Harlan Stenn

**Name of the Vulnerable Software and Affected Versions** NTP versions prior to 4.2.4p7-RC2 **Description** The issue is related to a stack-based buffer overflow in the cookedprint function in ntpq/ntpq.c in ntpq, which allows remote NTP servers to execute arbitrary code via a crafted response. This can lead to a disruption of confidentiality, integrity, and availability of protected information. The exploitation of this issue can be done remotely. **Recommendations** For versions prior to 4.2.4p7-RC2, update to version 4.2.4p7-RC2 or later to resolve the issue. As a temporary workaround, consider restricting access to the cookedprint function in ntpq/ntpq.c to minimize the risk of exploitation.