Goal Reached Thanks to every supporter — we hit 100%!

Goal: 1000 CNY · Raised: 1000 CNY

100.0%
Buy Us a Coffee

CVE-2014-9295 PoC — NTP 基于栈的缓冲区错误漏洞

Source
https://github.com/MacMiniVault/NTPUpdateSnowLeopard
Associated Vulnerability
Title:NTP 基于栈的缓冲区错误漏洞 (CVE-2014-9295)
Description:NTP(Network Time Protocol,网络时间协议)是一款通过网络同步计算机时钟的协议。 NTP 4.2.8之前版本的ntpd中的‘crypto_recv’、‘ctl_putdata’和‘configure’函数存在基于栈的缓冲区溢出漏洞。远程攻击者可通过发送特制的数据包利用该漏洞执行任意代码。
Description
Updates OS X 10.6.8 NTP to include patch for CVE-2014-9295
File Snapshot

 [4.0K]  /data/pocs/e0587c0a88a76888acdbc0fcabdbd2a2f95d0c54
└── [4.0K]  usr
    ├── [4.0K]  bin
    │   ├── [250K]  ntp-keygen
    │   ├── [372K]  ntpq
    │   └── [445K]  sntp
    └── [4.0K]  sbin
        ├── [810K]  ntpd
        ├── [178K]  ntpdate
        ├── [336K]  ntpdc
        ├── [382K]  ntpsnmpd
        ├── [3.5K]  ntptrace
        └── [3.1K]  ntp-wait

3 directories, 9 files
Shenlong Bot has cached this for you
Remarks
    1. It is advised to access via the original source first.
    2. If the original source is unavailable, please email f.jinxu#gmail.com for a local snapshot (replace # with @).
    3. Shenlong has snapshotted the POC code for you. To support long-term maintenance, please consider donating. Thank you for your support.