Описание
Stack-based buffer overflow in the crypto_recv function in ntp_crypto.c in ntpd in NTP before 4.2.4p7 and 4.2.5 before 4.2.5p74, when OpenSSL and autokey are enabled, allows remote attackers to execute arbitrary code via a crafted packet containing an extension field.
| Релиз | Статус | Примечание |
|---|---|---|
| dapper | released | 1:4.2.0a+stable-8.1ubuntu6.2 |
| devel | released | 1:4.2.4p6+dfsg-1ubuntu2 |
| hardy | released | 1:4.2.4p4+dfsg-3ubuntu2.2 |
| intrepid | released | 1:4.2.4p4+dfsg-6ubuntu2.3 |
| jaunty | released | 1:4.2.4p4+dfsg-7ubuntu5.1 |
| upstream | pending | 4.2.4p7, 4.2.5p74 |
Показывать по
EPSS
6.8 Medium
CVSS2
Связанные уязвимости
Stack-based buffer overflow in the crypto_recv function in ntp_crypto.c in ntpd in NTP before 4.2.4p7 and 4.2.5 before 4.2.5p74, when OpenSSL and autokey are enabled, allows remote attackers to execute arbitrary code via a crafted packet containing an extension field.
Stack-based buffer overflow in the crypto_recv function in ntp_crypto.c in ntpd in NTP before 4.2.4p7 and 4.2.5 before 4.2.5p74, when OpenSSL and autokey are enabled, allows remote attackers to execute arbitrary code via a crafted packet containing an extension field.
Stack-based buffer overflow in the crypto_recv function in ntp_crypto. ...
Stack-based buffer overflow in the crypto_recv function in ntp_crypto.c in ntpd in NTP before 4.2.4p7 and 4.2.5 before 4.2.5p74, when OpenSSL and autokey are enabled, allows remote attackers to execute arbitrary code via a crafted packet containing an extension field.
EPSS
6.8 Medium
CVSS2