Main Vulnerability Database Exploits ID:6404 - Exploit for Stack-based buffer overflow in Network Time Protocol - CVE-2018-12327

ID:6404 - Exploit for Stack-based buffer overflow in Network Time Protocol - CVE-2018-12327

Published: June 17, 2021

Vulnerability identifier: #VU14448

Vulnerability risk: Low

CVE-ID: CVE-2018-12327

CWE-ID: CWE-121

Exploitation vector: Local access

Vulnerable software:
Network Time Protocol

Link to public exploit:

https://www.exploit-db.com/exploits/44909/

Vulnerability description

The vulnerability allows a local attacker to gain elevated privileges on the target system.

The vulnerability exists due to stack-based buffer overflow in the Network Time Protocol Query (ntpq) program and Network Time Protocol daemon (ntpd) when handling malicious input. A local attacker can submit a long string argument for an IPv4 or IPv6 command-line parameter, trigger memory corruption and execute arbitrary code with elevated privileges.

Successful exploitation of this vulnerability may result in complete compromise of vulnerable system.

Remediation

Cybersecurity Help is currently unaware of any solutions addressing the vulnerability.

ID:6404 - Exploit for Stack-based buffer overflow in Network Time Protocol - CVE-2018-12327

Link to public exploit:

Vulnerability description

Remediation

Please verify you're human