Vulnerability Monitor

The vendors, products, and vulnerabilities you care about

CVE-2009-1252

Stack-based buffer overflow in the crypto_recv function in ntp_crypto.c in ntpd in NTP before 4.2.4p7 and 4.2.5 before 4.2.5p74, when OpenSSL and autokey are enabled, allows remote attackers to execute arbitrary code via a crafted packet containing an extension field.

Published

2009-05-19T19:30:00.670

Last Modified

2025-04-09T00:30:58.490

Status

Deferred

Source

[email protected]

Severity

CVSSv2: 6.8 (MEDIUM)

CVSSv2 Vector

AV:N/AC:M/Au:N/C:P/I:P/A:P

Access Vector: NETWORK
Access Complexity: MEDIUM
Authentication: NONE
Confidentiality Impact: PARTIAL
Integrity Impact: PARTIAL
Availability Impact: PARTIAL

Exploitability Score

8.6

Impact Score

6.4

Weaknesses

Type: Primary
CWE-119

Affected Vendors & Products

Type	Vendor	Product	Version/Range	Vulnerable?
Application	ntp	ntp	4.2.4p0	Yes
Application	ntp	ntp	4.2.4p1	Yes
Application	ntp	ntp	4.2.4p2	Yes
Application	ntp	ntp	4.2.4p3	Yes
Application	ntp	ntp	4.2.4p4	Yes
Application	ntp	ntp	4.2.4p5	Yes
Application	ntp	ntp	4.2.4p6	Yes
Application	ntp	ntp	4.2.5p0	Yes
Application	ntp	ntp	4.2.5p1	Yes
Application	ntp	ntp	4.2.5p2	Yes
Application	ntp	ntp	4.2.5p3	Yes
Application	ntp	ntp	4.2.5p4	Yes
Application	ntp	ntp	4.2.5p5	Yes
Application	ntp	ntp	4.2.5p6	Yes
Application	ntp	ntp	4.2.5p7	Yes
Application	ntp	ntp	4.2.5p8	Yes
Application	ntp	ntp	4.2.5p9	Yes
Application	ntp	ntp	4.2.5p10	Yes
Application	ntp	ntp	4.2.5p11	Yes
Application	ntp	ntp	4.2.5p12	Yes
Application	ntp	ntp	4.2.5p13	Yes
Application	ntp	ntp	4.2.5p14	Yes
Application	ntp	ntp	4.2.5p15	Yes
Application	ntp	ntp	4.2.5p16	Yes
Application	ntp	ntp	4.2.5p17	Yes
Application	ntp	ntp	4.2.5p18	Yes
Application	ntp	ntp	4.2.5p19	Yes
Application	ntp	ntp	4.2.5p20	Yes
Application	ntp	ntp	4.2.5p21	Yes
Application	ntp	ntp	4.2.5p23	Yes
Application	ntp	ntp	4.2.5p24	Yes
Application	ntp	ntp	4.2.5p25	Yes
Application	ntp	ntp	4.2.5p26	Yes
Application	ntp	ntp	4.2.5p27	Yes
Application	ntp	ntp	4.2.5p28	Yes
Application	ntp	ntp	4.2.5p29	Yes
Application	ntp	ntp	4.2.5p30	Yes
Application	ntp	ntp	4.2.5p31	Yes
Application	ntp	ntp	4.2.5p32	Yes
Application	ntp	ntp	4.2.5p33	Yes
Application	ntp	ntp	4.2.5p35	Yes
Application	ntp	ntp	4.2.5p36	Yes
Application	ntp	ntp	4.2.5p37	Yes
Application	ntp	ntp	4.2.5p38	Yes
Application	ntp	ntp	4.2.5p39	Yes
Application	ntp	ntp	4.2.5p40	Yes
Application	ntp	ntp	4.2.5p41	Yes
Application	ntp	ntp	4.2.5p42	Yes
Application	ntp	ntp	4.2.5p43	Yes
Application	ntp	ntp	4.2.5p44	Yes
Application	ntp	ntp	4.2.5p45	Yes
Application	ntp	ntp	4.2.5p46	Yes
Application	ntp	ntp	4.2.5p47	Yes
Application	ntp	ntp	4.2.5p48	Yes
Application	ntp	ntp	4.2.5p49	Yes
Application	ntp	ntp	4.2.5p50	Yes
Application	ntp	ntp	4.2.5p51	Yes
Application	ntp	ntp	4.2.5p52	Yes
Application	ntp	ntp	4.2.5p53	Yes
Application	ntp	ntp	4.2.5p54	Yes
Application	ntp	ntp	4.2.5p55	Yes
Application	ntp	ntp	4.2.5p56	Yes
Application	ntp	ntp	4.2.5p57	Yes
Application	ntp	ntp	4.2.5p58	Yes
Application	ntp	ntp	4.2.5p59	Yes
Application	ntp	ntp	4.2.5p60	Yes
Application	ntp	ntp	4.2.5p61	Yes
Application	ntp	ntp	4.2.5p62	Yes
Application	ntp	ntp	4.2.5p63	Yes
Application	ntp	ntp	4.2.5p64	Yes
Application	ntp	ntp	4.2.5p65	Yes
Application	ntp	ntp	4.2.5p66	Yes
Application	ntp	ntp	4.2.5p67	Yes
Application	ntp	ntp	4.2.5p68	Yes
Application	ntp	ntp	4.2.5p69	Yes
Application	ntp	ntp	4.2.5p70	Yes
Application	ntp	ntp	4.2.5p71	Yes
Application	ntp	ntp	4.2.5p73	Yes

References

ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2009-006.txt.asc ([email protected])
http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00003.html ([email protected])
http://rhn.redhat.com/errata/RHSA-2009-1039.html Patch ([email protected])
http://rhn.redhat.com/errata/RHSA-2009-1040.html Patch ([email protected])
http://secunia.com/advisories/35137 ([email protected])
http://secunia.com/advisories/35138 ([email protected])
http://secunia.com/advisories/35166 ([email protected])
http://secunia.com/advisories/35169 ([email protected])
http://secunia.com/advisories/35243 ([email protected])
http://secunia.com/advisories/35253 ([email protected])
http://secunia.com/advisories/35308 ([email protected])
http://secunia.com/advisories/35336 ([email protected])
http://secunia.com/advisories/35388 ([email protected])
http://secunia.com/advisories/35416 ([email protected])
http://secunia.com/advisories/35630 ([email protected])
http://secunia.com/advisories/37470 ([email protected])
http://secunia.com/advisories/37471 ([email protected])
http://security.freebsd.org/advisories/FreeBSD-SA-09:11.ntpd.asc ([email protected])
http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.566238 ([email protected])
http://wiki.rpath.com/wiki/Advisories:rPSA-2009-0092 ([email protected])
http://www.debian.org/security/2009/dsa-1801 ([email protected])
http://www.gentoo.org/security/en/glsa/glsa-200905-08.xml ([email protected])
http://www.kb.cert.org/vuls/id/853097 US Government Resource ([email protected])
http://www.mandriva.com/security/advisories?name=MDVSA-2009:117 ([email protected])
http://www.securityfocus.com/archive/1/507985/100/0/threaded ([email protected])
http://www.securityfocus.com/bid/35017 ([email protected])
http://www.securitytracker.com/id?1022243 ([email protected])
http://www.vmware.com/security/advisories/VMSA-2009-0016.html ([email protected])
http://www.vupen.com/english/advisories/2009/1361 ([email protected])
http://www.vupen.com/english/advisories/2009/3316 ([email protected])
https://bugzilla.redhat.com/show_bug.cgi?id=499694 Patch ([email protected])
https://launchpad.net/bugs/cve/2009-1252 ([email protected])
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11231 ([email protected])
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6307 ([email protected])
https://support.ntp.org/bugs/show_bug.cgi?id=1151 ([email protected])
https://usn.ubuntu.com/777-1/ ([email protected])
https://www.redhat.com/archives/fedora-package-announce/2009-June/msg00293.html ([email protected])
https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01414.html ([email protected])
https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01449.html ([email protected])
ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2009-006.txt.asc (af854a3a-2127-422b-91ae-364da2661108)
http://lists.opensuse.org/opensuse-security-announce/2009-06/msg00003.html (af854a3a-2127-422b-91ae-364da2661108)
http://rhn.redhat.com/errata/RHSA-2009-1039.html Patch (af854a3a-2127-422b-91ae-364da2661108)
http://rhn.redhat.com/errata/RHSA-2009-1040.html Patch (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/35137 (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/35138 (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/35166 (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/35169 (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/35243 (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/35253 (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/35308 (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/35336 (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/35388 (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/35416 (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/35630 (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/37470 (af854a3a-2127-422b-91ae-364da2661108)
http://secunia.com/advisories/37471 (af854a3a-2127-422b-91ae-364da2661108)
http://security.freebsd.org/advisories/FreeBSD-SA-09:11.ntpd.asc (af854a3a-2127-422b-91ae-364da2661108)
http://slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.566238 (af854a3a-2127-422b-91ae-364da2661108)
http://wiki.rpath.com/wiki/Advisories:rPSA-2009-0092 (af854a3a-2127-422b-91ae-364da2661108)
http://www.debian.org/security/2009/dsa-1801 (af854a3a-2127-422b-91ae-364da2661108)
http://www.gentoo.org/security/en/glsa/glsa-200905-08.xml (af854a3a-2127-422b-91ae-364da2661108)
http://www.kb.cert.org/vuls/id/853097 US Government Resource (af854a3a-2127-422b-91ae-364da2661108)
http://www.mandriva.com/security/advisories?name=MDVSA-2009:117 (af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/archive/1/507985/100/0/threaded (af854a3a-2127-422b-91ae-364da2661108)
http://www.securityfocus.com/bid/35017 (af854a3a-2127-422b-91ae-364da2661108)
http://www.securitytracker.com/id?1022243 (af854a3a-2127-422b-91ae-364da2661108)
http://www.vmware.com/security/advisories/VMSA-2009-0016.html (af854a3a-2127-422b-91ae-364da2661108)
http://www.vupen.com/english/advisories/2009/1361 (af854a3a-2127-422b-91ae-364da2661108)
http://www.vupen.com/english/advisories/2009/3316 (af854a3a-2127-422b-91ae-364da2661108)
https://bugzilla.redhat.com/show_bug.cgi?id=499694 Patch (af854a3a-2127-422b-91ae-364da2661108)
https://launchpad.net/bugs/cve/2009-1252 (af854a3a-2127-422b-91ae-364da2661108)
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11231 (af854a3a-2127-422b-91ae-364da2661108)
https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A6307 (af854a3a-2127-422b-91ae-364da2661108)
https://support.ntp.org/bugs/show_bug.cgi?id=1151 (af854a3a-2127-422b-91ae-364da2661108)
https://usn.ubuntu.com/777-1/ (af854a3a-2127-422b-91ae-364da2661108)
https://www.redhat.com/archives/fedora-package-announce/2009-June/msg00293.html (af854a3a-2127-422b-91ae-364da2661108)
https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01414.html (af854a3a-2127-422b-91ae-364da2661108)
https://www.redhat.com/archives/fedora-package-announce/2009-May/msg01449.html (af854a3a-2127-422b-91ae-364da2661108)