CVE-2009-1252

Published: 19 May 2009

Stack-based buffer overflow in the crypto_recv function in ntp_crypto.c in ntpd in NTP before 4.2.4p7 and 4.2.5 before 4.2.5p74, when OpenSSL and autokey are enabled, allows remote attackers to execute arbitrary code via a crafted packet containing an extension field.

Priority

Medium

Status

Package Release Status
ntp
Launchpad, Ubuntu, Debian
Upstream Pending
(4.2.4p7, 4.2.5p74)

Notes

AuthorNote
jdstrand
from CERT: If autokey is enabled (the ntp.conf file contains the line           "crypto pw whatever" a remote attacker can send a carefully crafted             packet that can overflow a stack buffer and potentially allow for               malicious code to be executed with the privilege level of the ntpd              process.

References