NTP: NTPsec ntpd write_variables Denial of Service

This signature detects attempts to exploit a known vulnerability against NTPsec ntpd. Successful exploitation could lead to the application crash and denial of service condition.

Extended Description

An issue was discovered in NTPsec before 1.1.3. An authenticated attacker can cause a NULL pointer dereference and ntpd crash in ntp_control.c, related to ctl_getitem.

Affected Products

Ntpsec ntpsec

References

CVE: CVE-2019-6445

Short Name
NTP:CVE-2019-6445-DOS
Severity
Minor
Recommended
True
Recommended Action
Drop
Category
NTP
Keywords
CVE-2019-6445 Denial NTPsec Service ntpd of write_variables
Release Date
02/26/2019
Supported Platforms

srx-branch-12.3

srx-19.3

srx-branch-19.3

vsrx3bsd-19.2

srx-branch-19.4

vsrx-19.4

mx-12.3

mx-19.4

vmx-19.4

mx-19.3

vsrx3bsd-19.4

srx-19.4

vsrx-12.3

vmx-19.3

vsrx-19.2

srx-12.3

Sigpack Version
3337
False Positive
Unknown
Vendors

Ntpsec

CVSS Score

4.0

Found a potential security threat?