Credit: Stephen Röttger and Neel Mehta
A chain of bugs lead to RCE in ntpd through: broken source IP check for access control, weak default key in configuration interface, an infoleak, and then finally sweet, sweet buffer overflow.
recognize both excellence and incompetence in the field of information security