Published: 09/12/2009 Updated: 19/03/2024

CVSS v2 Base Score: 6.4 | Impact Score: 4.9 | Exploitability Score: 10

VMScore: 680

Vector: AV:N/AC:L/Au:N/C:N/I:P/A:P

ntp_request.c in ntpd in NTP prior to 4.2.4p8, and 4.2.5, allows remote malicious users to cause a denial of service (CPU and bandwidth consumption) by using MODE_PRIVATE to send a spoofed (1) request or (2) response packet that triggers a continuous exchange of MODE_PRIVATE error responses between two NTP daemons.

Vulnerable Product	Search on Vulmon	Subscribe to Product
ntp ntp
ntp ntp 4.2.2
ntp ntp 4.2.0
ntp ntp 4.0.98
ntp ntp 4.0.72
ntp ntp 4.0.90
ntp ntp 4.0.96
ntp ntp 4.0.93
ntp ntp 4.1.0
ntp ntp 4.1.2
ntp ntp 4.2.5
ntp ntp 4.0.99
ntp ntp 4.0.95
ntp ntp 4.2.2p3
ntp ntp 4.2.2p2
ntp ntp 4.0.92
ntp ntp 4.0.73
ntp ntp 4.0.97
ntp ntp 4.0.91
ntp ntp 4.2.2p1
ntp ntp 4.0.94

Debian Bug report logs - #560074 ntp: CVE-2009-3563 DoS through mode 7 packets Package: ntp; Maintainer for ntp is Debian NTP Team <ntp@packagesdebianorg>; Source for ntp is src:ntp (PTS, buildd, popcon) Reported by: Nico Golde <nion@debianorg> Date: Tue, 8 Dec 2009 18:54:02 UTC Severity: grave Tags: security F ...

Robin Park and Dmitri Vinokurov discovered a logic error in ntpd A remote attacker could send a crafted NTP mode 7 packet with a spoofed IP address of an affected server and cause a denial of service via CPU and disk resource consumption ...

Robin Park and Dmitri Vinokurov discovered that the daemon component of the ntp package, a reference implementation of the NTP protocol, is not properly reacting to certain incoming packets An unexpected NTP mode 7 packet (MODE_PRIVATE) with spoofed IP data can lead ntpd to reply with a mode 7 response to the spoofed address This may result in th ...

Several vulnerabilities have been discovered in chrony, a pair of programs which are used to maintain the accuracy of the system clock on a computer This issues are similar to the NTP security flaw CVE-2009-3563 The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2010-0292 chronyd replies to all cmdmon packe ...

The Network Time Protocol (NTP) package contains a vulnerability that could allow an unauthenticated, remote attacker to cause a denial of service (DoS) condition The vulnerability is due to an error in handling certain malformed messages An unauthenticated, remote attacker could send a malicious NTP packet with a spoofed source IP address to a ...

NVD-CWE-Other https://rhn.redhat.com/errata/RHSA-2009-1651.html http://www.kb.cert.org/vuls/id/MAPG-7X7VD7 http://www.debian.org/security/2009/dsa-1948 http://support.ntp.org/bin/view/Main/SecurityNotice#DoS_attack_from_certain_NTP_mode http://securitytracker.com/id?1023298 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560074 http://www.securityfocus.com/bid/37255 https://rhn.redhat.com/errata/RHSA-2009-1648.html https://lists.ntp.org/pipermail/announce/2009-December/000086.html http://www.kb.cert.org/vuls/id/568372 http://security-tracker.debian.org/tracker/CVE-2009-3563 https://support.ntp.org/bugs/show_bug.cgi?id=1331 http://www.kb.cert.org/vuls/id/MAPG-7X7V6J https://bugzilla.redhat.com/show_bug.cgi?id=531213 https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00809.html https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00763.html https://rhn.redhat.com/errata/RHSA-2010-0095.html http://support.avaya.com/css/P8/documents/100071808 http://secunia.com/advisories/37922 http://www-01.ibm.com/support/docview.wss?uid=isg1IZ71047 http://secunia.com/advisories/37629 http://aix.software.ibm.com/aix/efixes/security/xntpd_advisory.asc http://www.vupen.com/english/advisories/2010/0510 http://secunia.com/advisories/38764 http://www-01.ibm.com/support/docview.wss?uid=isg1IZ68659 http://secunia.com/advisories/38794 http://www.vupen.com/english/advisories/2010/0528 http://secunia.com/advisories/38832 http://secunia.com/advisories/38834 http://lists.vmware.com/pipermail/security-announce/2010/000082.html ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2010-005.txt.asc http://secunia.com/advisories/39593 http://www.vupen.com/english/advisories/2010/0993 http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021781.1-1 http://marc.info/?l=bugtraq&m=136482797910018&w=2 http://marc.info/?l=bugtraq&m=130168580504508&w=2 http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10691 http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10673 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7076 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19376 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12141 https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11225 https://www.kb.cert.org/vuls/id/417980 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560074 https://usn.ubuntu.com/867-1/https://nvd.nist.gov http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/Cisco-SA-20091208-CVE-2009-3563 https://www.kb.cert.org/vuls/id/568372

CVE-2009-3563

Vulnerability Summary

Vulnerability Trend

Vendor Advisories

References

Vulmon Search

About

Products

Connect