fkie_cve-2009-3563
Vulnerability from fkie_nvd
Published
2009-12-09 18:30
Modified
2024-11-21 01:07
Severity ?
Summary
ntp_request.c in ntpd in NTP before 4.2.4p8, and 4.2.5, allows remote attackers to cause a denial of service (CPU and bandwidth consumption) by using MODE_PRIVATE to send a spoofed (1) request or (2) response packet that triggers a continuous exchange of MODE_PRIVATE error responses between two NTP daemons.
References
cve@mitre.orgftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2010-005.txt.asc
cve@mitre.orghttp://aix.software.ibm.com/aix/efixes/security/xntpd_advisory.asc
cve@mitre.orghttp://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560074
cve@mitre.orghttp://kb.juniper.net/InfoCenter/index?page=content&id=JSA10673
cve@mitre.orghttp://kb.juniper.net/InfoCenter/index?page=content&id=JSA10691
cve@mitre.orghttp://lists.vmware.com/pipermail/security-announce/2010/000082.html
cve@mitre.orghttp://marc.info/?l=bugtraq&m=130168580504508&w=2
cve@mitre.orghttp://marc.info/?l=bugtraq&m=130168580504508&w=2
cve@mitre.orghttp://marc.info/?l=bugtraq&m=136482797910018&w=2
cve@mitre.orghttp://marc.info/?l=bugtraq&m=136482797910018&w=2
cve@mitre.orghttp://secunia.com/advisories/37629
cve@mitre.orghttp://secunia.com/advisories/37922
cve@mitre.orghttp://secunia.com/advisories/38764
cve@mitre.orghttp://secunia.com/advisories/38794
cve@mitre.orghttp://secunia.com/advisories/38832
cve@mitre.orghttp://secunia.com/advisories/38834
cve@mitre.orghttp://secunia.com/advisories/39593
cve@mitre.orghttp://security-tracker.debian.org/tracker/CVE-2009-3563
cve@mitre.orghttp://securitytracker.com/id?1023298
cve@mitre.orghttp://sunsolve.sun.com/search/document.do?assetkey=1-77-1021781.1-1
cve@mitre.orghttp://support.avaya.com/css/P8/documents/100071808
cve@mitre.orghttp://support.ntp.org/bin/view/Main/SecurityNotice#DoS_attack_from_certain_NTP_modePatch
cve@mitre.orghttp://www-01.ibm.com/support/docview.wss?uid=isg1IZ68659
cve@mitre.orghttp://www-01.ibm.com/support/docview.wss?uid=isg1IZ71047
cve@mitre.orghttp://www.debian.org/security/2009/dsa-1948Patch
cve@mitre.orghttp://www.kb.cert.org/vuls/id/568372Patch, US Government Resource
cve@mitre.orghttp://www.kb.cert.org/vuls/id/MAPG-7X7V6J
cve@mitre.orghttp://www.kb.cert.org/vuls/id/MAPG-7X7VD7
cve@mitre.orghttp://www.securityfocus.com/bid/37255Patch
cve@mitre.orghttp://www.vupen.com/english/advisories/2010/0510
cve@mitre.orghttp://www.vupen.com/english/advisories/2010/0528
cve@mitre.orghttp://www.vupen.com/english/advisories/2010/0993
cve@mitre.orghttps://bugzilla.redhat.com/show_bug.cgi?id=531213
cve@mitre.orghttps://lists.ntp.org/pipermail/announce/2009-December/000086.html
cve@mitre.orghttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11225
cve@mitre.orghttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12141
cve@mitre.orghttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19376
cve@mitre.orghttps://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7076
cve@mitre.orghttps://rhn.redhat.com/errata/RHSA-2009-1648.html
cve@mitre.orghttps://rhn.redhat.com/errata/RHSA-2009-1651.html
cve@mitre.orghttps://rhn.redhat.com/errata/RHSA-2010-0095.html
cve@mitre.orghttps://support.ntp.org/bugs/show_bug.cgi?id=1331
cve@mitre.orghttps://www.kb.cert.org/vuls/id/417980
cve@mitre.orghttps://www.redhat.com/archives/fedora-package-announce/2009-December/msg00763.html
cve@mitre.orghttps://www.redhat.com/archives/fedora-package-announce/2009-December/msg00809.html
af854a3a-2127-422b-91ae-364da2661108ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2010-005.txt.asc
af854a3a-2127-422b-91ae-364da2661108http://aix.software.ibm.com/aix/efixes/security/xntpd_advisory.asc
af854a3a-2127-422b-91ae-364da2661108http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560074
af854a3a-2127-422b-91ae-364da2661108http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10673
af854a3a-2127-422b-91ae-364da2661108http://kb.juniper.net/InfoCenter/index?page=content&id=JSA10691
af854a3a-2127-422b-91ae-364da2661108http://lists.vmware.com/pipermail/security-announce/2010/000082.html
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=130168580504508&w=2
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=130168580504508&w=2
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=136482797910018&w=2
af854a3a-2127-422b-91ae-364da2661108http://marc.info/?l=bugtraq&m=136482797910018&w=2
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/37629
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/37922
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/38764
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/38794
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/38832
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/38834
af854a3a-2127-422b-91ae-364da2661108http://secunia.com/advisories/39593
af854a3a-2127-422b-91ae-364da2661108http://security-tracker.debian.org/tracker/CVE-2009-3563
af854a3a-2127-422b-91ae-364da2661108http://securitytracker.com/id?1023298
af854a3a-2127-422b-91ae-364da2661108http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021781.1-1
af854a3a-2127-422b-91ae-364da2661108http://support.avaya.com/css/P8/documents/100071808
af854a3a-2127-422b-91ae-364da2661108http://support.ntp.org/bin/view/Main/SecurityNotice#DoS_attack_from_certain_NTP_modePatch
af854a3a-2127-422b-91ae-364da2661108http://www-01.ibm.com/support/docview.wss?uid=isg1IZ68659
af854a3a-2127-422b-91ae-364da2661108http://www-01.ibm.com/support/docview.wss?uid=isg1IZ71047
af854a3a-2127-422b-91ae-364da2661108http://www.debian.org/security/2009/dsa-1948Patch
af854a3a-2127-422b-91ae-364da2661108http://www.kb.cert.org/vuls/id/568372Patch, US Government Resource
af854a3a-2127-422b-91ae-364da2661108http://www.kb.cert.org/vuls/id/MAPG-7X7V6J
af854a3a-2127-422b-91ae-364da2661108http://www.kb.cert.org/vuls/id/MAPG-7X7VD7
af854a3a-2127-422b-91ae-364da2661108http://www.securityfocus.com/bid/37255Patch
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2010/0510
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2010/0528
af854a3a-2127-422b-91ae-364da2661108http://www.vupen.com/english/advisories/2010/0993
af854a3a-2127-422b-91ae-364da2661108https://bugzilla.redhat.com/show_bug.cgi?id=531213
af854a3a-2127-422b-91ae-364da2661108https://lists.ntp.org/pipermail/announce/2009-December/000086.html
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11225
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12141
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19376
af854a3a-2127-422b-91ae-364da2661108https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7076
af854a3a-2127-422b-91ae-364da2661108https://rhn.redhat.com/errata/RHSA-2009-1648.html
af854a3a-2127-422b-91ae-364da2661108https://rhn.redhat.com/errata/RHSA-2009-1651.html
af854a3a-2127-422b-91ae-364da2661108https://rhn.redhat.com/errata/RHSA-2010-0095.html
af854a3a-2127-422b-91ae-364da2661108https://support.ntp.org/bugs/show_bug.cgi?id=1331
af854a3a-2127-422b-91ae-364da2661108https://www.kb.cert.org/vuls/id/417980
af854a3a-2127-422b-91ae-364da2661108https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00763.html
af854a3a-2127-422b-91ae-364da2661108https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00809.html
Impacted products
Vendor Product Version
ntp ntp *
ntp ntp 4.0.72
ntp ntp 4.0.73
ntp ntp 4.0.90
ntp ntp 4.0.91
ntp ntp 4.0.92
ntp ntp 4.0.93
ntp ntp 4.0.94
ntp ntp 4.0.95
ntp ntp 4.0.96
ntp ntp 4.0.97
ntp ntp 4.0.98
ntp ntp 4.0.99
ntp ntp 4.1.0
ntp ntp 4.1.2
ntp ntp 4.2.0
ntp ntp 4.2.2
ntp ntp 4.2.2p1
ntp ntp 4.2.2p2
ntp ntp 4.2.2p3
ntp ntp 4.2.5


To clipboard 

{
  "configurations": [
    {
      "nodes": [
        {
          "cpeMatch": [
            {
              "criteria": "cpe:2.3:a:ntp:ntp:*:*:*:*:*:*:*:*",
              "matchCriteriaId": "73B1FD64-D156-45BC-9713-77E163DF731C",
              "versionEndIncluding": "4.2.2p4",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ntp:ntp:4.0.72:*:*:*:*:*:*:*",
              "matchCriteriaId": "25AB2D70-2807-4970-ACD3-9B4751A1F9D6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ntp:ntp:4.0.73:*:*:*:*:*:*:*",
              "matchCriteriaId": "06C78C19-5A09-4883-8144-AE861A244FEA",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ntp:ntp:4.0.90:*:*:*:*:*:*:*",
              "matchCriteriaId": "437C8BA8-F437-4166-838D-EDC64E7A67DC",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ntp:ntp:4.0.91:*:*:*:*:*:*:*",
              "matchCriteriaId": "104AEC97-3C2A-48D2-BA63-08502F88F8D2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ntp:ntp:4.0.92:*:*:*:*:*:*:*",
              "matchCriteriaId": "87D67E30-E303-4F79-9929-4A5B587FCDB7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ntp:ntp:4.0.93:*:*:*:*:*:*:*",
              "matchCriteriaId": "B9BD95B5-322C-4CDC-A2DB-A06D4DA3B104",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ntp:ntp:4.0.94:*:*:*:*:*:*:*",
              "matchCriteriaId": "0BD63969-D18D-41AF-9814-DA1A207BDE80",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ntp:ntp:4.0.95:*:*:*:*:*:*:*",
              "matchCriteriaId": "7EAD8958-173A-4FCC-9420-A148BA5F73E2",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ntp:ntp:4.0.96:*:*:*:*:*:*:*",
              "matchCriteriaId": "B271F6AD-D829-4671-8FA7-7D921364B426",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ntp:ntp:4.0.97:*:*:*:*:*:*:*",
              "matchCriteriaId": "C25E03A8-46B5-4AC7-8506-4C255D7CC400",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ntp:ntp:4.0.98:*:*:*:*:*:*:*",
              "matchCriteriaId": "2C76CD53-CC9F-491A-952F-9A82D6E20058",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ntp:ntp:4.0.99:*:*:*:*:*:*:*",
              "matchCriteriaId": "E749D64E-5C47-4A34-9F3C-1D34F8348058",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ntp:ntp:4.1.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "EE0C9CBB-D52F-4F7C-B343-E685A3996BC6",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ntp:ntp:4.1.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "CB90A3FB-B107-46CF-A846-48EE0EDF637A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ntp:ntp:4.2.0:*:*:*:*:*:*:*",
              "matchCriteriaId": "088BFFA4-1AAB-4699-9793-F731A81B296A",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ntp:ntp:4.2.2:*:*:*:*:*:*:*",
              "matchCriteriaId": "B3475779-383A-4128-9145-474EC08030FE",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ntp:ntp:4.2.2p1:*:*:*:*:*:*:*",
              "matchCriteriaId": "782BAA3D-A639-4B25-83F0-741074C88D7F",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ntp:ntp:4.2.2p2:*:*:*:*:*:*:*",
              "matchCriteriaId": "EF367FA4-2C7F-4040-89DE-8A97A069A802",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ntp:ntp:4.2.2p3:*:*:*:*:*:*:*",
              "matchCriteriaId": "01D11498-3FC4-4890-9B10-BBA74A01C9E7",
              "vulnerable": true
            },
            {
              "criteria": "cpe:2.3:a:ntp:ntp:4.2.5:*:*:*:*:*:*:*",
              "matchCriteriaId": "35C2B888-66D6-45D3-97E3-C711B1C6971A",
              "vulnerable": true
            }
          ],
          "negate": false,
          "operator": "OR"
        }
      ]
    }
  ],
  "cveTags": [],
  "descriptions": [
    {
      "lang": "en",
      "value": "ntp_request.c in ntpd in NTP before 4.2.4p8, and 4.2.5, allows remote attackers to cause a denial of service (CPU and bandwidth consumption) by using MODE_PRIVATE to send a spoofed (1) request or (2) response packet that triggers a continuous exchange of MODE_PRIVATE error responses between two NTP daemons."
    },
    {
      "lang": "es",
      "value": "ntp_request.c en ntpd en NTP anterior v4.2.4p8, y v4.2.5, permite a atacantes remotos causar una denegaci\u00f3n de servicio (consumo de CPU y ancho de banda) por uso de MODE_PRIVATE para enviar una suplantaci\u00f3n de (1) petici\u00f3n o (2) paquete respueta lo que lanza continuo intercambio de errores de respuesta MODE_PRIVATE entre dos demonios NTP."
    }
  ],
  "id": "CVE-2009-3563",
  "lastModified": "2024-11-21T01:07:40.913",
  "metrics": {
    "cvssMetricV2": [
      {
        "acInsufInfo": false,
        "baseSeverity": "MEDIUM",
        "cvssData": {
          "accessComplexity": "LOW",
          "accessVector": "NETWORK",
          "authentication": "NONE",
          "availabilityImpact": "PARTIAL",
          "baseScore": 6.4,
          "confidentialityImpact": "NONE",
          "integrityImpact": "PARTIAL",
          "vectorString": "AV:N/AC:L/Au:N/C:N/I:P/A:P",
          "version": "2.0"
        },
        "exploitabilityScore": 10.0,
        "impactScore": 4.9,
        "obtainAllPrivilege": false,
        "obtainOtherPrivilege": false,
        "obtainUserPrivilege": false,
        "source": "nvd@nist.gov",
        "type": "Primary",
        "userInteractionRequired": false
      }
    ]
  },
  "published": "2009-12-09T18:30:00.390",
  "references": [
    {
      "source": "cve@mitre.org",
      "url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2010-005.txt.asc"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://aix.software.ibm.com/aix/efixes/security/xntpd_advisory.asc"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560074"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10673"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10691"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://lists.vmware.com/pipermail/security-announce/2010/000082.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://marc.info/?l=bugtraq\u0026m=130168580504508\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://marc.info/?l=bugtraq\u0026m=130168580504508\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://marc.info/?l=bugtraq\u0026m=136482797910018\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://marc.info/?l=bugtraq\u0026m=136482797910018\u0026w=2"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/37629"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/37922"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/38764"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/38794"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/38832"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/38834"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://secunia.com/advisories/39593"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://security-tracker.debian.org/tracker/CVE-2009-3563"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://securitytracker.com/id?1023298"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021781.1-1"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://support.avaya.com/css/P8/documents/100071808"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://support.ntp.org/bin/view/Main/SecurityNotice#DoS_attack_from_certain_NTP_mode"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=isg1IZ68659"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=isg1IZ71047"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.debian.org/security/2009/dsa-1948"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch",
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/568372"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.kb.cert.org/vuls/id/MAPG-7X7V6J"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.kb.cert.org/vuls/id/MAPG-7X7VD7"
    },
    {
      "source": "cve@mitre.org",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/37255"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2010/0510"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2010/0528"
    },
    {
      "source": "cve@mitre.org",
      "url": "http://www.vupen.com/english/advisories/2010/0993"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=531213"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://lists.ntp.org/pipermail/announce/2009-December/000086.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11225"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12141"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19376"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7076"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://rhn.redhat.com/errata/RHSA-2009-1648.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://rhn.redhat.com/errata/RHSA-2009-1651.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://rhn.redhat.com/errata/RHSA-2010-0095.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://support.ntp.org/bugs/show_bug.cgi?id=1331"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://www.kb.cert.org/vuls/id/417980"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00763.html"
    },
    {
      "source": "cve@mitre.org",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00809.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2010-005.txt.asc"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://aix.software.ibm.com/aix/efixes/security/xntpd_advisory.asc"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=560074"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10673"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://kb.juniper.net/InfoCenter/index?page=content\u0026id=JSA10691"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://lists.vmware.com/pipermail/security-announce/2010/000082.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=130168580504508\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=130168580504508\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=136482797910018\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://marc.info/?l=bugtraq\u0026m=136482797910018\u0026w=2"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/37629"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/37922"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/38764"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/38794"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/38832"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/38834"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://secunia.com/advisories/39593"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://security-tracker.debian.org/tracker/CVE-2009-3563"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://securitytracker.com/id?1023298"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://sunsolve.sun.com/search/document.do?assetkey=1-77-1021781.1-1"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://support.avaya.com/css/P8/documents/100071808"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://support.ntp.org/bin/view/Main/SecurityNotice#DoS_attack_from_certain_NTP_mode"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=isg1IZ68659"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www-01.ibm.com/support/docview.wss?uid=isg1IZ71047"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.debian.org/security/2009/dsa-1948"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch",
        "US Government Resource"
      ],
      "url": "http://www.kb.cert.org/vuls/id/568372"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.kb.cert.org/vuls/id/MAPG-7X7V6J"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.kb.cert.org/vuls/id/MAPG-7X7VD7"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "tags": [
        "Patch"
      ],
      "url": "http://www.securityfocus.com/bid/37255"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2010/0510"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2010/0528"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "http://www.vupen.com/english/advisories/2010/0993"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://bugzilla.redhat.com/show_bug.cgi?id=531213"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://lists.ntp.org/pipermail/announce/2009-December/000086.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A11225"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A12141"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19376"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A7076"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://rhn.redhat.com/errata/RHSA-2009-1648.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://rhn.redhat.com/errata/RHSA-2009-1651.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://rhn.redhat.com/errata/RHSA-2010-0095.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://support.ntp.org/bugs/show_bug.cgi?id=1331"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.kb.cert.org/vuls/id/417980"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00763.html"
    },
    {
      "source": "af854a3a-2127-422b-91ae-364da2661108",
      "url": "https://www.redhat.com/archives/fedora-package-announce/2009-December/msg00809.html"
    }
  ],
  "sourceIdentifier": "cve@mitre.org",
  "vulnStatus": "Modified",
  "weaknesses": [
    {
      "description": [
        {
          "lang": "en",
          "value": "NVD-CWE-Other"
        }
      ],
      "source": "nvd@nist.gov",
      "type": "Primary"
    }
  ]
}


Log in or create an account to share your comment.




Tags
Taxonomy of the tags.




Sightings

Author Source Type Date

Nomenclature

  • Seen: The vulnerability was mentioned, discussed, or seen somewhere by the user.
  • Confirmed: The vulnerability is confirmed from an analyst perspective.
  • Exploited: This vulnerability was exploited and seen by the user reporting the sighting.
  • Patched: This vulnerability was successfully patched by the user reporting the sighting.
  • Not exploited: This vulnerability was not exploited or seen by the user reporting the sighting.
  • Not confirmed: The user expresses doubt about the veracity of the vulnerability.
  • Not patched: This vulnerability was not successfully patched by the user reporting the sighting.