National Vulnerability Database (NVD) National Vulnerability Database (CVE-2009-3563)

National Cyber Awareness System

Vulnerability Summary for CVE-2009-3563

Original release date:12/09/2009

Last revised:07/19/2011

Source: US-CERT/NIST

Overview

ntp_request.c in ntpd in NTP before 4.2.4p8, and 4.2.5, allows remote attackers to cause a denial of service (CPU and bandwidth consumption) by using MODE_PRIVATE to send a spoofed (1) request or (2) response packet that triggers a continuous exchange of MODE_PRIVATE error responses between two NTP daemons.

Impact

CVSS Severity (version 2.0):

CVSS v2 Base Score:6.4 (MEDIUM) (AV:N/AC:L/Au:N/C:N/I:P/A:P) (legend)

Impact Subscore: 4.9

Exploitability Subscore: 10.0

CVSS Version 2 Metrics:

Access Vector: Network exploitable

Access Complexity: Low

Authentication: Not required to exploit

Impact Type:Allows unauthorized modification; Allows disruption of service

References to Advisories, Solutions, and Tools

By selecting these links, you will be leaving NIST webspace. We have provided these links to other web sites because they may have information that would be of interest to you. No inferences should be drawn on account of other sites being referenced, or not, from this page. There may be other web sites that are more appropriate for your purpose. NIST does not necessarily endorse the views expressed, or concur with the facts presented on these sites. Further, NIST does not endorse any commercial products that may be mentioned on these sites. Please address comments about this page to nvd@nist.gov.

US-CERT Vulnerability Note: VU#568372

Name: VU#568372

Type: Patch Information

Hyperlink:http://www.kb.cert.org/vuls/id/568372

External Source: BID

Name: 37255

Type: Patch Information

Hyperlink:http://www.securityfocus.com/bid/37255

External Source: DEBIAN

Name: DSA-1948

Type: Patch Information

Hyperlink:http://www.debian.org/security/2009/dsa-1948

External Source: CONFIRM

Name: http://support.ntp.org/bin/view/Main/SecurityNotice#DoS_attack_from_certain_NTP_mode

Type: Patch Information

Hyperlink:http://support.ntp.org/bin/view/Main/SecurityNotice#DoS_attack_from_certain_NTP_mode

External Source: FEDORA

Name: FEDORA-2009-13121

Hyperlink:https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00809.html

External Source: FEDORA

Name: FEDORA-2009-13090

Hyperlink:https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00763.html

External Source: REDHAT

Name: RHSA-2010:0095

Hyperlink:https://rhn.redhat.com/errata/RHSA-2010-0095.html

External Source: REDHAT

Name: RHSA-2009:1651

Hyperlink:https://rhn.redhat.com/errata/RHSA-2009-1651.html

External Source: REDHAT

Name: RHSA-2009:1648

Hyperlink:https://rhn.redhat.com/errata/RHSA-2009-1648.html

External Source: CONFIRM

Name: https://bugzilla.redhat.com/show_bug.cgi?id=531213

Hyperlink:https://bugzilla.redhat.com/show_bug.cgi?id=531213

External Source: VUPEN

Name: ADV-2010-0993

Hyperlink:http://www.vupen.com/english/advisories/2010/0993

External Source: VUPEN

Name: ADV-2010-0528

Hyperlink:http://www.vupen.com/english/advisories/2010/0528

External Source: VUPEN

Name: ADV-2010-0510

Hyperlink:http://www.vupen.com/english/advisories/2010/0510

External Source: CONFIRM

Name: http://www.kb.cert.org/vuls/id/MAPG-7X7VD7

Hyperlink:http://www.kb.cert.org/vuls/id/MAPG-7X7VD7

External Source: CONFIRM

Name: http://www.kb.cert.org/vuls/id/MAPG-7X7V6J

Hyperlink:http://www.kb.cert.org/vuls/id/MAPG-7X7V6J

External Source: AIXAPAR

Name: IZ71047

Hyperlink:http://www-01.ibm.com/support/docview.wss?uid=isg1IZ71047

External Source: AIXAPAR

Name: IZ68659

Hyperlink:http://www-01.ibm.com/support/docview.wss?uid=isg1IZ68659

External Source: CONFIRM

Name: http://support.avaya.com/css/P8/documents/100071808

Hyperlink:http://support.avaya.com/css/P8/documents/100071808

External Source: SUNALERT

Name: 1021781

Hyperlink:http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021781.1-1

External Source: SECTRACK

Name: 1023298

Hyperlink:http://securitytracker.com/id?1023298

External Source: CONFIRM

Name: http://security-tracker.debian.org/tracker/CVE-2009-3563

Hyperlink:http://security-tracker.debian.org/tracker/CVE-2009-3563

External Source: SECUNIA

Name: 39593

Hyperlink:http://secunia.com/advisories/39593

External Source: SECUNIA

Name: 38834

Hyperlink:http://secunia.com/advisories/38834

External Source: SECUNIA

Name: 38832

Hyperlink:http://secunia.com/advisories/38832

External Source: SECUNIA

Name: 38794

Hyperlink:http://secunia.com/advisories/38794

External Source: SECUNIA

Name: 38764

Hyperlink:http://secunia.com/advisories/38764

External Source: SECUNIA

Name: 37922

Hyperlink:http://secunia.com/advisories/37922

External Source: SECUNIA

Name: 37629

Hyperlink:http://secunia.com/advisories/37629

External Source: OVAL

Name: oval:org.mitre.oval:def:7076

Hyperlink:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:7076

External Source: OVAL

Name: oval:org.mitre.oval:def:12141

Hyperlink:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:12141

External Source: OVAL

Name: oval:org.mitre.oval:def:11225

Hyperlink:http://oval.mitre.org/repository/data/getDef?id=oval:org.mitre.oval:def:11225

External Source: MLIST

Name: [security-announce] 20100303 VMSA-2010-0004 ESX Service Console and vMA third party updates

Hyperlink:http://lists.vmware.com/pipermail/security-announce/2010/000082.html

External Source: CONFIRM

Name: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560074

Hyperlink:http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560074

External Source: CONFIRM

Name: http://aix.software.ibm.com/aix/efixes/security/xntpd_advisory.asc

Hyperlink:http://aix.software.ibm.com/aix/efixes/security/xntpd_advisory.asc

External Source: NETBSD

Name: NetBSD-SA2010-005

Hyperlink:ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2010-005.txt.asc

References to Check Content

Identifier:oval:org.mitre.oval:def:12141

Check System:http://oval.mitre.org/XMLSchema/oval-definitions-5

Hyperlink:http://oval.mitre.org/repository/data/DownloadDefinition?id=oval:org.mitre.oval:def:12141

Identifier:oval:org.mitre.oval:def:7076

Check System:http://oval.mitre.org/XMLSchema/oval-definitions-5

Hyperlink:http://oval.mitre.org/repository/data/DownloadDefinition?id=oval:org.mitre.oval:def:7076

Identifier:oval:org.mitre.oval:def:11225

Check System:http://oval.mitre.org/XMLSchema/oval-definitions-5

Hyperlink:http://oval.mitre.org/repository/data/DownloadDefinition?id=oval:org.mitre.oval:def:11225

Vulnerable software and versions

Configuration 1

* cpe:/a:ntp:ntp:4.0.96

* cpe:/a:ntp:ntp:4.0.95

* cpe:/a:ntp:ntp:4.0.98

* cpe:/a:ntp:ntp:4.0.97

* cpe:/a:ntp:ntp:4.1.0

* cpe:/a:ntp:ntp:4.0.99

* cpe:/a:ntp:ntp:4.0.72

* cpe:/a:ntp:ntp:4.1.2

* cpe:/a:ntp:ntp:4.0.90

* cpe:/a:ntp:ntp:4.0.73

* cpe:/a:ntp:ntp:4.0.92

* cpe:/a:ntp:ntp:4.0.91

* cpe:/a:ntp:ntp:4.0.94

* cpe:/a:ntp:ntp:4.0.93

* cpe:/a:ntp:ntp:4.2.2p1

* cpe:/a:ntp:ntp:4.2.2p2

* cpe:/a:ntp:ntp:4.2.2p3

* cpe:/a:ntp:ntp:4.2.2

* cpe:/a:ntp:ntp:4.2.0

* cpe:/a:ntp:ntp:4.2.2p4 and previous versions

* cpe:/a:ntp:ntp:4.2.5

* Denotes Vulnerable Software

Technical Details

Vulnerability Type (View All)

Design Error (NVD-CWE-DesignError)

CVE Standard Vulnerability Entry:http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-3563