Lucene search

[email protected]CVE-2009-0159

HistoryApr 14, 2009 - 3:30 p.m.

CVE-2009-0159

2009-04-1415:30:00

CWE-119

[email protected]

web.nvd.nist.gov

cve-2009-0159

ntp

buffer overflow

remote code execution

security vulnerability

5.4 Medium

AI Score

Confidence

High

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.043 Low

EPSS

Percentile

92.2%

JSON

Stack-based buffer overflow in the cookedprint function in ntpq/ntpq.c in ntpq in NTP before 4.2.4p7-RC2 allows remote NTP servers to execute arbitrary code via a crafted response.

CPENameOperatorVersion
ntp:ntpntpeq4.2.2
ntp:ntpntpeq4.2.0
ntp:ntpntpeq4.2.4p5
ntp:ntpntpeq4.2.4p4
ntp:ntpntpeq4.0.98
ntp:ntpntpeq4.0.72
ntp:ntpntpeq4.2.4p2
ntp:ntpntpeq4.0.90
ntp:ntpntpeq4.0.96
ntp:ntpntpeq4.0.93

CPE	Name	Operator	Version
ntp:ntp	ntp	eq	4.2.2
ntp:ntp	ntp	eq	4.2.0
ntp:ntp	ntp	eq	4.2.4p5
ntp:ntp	ntp	eq	4.2.4p4
ntp:ntp	ntp	eq	4.0.98
ntp:ntp	ntp	eq	4.0.72
ntp:ntp	ntp	eq	4.2.4p2
ntp:ntp	ntp	eq	4.0.90
ntp:ntp	ntp	eq	4.0.96
ntp:ntp	ntp	eq	4.0.93

Rows per page:

1-10 of 291

References

ftp://ftp.netbsd.org/pub/NetBSD/security/advisories/NetBSD-SA2009-006.txt.asc

bugs.pardus.org.tr/show_bug.cgi?id=9532

lists.apple.com/archives/security-announce/2009/May/msg00002.html

lists.opensuse.org/opensuse-security-announce/2009-06/msg00003.html

marc.info/?l=bugtraq&m=136482797910018&w=2

ntp.bkbits.net:8080/ntp-stable/?PAGE=gnupatch&REV=1.1565

osvdb.org/53593

rhn.redhat.com/errata/RHSA-2009-1039.html

rhn.redhat.com/errata/RHSA-2009-1040.html

secunia.com/advisories/34608

secunia.com/advisories/35074

secunia.com/advisories/35137

secunia.com/advisories/35138

secunia.com/advisories/35166

secunia.com/advisories/35169

secunia.com/advisories/35253

secunia.com/advisories/35308

secunia.com/advisories/35336

secunia.com/advisories/35416

secunia.com/advisories/35630

secunia.com/advisories/37471

slackware.com/security/viewer.php?l=slackware-security&y=2009&m=slackware-security.566238

support.apple.com/kb/HT3549

www.debian.org/security/2009/dsa-1801

www.gentoo.org/security/en/glsa/glsa-200905-08.xml

www.mandriva.com/security/advisories?name=MDVSA-2009:092

www.securityfocus.com/archive/1/507985/100/0/threaded

www.securityfocus.com/bid/34481

www.securitytracker.com/id?1022033

www.us-cert.gov/cas/techalerts/TA09-133A.html

www.vmware.com/security/advisories/VMSA-2009-0016.html

www.vupen.com/english/advisories/2009/0999

www.vupen.com/english/advisories/2009/1297

www.vupen.com/english/advisories/2009/3316

bugzilla.redhat.com/show_bug.cgi?id=490617

exchange.xforce.ibmcloud.com/vulnerabilities/49838

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A19392

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A5411

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8386

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A8665

oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A9634

rhn.redhat.com/errata/RHSA-2009-1651.html

support.ntp.org/bugs/show_bug.cgi?id=1144

usn.ubuntu.com/777-1/

www.redhat.com/archives/fedora-package-announce/2009-May/msg01414.html

www.redhat.com/archives/fedora-package-announce/2009-May/msg01449.html

5.4 Medium

AI Score

Confidence

High

6.8 Medium

CVSS2

Access Vector

NETWORK

Access Complexity

MEDIUM

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:M/Au:N/C:P/I:P/A:P

0.043 Low

EPSS

Percentile

92.2%

JSON

Related for CVE-2009-0159

openvas59 nessus38 seebug1 veracode1 debiancve1 securityvulns5 prion1 ubuntucve1 oraclelinux3 redhat3 osv1 centos3 debian1 freebsd1 slackware1 ubuntu1 gentoo1 fedora3 vmware2