Buffer overflow in ntpd ntp daemon 4.0.99k and earlier (aka xntpd and xntp3) allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long readvar argument.
Loading...
Loading...
Buffer overflow in ntpd ntp daemon 4.0.99k and earlier (aka xntpd and xntp3) allows remote attackers to cause a denial of service and possibly execute arbitrary commands via a long readvar argument.
June 18, 2001
April 16, 2026
Every time one of our enrichment pipelines (NVD, MITRE cvelistV5, EPSS, CISA KEV, GHSA, OSV, vendor advisories) ran against this CVE. Most recent first.
Working exploit code is in the public domain (1 Metasploit module) (3 Exploit-DB entries). Defenders should treat patch urgency accordingly — public PoCs typically lead to mass-exploitation within 24-72 hours.
NTP daemon readvar - Remote Buffer Overflow (Metasploit)
Open source ↗NTPd - Remote Buffer Overflow
Open source ↗NTPd 4.0.99j-k readvar - Remote Buffer Overflow (Metasploit)
Open source ↗NTP Daemon readvar Buffer Overflow
Open source ↗See which npm, PyPI, Go, and Maven packages are affected by CVE-2001-0414
EchelonGraph automatically scans your cloud infrastructure and maps CVE exposure using blast radius analysis.