ntpd buffer overflow
Published:		26.05.2009
Source:		BUGTRAQ
SecurityVulns ID:		9937
Type:		remote
Level:		6/10
Description:		Buffer overflow if autokey option is enabled.

Affected:		NTP : ntp 4.2
CVE:		CVE-2009-1252 (Stack-based buffer overflow in the crypto_recv function in ntp_crypto.c in ntpd in NTP before 4.2.4p7 and 4.2.5 before 4.2.5p74, when OpenSSL and autokey are enabled, allows remote attackers to execute arbitrary code via a crafted packet containing an extension field.)

Original document

Alex Legler, [ GLSA 200905-08 ] NTP: Remote execution of arbitrary code (26.05.2009)

Discuss:

Read or add your comments to this news (0 comments)