NTP: Network Time Protocol ntpq decodearr Stack-based Buffer Overflow

This signature detects attempts to exploit a known vulnerability in the monitoring and control program ntpq of Network Time Protocol daemon. Successful exploitation could result in arbitrary code execution in the security context of the user.

Extended Description

Buffer overflow in the decodearr function in ntpq in ntp 4.2.8p6 through 4.2.8p10 allows remote attackers to execute arbitrary code by leveraging an ntpq query and sending a response with a crafted array.

Affected Products

Netapp element_software

References

BugTraq: 103351

CVE: CVE-2018-7183

Short Name
NTP:NTPQ-DECODEARR-BO
Severity
Major
Recommended
True
Recommended Action
Drop
Category
NTP
Keywords
Buffer CVE-2018-7183 Network Overflow Protocol Stack-based Time bid:103351 decodearr ntpq
Release Date
03/27/2018
Supported Platforms

srx-branch-19.3

vsrx3bsd-19.2

srx-19.4

vsrx3bsd-19.4

srx-branch-19.4

vsrx-19.4

vsrx-19.2

srx-19.3

srx-branch-12.3

mx-12.3

mx-19.4

vmx-19.4

mx-19.3

vsrx-12.3

vmx-19.3

srx-12.3

Sigpack Version
3590
False Positive
Unknown
Vendors

Ntp

Netapp

Freebsd

Canonical

CVSS Score

7.5

Found a potential security threat?