Heap-based Buffer Overflow in chrony: Remote Code Execution and Denial of Service Vulnerability

Heap-based Buffer Overflow in chrony: Remote Code Execution and Denial of Service Vulnerability

CVE-2015-1821 · MEDIUM Severity

AV:N/AC:L/AU:S/C:P/I:P/A:P

Heap-based buffer overflow in chrony before 1.31.1 allows remote authenticated users to cause a denial of service (chronyd crash) or possibly execute arbitrary code by configuring the (1) NTP or (2) cmdmon access with a subnet size that is indivisible by four and an address with a nonzero bit in the subnet remainder.

Learn more about our User Device Pen Test.