1
CVE-2009-1252: Stack-based buffer overflow in the crypto_recv function in
2
ntp_crypto.c in ntpd in NTP before 4.2.4p7 and 4.2.5 before 4.2.5p74, when
3
OpenSSL and autokey are enabled, allows remote attackers to execute arbitrary
4
code via a crafted packet containing an extension field.
6
--- a/ntpd/ntp_crypto.c
7
+++ b/ntpd/ntp_crypto.c
8
@@ -570,7 +570,7 @@ crypto_recv(
9
peer->issuer = emalloc(vallen + 1);
10
strcpy(peer->issuer, peer->subject);
11
temp32 = (fstamp >> 16) & 0xffff;
13
+ snprintf(statstr, sizeof(statstr),
14
"flags 0x%x host %s signature %s", fstamp,
15
peer->subject, OBJ_nid2ln(temp32));
16
record_crypto_stats(&peer->srcadr, statstr);