back to Search

RHSA-2001:045: Network Time Daemon (ntpd) has potential remote root exploit

Severity
10
CVSS
(AV:N/AC:L/Au:N/C:C/I:C/A:C)
Published
06/18/2001
Created
07/25/2018
Added
10/28/2005
Modified
07/04/2017

Description

The Network Time Daemon (ntpd) supplied with all releases of Red Hat Linux is vulnerable to a buffer overflow, allowing a remote attacker to potentially gain root level access to a machine. All users of ntpd are strongly encouraged to upgrade.

The Network Time Daemon (xntpd on Red Hat Linux 6.2 and earlier, ntpd on Red Hat Linux 7.0) does not properly check the size of a buffer used to hold incoming data from the network. Potentially, an attacker could gain root access by exploiting this weakness. Potential damage is mitigated by the fact that the Network Time Daemon is not enabled by default. If you are not using network time services, it may not even be installed. As a general rule, Red Hat encourages users to enable only those network services they actually need.

Solution(s)

  • redhat-upgrade-ntp
  • redhat-upgrade-xntp3

With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.

– Scott Cheney, Manager of Information Security, Sierra View Medical Center

;