Juniper Networks
Solutions
Products & Services
Company
Partners
Support
Education

Signature Detail

Security Intelligence Center
Signatures
Print

Short Name

 NTP:MUL-NTP-DAEMON-AUTOKEY-BOF

Severity

 High

Recommended

 No

Recommended Action

 Drop

Category

 NTP

Keywords

 Multiple Vendors NTP Daemon Autokey Stack Buffer Overflow

Release Date

 2011/07/21

Update Number

 1959

Supported Platforms

 idp-4.0+, isg-3.0+, j-series-9.5+, mx-9.4+, srx-9.2+, srx-branch-9.4+, vsrx-12.1+

NTP: Multiple Vendors NTP Daemon Autokey Stack Buffer Overflow


This signature detects attempts to exploit a known vulnerability in Multiple Vendors NTP Daemon. A successful attack can lead to a buffer overflow and arbitrary remote code execution within the context of the server.

Extended Description

The 'ntpd' daemon is prone to a stack-based buffer-overflow vulnerability when it is configured to use the 'autokey' OpenSSL protocol. Attackers can exploit this issue to execute arbitrary code in the context of the application. Failed attempts will likely crash the application, causing denial-of-service conditions.

Affected Products

  • Avaya Aura Application Enablement Services 4.0
  • Avaya Aura Session Manager 1.1
  • Avaya Aura SIP Enablement Services 3.1.1
  • Avaya Aura SIP Enablement Services 5.0
  • Avaya Communication Manager 2.0.0
  • Avaya Communication Manager 2.0.1
  • Avaya Communication Manager 2.1
  • Avaya Communication Manager 2.2
  • Avaya Communication Manager 3.0
  • Avaya Communication Manager 3.1
  • Avaya Communication Manager 3.1.4 SP2
  • Avaya Communication Manager 4.0
  • Avaya Communication Manager 4.0.3 SP1
  • Avaya Intuity AUDIX LX 2.0
  • Avaya Intuity AUDIX LX 2.0 SP1
  • Avaya Intuity AUDIX LX 2.0 SP2
  • Avaya Message Networking 3.1
  • Avaya Proactive Contact 4.0
  • Avaya Proactive Contact 4.1
  • Avaya Voice Portal 4.0
  • Avaya Voice Portal 5.0
  • Debian Linux 4.0
  • Debian Linux 4.0 Alpha
  • Debian Linux 4.0 Amd64
  • Debian Linux 4.0 Arm
  • Debian Linux 4.0 Armel
  • Debian Linux 4.0 Hppa
  • Debian Linux 4.0 Ia-32
  • Debian Linux 4.0 Ia-64
  • Debian Linux 4.0 M68k
  • Debian Linux 4.0 Mips
  • Debian Linux 4.0 Mipsel
  • Debian Linux 4.0 Powerpc
  • Debian Linux 4.0 S/390
  • Debian Linux 4.0 Sparc
  • Debian Linux 5.0
  • Debian Linux 5.0 Alpha
  • Debian Linux 5.0 Amd64
  • Debian Linux 5.0 Arm
  • Debian Linux 5.0 Armel
  • Debian Linux 5.0 Hppa
  • Debian Linux 5.0 Ia-32
  • Debian Linux 5.0 Ia-64
  • Debian Linux 5.0 M68k
  • Debian Linux 5.0 Mips
  • Debian Linux 5.0 Mipsel
  • Debian Linux 5.0 Powerpc
  • Debian Linux 5.0 S/390
  • Debian Linux 5.0 Sparc
  • FreeBSD 6.3-RELEASE-P11
  • FreeBSD 6.4-RELEASE-P5
  • FreeBSD 6.4 -STABLE
  • FreeBSD 7.1-RELEASE-P6
  • FreeBSD 7.1-STABLE
  • FreeBSD 7.2-RELEASE-P1
  • FreeBSD 7.2-STABLE
  • Gentoo Linux
  • HP TCP/IP Services for OpenVMS Alpha 5.4
  • HP TCP/IP Services for OpenVMS Alpha 5.5
  • HP TCP/IP Services for OpenVMS Alpha 5.6
  • HP TCP/IP Services for OpenVMS I64 5.4
  • HP TCP/IP Services for OpenVMS I64 5.5
  • HP TCP/IP Services for OpenVMS I64 5.6
  • Mandriva Corporate Server 3.0.0
  • Mandriva Corporate Server 3.0.0 X86 64
  • Mandriva Corporate Server 4.0
  • Mandriva Corporate Server 4.0.0 X86 64
  • Mandriva Linux Mandrake 2008.0
  • Mandriva Linux Mandrake 2008.0 X86 64
  • Mandriva Linux Mandrake 2008.1
  • Mandriva Linux Mandrake 2008.1 X86 64
  • Mandriva Linux Mandrake 2009.0
  • Mandriva Linux Mandrake 2009.0 X86 64
  • Mandriva Linux Mandrake 2009.1
  • Mandriva Linux Mandrake 2009.1 X86 64
  • Mandriva Multi Network Firewall 2.0.0
  • NetBSD 4.0
  • NetBSD 4.0.1
  • NetBSD 5.0
  • NTP 4.2.4P5
  • NTP 4.2.4P6
  • NTP 4.2.4P7-RC2
  • NTP NTPd 3.0.0
  • NTP NTPd 4.0.0
  • NTP NTPd 4.1.0
  • NTP NTPd 4.2.0
  • NTP NTPd 4.2.0 .0A
  • NTP NTPd 4.2.0 .0B
  • NTP NTPd 4.2.1
  • Pardus Linux 2008
  • Red Hat Desktop 4.0.0
  • Red Hat Enterprise Linux 5 Server
  • Red Hat Enterprise Linux AS 4
  • Red Hat Enterprise Linux Desktop 5 Client
  • Red Hat Enterprise Linux ES 4
  • Red Hat Enterprise Linux EUS 5.3.Z Server
  • Red Hat Enterprise Linux WS 4
  • Red Hat Fedora 10
  • Red Hat Fedora 11
  • Red Hat Fedora 12
  • Red Hat Fedora 9
  • rPath Appliance Platform Linux Service 1
  • rPath Appliance Platform Linux Service 2
  • rPath rPath Linux 1
  • rPath rPath Linux 2
  • Slackware Linux 10.0.0
  • Slackware Linux 10.1.0
  • Slackware Linux 10.2.0
  • Slackware Linux 11.0
  • Slackware Linux 12.0
  • Slackware Linux 12.1
  • Slackware Linux 12.2
  • Slackware Linux 8.1.0
  • Slackware Linux 9.0.0
  • Slackware Linux 9.1.0
  • Slackware Linux -Current
  • SuSE Novell Linux Desktop 9.0.0
  • SuSE Open-Enterprise-Server
  • SuSE openSUSE 10.3
  • SuSE openSUSE 11.0
  • SuSE openSUSE 11.1
  • SuSE SUSE Linux Enterprise 10
  • SuSE SUSE Linux Enterprise 11
  • SuSE SUSE Linux Enterprise Server 9
  • Ubuntu Ubuntu Linux 6.06 LTS Amd64
  • Ubuntu Ubuntu Linux 6.06 LTS I386
  • Ubuntu Ubuntu Linux 6.06 LTS Powerpc
  • Ubuntu Ubuntu Linux 6.06 LTS Sparc
  • Ubuntu Ubuntu Linux 8.04 LTS Amd64
  • Ubuntu Ubuntu Linux 8.04 LTS I386
  • Ubuntu Ubuntu Linux 8.04 LTS Lpia
  • Ubuntu Ubuntu Linux 8.04 LTS Powerpc
  • Ubuntu Ubuntu Linux 8.04 LTS Sparc
  • Ubuntu Ubuntu Linux 8.10 Amd64
  • Ubuntu Ubuntu Linux 8.10 I386
  • Ubuntu Ubuntu Linux 8.10 Lpia
  • Ubuntu Ubuntu Linux 8.10 Powerpc
  • Ubuntu Ubuntu Linux 8.10 Sparc
  • Ubuntu Ubuntu Linux 9.04 Amd64
  • Ubuntu Ubuntu Linux 9.04 I386
  • Ubuntu Ubuntu Linux 9.04 Lpia
  • Ubuntu Ubuntu Linux 9.04 Powerpc
  • Ubuntu Ubuntu Linux 9.04 Sparc
  • VMWare ESXi Server 3.5
  • VMWare ESXi Server 3.5 Esxe350-200904402-T-BG
  • VMWare ESXi Server 3.5 Esxe350-200910401-I-SG
  • VMWare ESXi Server 4.0
  • VMWare ESXi Server 4.0 Esxi400-200909401-BG

References

  • BugTraq: 35017
  • CVE: CVE-2009-1252

Site Map
RSS Feeds
Careers
Accessibility
Feedback
Privacy Policy
Legal Notices
Copyright © 1999-2010 Juniper Networks, Inc. All rights reserved.
Help
|
My Account
|
Log Out