Full Disclosure mailing list archives

!ADVISORY! # -Thu Mar 16 03:08:48 EST 2006- # Heap Overflow in ISC NTP

From: waldoalvarez00 () gmail com
Date: Thu, 16 Mar 2006 08:08:59 +0000 (GMT)




!ADVISORY! # -Thu Mar 16 03:08:48 EST 2006- # Heap Overflow in ISC NTP




----------------------------------
1. Description
It is possible to make ISC NTP crash or run arbitrary code by the use of malformed input.

----------------------------------
2. History
27-1-2006 - Vendor Notification.
22-2-2006 - Vendor Reply.
16-3-2006 - Public Disclosure.
----------------------------------
3. CVE Information
The Common Vulnerabilities and Exposures (CVE) project has assigned the name CVE-2006-675200 to this issue

----------------------------------
Appendix A Vendor Information
http://www.isc.org/index.pl?/sw/ntp/

----------------------------------
Appendix B References
RFC 7559

----------------------------------
Contact
waldo alvarez lolville () spam la
1-888-565-9428
BEWARE THE JIZZTAPO!!!

            ..
        _ .' `.
       /\)
      / /
     / /   /\
     \ \  /  \
  _   \ \/ /\ \
 (/\   \  /  \ \
  \ \  /  \   (Y )
   \ \/ /\ \   ""
    \  /  \ \
     \/   / /
         / /
        ( Y)
         ""


GSAE CCE SSP-CNSA GIPS GHTQ SSCP 

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Current thread:

!ADVISORY! # -Thu Mar 16 03:08:48 EST 2006- # Heap Overflow in ISC NTP waldoalvarez00 (Mar 16)