Date: Mon, 9 Apr 2001 12:39:32 -0400 (EDT)
From: security@guardiandigital.com
Subject: [ESA-20010409-01] xntp buffer overflow
+------------------------------------------------------------------------+
| EnGarde Secure Linux Security Advisory April 09, 2001 |
| http://www.engardelinux.org/ ESA-20010409-01 |
| |
| Package: xntp3 |
| Summary: There is a potentially exploitable buffer overflow in the |
| xntp3 package. |
+------------------------------------------------------------------------+
EnGarde Secure Linux is a secure distribution of Linux that features
improved access control, host and network intrusion detection, Web
based secure remote management, complete e-commerce using AllCommerce,
and integrated open source security tools.
OVERVIEW
- --------
There is a very small buffer overflow in NTP daemon which shipped with
EnGarde Secure Linux version 1.0.1.
DETAIL
- ------
The Network Time Protocol (NTP) is used to synchronize a computer's
time with another reference time source. The xntp3 package contains
utilities and daemons which will synchronize your computer's time to
Coordinated Universal Time (UTC) via the NTP protocol and NTP servers.
By attacking a very small buffer with a very small set of shellcode, an
attacker can potentially gain root access. It has been reported that
in some cases the only effect is the segfault of the ntpd.
SOLUTION
- --------
All users running 'xntp3' should upgrade to the most recent version, as
outlined in this advisory. All updates can be found at:
ftp://ftp.engardelinux.org/pub/engarde/stable/updates/
http://ftp.engardelinux.org/pub/engarde/stable/updates/
To install the updated package, execute the command:
rpm -Uvh <filename>
To verify the signature of the updated packages, execute the command:
rpm -Kv <filename>
UPDATED PACKAGES
- ----------------
Source Packages:
SRPMS/xntp3-5.93-1.0.16.src.rpm
MD5 Sum: 853821174dad6b5a979f6eaae8ce815a
Binary Packages:
i686/xntp3-5.93-1.0.16.i686.rpm
MD5 Sum: 3d7823343a0db6485a94fa16fad5afbd
Please note that no i386 packages are available at this time. i386
updates will be made available when our i386 distribution is made
available.
REFERENCES
- ----------
Guardian Digital's public key:
http://ftp.engardelinux.org/pub/engarde/ENGARDE-GPG-KEY
Credit for the discovery of this bug goes to:
Przemyslaw Frasunek <venglin@FREEBSD.LUBLIN.PL>
The Official Web Site:
http://www.eecis.udel.edu/~ntp/
SecurityFocus Bug ID:
http://www.securityfocus.com/bid/2540
Initial Announcement on BugTraq:
http://www.securityfocus.com/templates/archive.pike?list=1&mid=174011
- ----------------------------------------------------------------------------
Author: Ryan W. Maple,
Copyright 2001, Guardian Digital, Inc.
Web Webster has more than 20 years of writing and editorial experience in the tech sector. He’s written and edited news, demand generation, user-focused, and thought leadership content for business software solutions, consumer tech, and Linux Today, he edits and writes for a portfolio of tech industry news and analysis websites including webopedia.com, and DatabaseJournal.com.
LinuxToday is a trusted, contributor-driven news resource supporting all types of Linux users. Our thriving international community engages with us through social media and frequent content contributions aimed at solving problems ranging from personal computing to enterprise-level IT operations. LinuxToday serves as a home for a community that struggles to find comparable information elsewhere on the web.
Property of TechnologyAdvice. © 2025 TechnologyAdvice. All Rights Reserved
Advertiser Disclosure: Some of the products that appear on this site are from companies from which TechnologyAdvice receives compensation. This compensation may impact how and where products appear on this site including, for example, the order in which they appear. TechnologyAdvice does not include all companies or all types of products available in the marketplace.