CVE-2009-1252

EPSS 70.2%

發布日:2009/5/19修改日:2026/4/28

也稱為:DEBIAN-CVE-2009-1252

描述

Stack-based buffer overflow in the crypto_recv function in ntp_crypto.c in ntpd in NTP before 4.2.4p7 and 4.2.5 before 4.2.5p74, when OpenSSL and autokey are enabled, allows remote attackers to execute arbitrary code via a crafted packet containing an extension field.

受影響套件(1)

Debian/ntpfrom 0, < 1:4.2.4p6+dfsg-2

參考連結(1)

ADVISORYhttps://security-tracker.debian.org/tracker/CVE-2009-1252