Intrusion Prevention

NTPsec.ntpd.ctl_getitem.Out.of.Bounds.Read

Description

This indicates an attack attempt to exploit an Out Of Bounds Read vulnerability in ntpd.
A remote unauthenticated user can exploit this vulnerability by sending a crafted NTP control request to the target
server. Successful exploitation could lead to disclosure of sensitive information.

Affected Products

NTPsec ntpd prior to 1.1.3

Impact

Information Disclosure: Remote attackers can gain sensitive information from vulnerable systems

Recommended Actions

Refer to the vendor's advisory for updates:
https://github.com/ntpsec/ntpsec/blob/NTPsec_1_1_3/NEWS

CVE References

CVE-2019-6443 CVE-2019-6444