1 files changed, 28 insertions, 0 deletions

diff --git a/security/vuxml/vuln.xml b/security/vuxml/vuln.xml
index bcb6dc8855b5..452357fd0a92 100644
--- a/security/vuxml/vuln.xml
+++ b/security/vuxml/vuln.xml
@@ -34,6 +34,34 @@ Note:  Please add new entries to the beginning of this file.
 
 -->
 <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">
+   <vuln vid="4175c811-f690-4898-87c5-755b3cf1bac6">
+     <topic>ntp -- Stack-based buffer overflow in ntpd crypto_recv function</topic>
+     <affects>
+       <package>
+         <name>ntp</name>
+         <range><lt>4.2.4p7</lt></range>
+       </package>
+     </affects>
+     <description>
+       <body xmlns="http://www.w3.org/1999/xhtml">
+         <p>US-CERT reports:</p>
+         <blockquote cite="http://www.kb.cert.org/vuls/id/853097">
+           <p>ntpd contains a stack buffer overflow which may allow a remote unauthenticated attacker to execute arbitrary code on a vulnerable system or create a denial of service. </p>
+         </blockquote>
+       </body>
+     </description>
+     <references>
+      <bid>35017</bid>
+      <cvename>CVE-2009-0159</cvename>
+      <cvename>CVE-2009-1252</cvename>
+      <url>http://www.kb.cert.org/vuls/id/853097</url>
+     </references>
+     <dates>
+       <discovery>2009-05-06</discovery>
+       <entry>2009-05-20</entry>
+     </dates>
+   </vuln>
+<vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">
   <vuln vid="5ed2f96b-33b7-4863-8c6b-540d22344424">
     <topic>imap-uw -- University of Washington IMAP c-client Remote Format String Vulnerability</topic>
     <affects>