Strix
26.1K

CVE-2001-0414

UnknownEPSS 91.68%

Last modified

CVE-2001-0414 is a vulnerability of currently unknown severity. Buffer overflow in ntpd ntp daemon 4.0.99k and earlier (aka xntpd and xntp3) allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long readvar argument.. EPSS estimates a 91.68% chance of exploitation in the next 30 days.

Description

Buffer overflow in ntpd ntp daemon 4.0.99k and earlier (aka xntpd and xntp3) allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long readvar argument.

Metrics

EPSS Probability
91.68%

99.8th percentile

Probability of exploitation in the next 30 days. Learn more

Affected Software

VendorProductVersions
Dave MillsNtpd<= 4.0.99k
Dave MillsNtpd4.0.99
Dave MillsNtpd4.0.99a
Dave MillsNtpd4.0.99b
Dave MillsNtpd4.0.99c
Dave MillsNtpd4.0.99d
Dave MillsNtpd4.0.99e
Dave MillsNtpd4.0.99f
Dave MillsNtpd4.0.99g
Dave MillsNtpd4.0.99h
Dave MillsNtpd4.0.99i
Dave MillsNtpd4.0.99j
Dave MillsXntp35.93
Dave MillsXntp35.93a
Dave MillsXntp35.93b
Dave MillsXntp35.93c
Dave MillsXntp35.93d
Dave MillsXntp35.93e

References

Timeline

Published
Last Modified
Status
Modified

Frequently Asked Questions

What is CVE-2001-0414?
Buffer overflow in ntpd ntp daemon 4.0.99k and earlier (aka xntpd and xntp3) allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long readvar argument.
How severe is CVE-2001-0414?
Severity scoring for CVE-2001-0414 is pending analysis. The EPSS model estimates a 91.68% probability of exploitation in the next 30 days.
How do I fix CVE-2001-0414?
Check the vendor references and advisories linked above for patched versions and mitigation guidance. You can also run a Strix scan to test if your systems are affected.

Are you affected by CVE-2001-0414?

Run a free Strix scan to check your systems for this vulnerability.

Scan your code now

Source: NVD / NIST