Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
veracodeVeracode Vulnerability DatabaseVERACODE:23635
HistoryApr 10, 2020 - 12:32 a.m.

Arbitrary Code Execution

2020-04-1000:32:10
Veracode Vulnerability Database
sca.analysiscenter.veracode.com
15

EPSS

0.964

Percentile

99.6%

JSON

ntpd is vulnerable to arbitrary code execution. A buffer overflow flaw was discovered in the ntpd daemon’s NTPv4 authentication code. If ntpd was configured to use public key cryptography for NTP packet authentication, a remote attacker could use this flaw to send a specially-crafted request packet that could crash ntpd or, potentially, execute arbitrary code with the privileges of the β€œntp” user.

References

Related

openvas 48
nessus 30
cert 1
seebug 1
ubuntucve 1
prion 1
f5 2
debiancve 1
cve 1
securityvulns 2
freebsd_advisory 1
checkpoint_advisories 1
fedora 5
cvelist 1
nvd 1
debian 1
freebsd 1
redhat 2
gentoo 1
centos 2
osv 2
slackware 1
oraclelinux 2
ubuntu 1
vmware 2
openvas
openvas
FreeBSD Security Advisory (FreeBSD-SA-09:11.ntpd.asc)
2009-06-15 00:00:00
Mandrake Security Advisory MDVSA-2009:117 (ntp)
2009-06-05 00:00:00
Fedora Core 11 FEDORA-2009-5674 (ntp)
2009-06-23 00:00:00
nessus
nessus
Mandriva Linux Security Advisory : ntp (MDVSA-2009:117)
2009-05-20 00:00:00
Network Time Protocol Daemon (ntpd) 4.x < 4.2.4p7 / 4.x < 4.2.5p74 crypto_recv() Function RCE
2009-05-20 00:00:00
Fedora 11 : ntp-4.2.4p7-2.fc11 (2009-5674)
2009-06-16 00:00:00
cert
cert
ntpd autokey stack buffer overflow
2009-05-18 00:00:00
seebug
seebug
NTP 'ntpd' Autokeyζ ˆηΌ“ε†²εŒΊζΊ’ε‡ΊζΌζ΄ž
2009-05-21 00:00:00
ubuntucve
ubuntucve
CVE-2009-1252
2009-05-19 00:00:00
prion
prion
Stack overflow
2009-05-19 19:30:00
f5
f5
SOL15928 - Network Time Protocol vulnerability CVE-2009-1252
2014-12-23 00:00:00
K15928 : Network Time Protocol vulnerability CVE-2009-1252
2014-12-23 00:00:00
debiancve
debiancve
CVE-2009-1252
2009-05-19 19:30:00
cve
cve
CVE-2009-1252
2009-05-19 19:30:00
securityvulns
securityvulns
ntpd buffer overflow
2009-05-26 00:00:00
[ GLSA 200905-08 ] NTP: Remote execution of arbitrary code
2009-05-26 00:00:00
freebsd_advisory
freebsd_advisory
FreeBSD-SA-09:11.ntpd
2009-06-10 00:00:00
checkpoint_advisories
checkpoint_advisories
NTP Daemon Autokey Stack Buffer Overflow (CVE-2009-1252)
2009-05-25 00:00:00
fedora
fedora
[SECURITY] Fedora 11 Update: ntp-4.2.4p7-2.fc11
2009-06-16 01:33:48
[SECURITY] Fedora 11 Update: ntp-4.2.4p7-3.fc11
2009-12-11 18:23:49
[SECURITY] Fedora 10 Update: ntp-4.2.4p7-1.fc10
2009-05-30 02:28:09
cvelist
cvelist
CVE-2009-1252
2009-05-19 19:00:00
nvd
nvd
CVE-2009-1252
2009-05-19 19:30:00
debian
debian
[SECURITY] [DSA 1801-1] New ntp packages fix several vulnerabilities
2009-05-19 13:55:33
freebsd
freebsd
ntp -- stack-based buffer overflow
2009-05-06 00:00:00
redhat
redhat
(RHSA-2009:1039) Important: ntp security update
2009-05-18 00:00:00
(RHSA-2009:1040) Critical: ntp security update
2009-05-18 00:00:00
gentoo
gentoo
NTP: Remote execution of arbitrary code
2009-05-26 00:00:00
centos
centos
ntp security update
2009-05-19 15:07:14
ntp security update
2009-05-21 14:43:18
osv
osv
ntp - several vulnerabilities
2009-05-19 00:00:00
ntp-4.2.8p9-1.1 on GA media
2024-06-15 00:00:00
slackware
slackware
ntp
2009-06-03 20:44:43
oraclelinux
oraclelinux
ntp security update
2009-05-22 00:00:00
ntp security update
2009-05-18 00:00:00
ubuntu
ubuntu
Ntp vulnerabilities
2009-05-19 00:00:00
vmware
vmware
VMware vCenter and ESX update release and vMA patch release address multiple security issues in third party components.
2009-11-20 00:00:00
VMware vCenter and ESX update release and vMA patch release address multiple security issues in third party components
2009-11-20 00:00:00

EPSS

0.964

Percentile

99.6%

JSON
Related for VERACODE:23635
openvas48nessus30cert1seebug1ubuntucve1prion1f52debiancve1cve1securityvulns2freebsd_advisory1checkpoint_advisories1fedora5cvelist1nvd1debian1freebsd1redhat2gentoo1centos2osv2slackware1oraclelinux2ubuntu1vmware2