Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2019-6443 PoC — NTPsec 缓冲区错误漏洞

Source
https://github.com/projectdiscovery/nuclei-templates/blob/main/javascript/cves/2019/CVE-2019-6443.yaml
Associated Vulnerability
Title:NTPsec 缓冲区错误漏洞 (CVE-2019-6443)
Description:NTPsec是一个网络时间协议的实现。 NTPsec 1.1.3之前版本中的ntpd的ntp_control.c文件的read_sysvars存在基于栈的缓冲区越界读取漏洞。目前尚无此漏洞的相关信息,请随时关注CNNVD或厂商公告。
Description
NTPsec before 1.1.3 contains a stack-based buffer over-read caused by a bug in ctl_getitem in read_sysvars in ntp_control.c in ntpd, letting local or remote attackers read sensitive memory, exploit requires sending crafted control requests.
File Snapshot

 id: CVE-2019-6443

info:
  name: NTPsec > 1.1.3 - 'ctl_getitem' Out-of-Bounds Read
  author: pussyca

...
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.