Stack-based Buffer Over-read in NTPsec's process_control() Function

Stack-based Buffer Over-read in NTPsec's process_control() Function

CVE-2019-6444 · MEDIUM Severity

AV:N/AC:L/AU:N/C:P/I:N/A:P

An issue was discovered in NTPsec before 1.1.3. process_control() in ntp_control.c has a stack-based buffer over-read because attacker-controlled data is dereferenced by ntohl() in ntpd.

Learn more about our Web Application Penetration Testing UK.