How to Buy
This script is Copyright (C) 2009-2015 Tenable Network Security, Inc.
The remote host is running a time server that is affected by a remote
buffer overflow vulnerability.
According to its self-reported version number, the version of ntpd
running on the remote host is affected by a stack-based buffer
overflow vulnerability due to the use of sprintf() in the
crypto_recv() function in ntpd/ntp_crypto.c. A remote, unauthenticated
attacker can exploit this to cause a denial of service condition or to
execute arbitrary code.
Note that this issue is only exploitable if ntpd was compiled with
OpenSSL support, and autokey authentication is enabled. The presence
of the following line in ntp.conf indicates a vulnerable system :
crypto pw *password*
Nessus did not check if the system is configured in this manner.
See also :
Upgrade to ntpd version 4.2.4p7 / 4.2.5p74 or later.
Risk factor :
Medium / CVSS Base Score : 6.8
CVSS Temporal Score : 5.0
Public Exploit Available : false
Family: Gain a shell remotely
Nessus Plugin ID: 38831 ()
Bugtraq ID: 35017
CVE ID: CVE-2009-1252
Nessus Professional: Scan unlimited IPs, run compliance checks & moreNessus Cloud: The power of Nessus for teams – from the cloud
The cookie settings on this website are set to 'allow all cookies' to give you the very best website experience. If you continue without changing these settings, you consent to this - but if you want, you can opt out of all cookies by clicking below.