Логотип exploitDog
Консоль
Логотип exploitDog

exploitDog

nvd логотип

CVE-2009-3563

Опубликовано: 09 дек. 2009
Источник: nvd
CVSS2: 6.4
EPSS Высокий

Описание

ntp_request.c in ntpd in NTP before 4.2.4p8, and 4.2.5, allows remote attackers to cause a denial of service (CPU and bandwidth consumption) by using MODE_PRIVATE to send a spoofed (1) request or (2) response packet that triggers a continuous exchange of MODE_PRIVATE error responses between two NTP daemons.

Ссылки

Уязвимые конфигурации

Конфигурация 1

Одно из

cpe:2.3:a:ntp:ntp:*:*:*:*:*:*:*:*
Версия до 4.2.2p4 (включая)
cpe:2.3:a:ntp:ntp:4.0.72:*:*:*:*:*:*:*
cpe:2.3:a:ntp:ntp:4.0.73:*:*:*:*:*:*:*
cpe:2.3:a:ntp:ntp:4.0.90:*:*:*:*:*:*:*
cpe:2.3:a:ntp:ntp:4.0.91:*:*:*:*:*:*:*
cpe:2.3:a:ntp:ntp:4.0.92:*:*:*:*:*:*:*
cpe:2.3:a:ntp:ntp:4.0.93:*:*:*:*:*:*:*
cpe:2.3:a:ntp:ntp:4.0.94:*:*:*:*:*:*:*
cpe:2.3:a:ntp:ntp:4.0.95:*:*:*:*:*:*:*
cpe:2.3:a:ntp:ntp:4.0.96:*:*:*:*:*:*:*
cpe:2.3:a:ntp:ntp:4.0.97:*:*:*:*:*:*:*
cpe:2.3:a:ntp:ntp:4.0.98:*:*:*:*:*:*:*
cpe:2.3:a:ntp:ntp:4.0.99:*:*:*:*:*:*:*
cpe:2.3:a:ntp:ntp:4.1.0:*:*:*:*:*:*:*
cpe:2.3:a:ntp:ntp:4.1.2:*:*:*:*:*:*:*
cpe:2.3:a:ntp:ntp:4.2.0:*:*:*:*:*:*:*
cpe:2.3:a:ntp:ntp:4.2.2:*:*:*:*:*:*:*
cpe:2.3:a:ntp:ntp:4.2.2p1:*:*:*:*:*:*:*
cpe:2.3:a:ntp:ntp:4.2.2p2:*:*:*:*:*:*:*
cpe:2.3:a:ntp:ntp:4.2.2p3:*:*:*:*:*:*:*
cpe:2.3:a:ntp:ntp:4.2.5:*:*:*:*:*:*:*

EPSS

Процентиль: 99%
0.85119
Высокий

6.4 Medium

CVSS2

Дефекты

NVD-CWE-Other

Связанные уязвимости

ubuntu логотип

CVE-2009-3563

ubuntu
больше 15 лет назад

ntp_request.c in ntpd in NTP before 4.2.4p8, and 4.2.5, allows remote attackers to cause a denial of service (CPU and bandwidth consumption) by using MODE_PRIVATE to send a spoofed (1) request or (2) response packet that triggers a continuous exchange of MODE_PRIVATE error responses between two NTP daemons.

redhat логотип

CVE-2009-3563

redhat
больше 15 лет назад

ntp_request.c in ntpd in NTP before 4.2.4p8, and 4.2.5, allows remote attackers to cause a denial of service (CPU and bandwidth consumption) by using MODE_PRIVATE to send a spoofed (1) request or (2) response packet that triggers a continuous exchange of MODE_PRIVATE error responses between two NTP daemons.

debian логотип

CVE-2009-3563

debian
больше 15 лет назад

ntp_request.c in ntpd in NTP before 4.2.4p8, and 4.2.5, allows remote ...

github логотип

GHSA-gm22-x89c-4h54

github
около 3 лет назад

ntp_request.c in ntpd in NTP before 4.2.4p8, and 4.2.5, allows remote attackers to cause a denial of service (CPU and bandwidth consumption) by using MODE_PRIVATE to send a spoofed (1) request or (2) response packet that triggers a continuous exchange of MODE_PRIVATE error responses between two NTP daemons.

oracle-oval логотип

ELSA-2009-1648

oracle-oval
больше 15 лет назад

ELSA-2009-1648: ntp security update (MODERATE)

EPSS

Процентиль: 99%
0.85119
Высокий

6.4 Medium

CVSS2

Дефекты

NVD-CWE-Other