Vulnerability Database

289,599

Total vulnerabilities in the database

CVE-2009-1252

Stack-based buffer overflow in the crypto_recv function in ntp_crypto.c in ntpd in NTP before 4.2.4p7 and 4.2.5 before 4.2.5p74, when OpenSSL and autokey are enabled, allows remote attackers to execute arbitrary code via a crafted packet containing an extension field.

  • Published: May 19, 2009
  • Updated: Apr 13, 2023
  • CVE: CVE-2009-1252
  • Severity: Medium
  • Exploit:

CVSS v2:

  • Severity: Medium
  • Score: 6.8
  • AV:N/AC:M/Au:N/C:P/I:P/A:P

CWEs:

Software From Fixed in
ntp / ntp 4.2.5p65 4.2.5p65.x
ntp / ntp 4.2.5p1 4.2.5p1.x
ntp / ntp 4.2.5p64 4.2.5p64.x
ntp / ntp 4.2.5p32 4.2.5p32.x
ntp / ntp 4.2.5p15 4.2.5p15.x
ntp / ntp 4.2.5p0 4.2.5p0.x
ntp / ntp 4.2.5p71 4.2.5p71.x
ntp / ntp 4.2.5p40 4.2.5p40.x
ntp / ntp 4.2.5p59 4.2.5p59.x
ntp / ntp 4.2.5p30 4.2.5p30.x
ntp / ntp 4.2.5p18 4.2.5p18.x
ntp / ntp 4.2.4p5 4.2.4p5.x
ntp / ntp 4.2.5p61 4.2.5p61.x
ntp / ntp 4.2.5p47 4.2.5p47.x
ntp / ntp 4.2.5p14 4.2.5p14.x
ntp / ntp 4.2.4p4 4.2.4p4.x
ntp / ntp 4.2.5p29 4.2.5p29.x
ntp / ntp 4.2.5p13 4.2.5p13.x
ntp / ntp 4.2.5p67 4.2.5p67.x
ntp / ntp 4.2.5p7 4.2.5p7.x
ntp / ntp 4.2.4p2 4.2.4p2.x
ntp / ntp 4.2.5p63 4.2.5p63.x
ntp / ntp 4.2.5p12 4.2.5p12.x
ntp / ntp 4.2.5p53 4.2.5p53.x
ntp / ntp 4.2.5p68 4.2.5p68.x
ntp / ntp 4.2.5p28 4.2.5p28.x
ntp / ntp 4.2.5p45 4.2.5p45.x
ntp / ntp 4.2.5p25 4.2.5p25.x
ntp / ntp 4.2.5p10 4.2.5p10.x
ntp / ntp 4.2.5p21 4.2.5p21.x
ntp / ntp 4.2.5p56 4.2.5p56.x
ntp / ntp 4.2.5p39 4.2.5p39.x
ntp / ntp 4.2.5p54 4.2.5p54.x
ntp / ntp 4.2.5p16 4.2.5p16.x
ntp / ntp 4.2.5p31 4.2.5p31.x
ntp / ntp 4.2.5p73 4.2.5p73.x
ntp / ntp 4.2.5p51 4.2.5p51.x
ntp / ntp 4.2.5p19 4.2.5p19.x
ntp / ntp 4.2.5p50 4.2.5p50.x
ntp / ntp 4.2.5p6 4.2.5p6.x
ntp / ntp 4.2.5p11 4.2.5p11.x
ntp / ntp 4.2.5p42 4.2.5p42.x
ntp / ntp 4.2.5p27 4.2.5p27.x
ntp / ntp 4.2.5p44 4.2.5p44.x
ntp / ntp 4.2.4p1 4.2.4p1.x
ntp / ntp 4.2.5p5 4.2.5p5.x
ntp / ntp 4.2.5p26 4.2.5p26.x
ntp / ntp 4.2.5p60 4.2.5p60.x
ntp / ntp 4.2.5p57 4.2.5p57.x
ntp / ntp 4.2.5p3 4.2.5p3.x
ntp / ntp 4.2.5p70 4.2.5p70.x
ntp / ntp 4.2.5p37 4.2.5p37.x
ntp / ntp 4.2.5p33 4.2.5p33.x
ntp / ntp 4.2.5p46 4.2.5p46.x
ntp / ntp 4.2.5p36 4.2.5p36.x
ntp / ntp 4.2.5p52 4.2.5p52.x
ntp / ntp 4.2.5p69 4.2.5p69.x
ntp / ntp 4.2.5p49 4.2.5p49.x
ntp / ntp 4.2.5p24 4.2.5p24.x
ntp / ntp 4.2.5p8 4.2.5p8.x
ntp / ntp 4.2.5p66 4.2.5p66.x
ntp / ntp 4.2.5p17 4.2.5p17.x
ntp / ntp 4.2.5p2 4.2.5p2.x
ntp / ntp 4.2.5p38 4.2.5p38.x
ntp / ntp 4.2.5p62 4.2.5p62.x
ntp / ntp 4.2.4p3 4.2.4p3.x
ntp / ntp 4.2.5p43 4.2.5p43.x
ntp / ntp 4.2.5p4 4.2.5p4.x
ntp / ntp 4.2.5p20 4.2.5p20.x
ntp / ntp 4.2.5p58 4.2.5p58.x
ntp / ntp 4.2.5p41 4.2.5p41.x
ntp / ntp 4.2.5p35 4.2.5p35.x
ntp / ntp 4.2.4p0 4.2.4p0.x
ntp / ntp 4.2.5p55 4.2.5p55.x
ntp / ntp 4.2.5p23 4.2.5p23.x
ntp / ntp 4.2.5p48 4.2.5p48.x
ntp / ntp 4.2.5p9 4.2.5p9.x
ntp / ntp 4.2.4p6 4.2.4p6.x