Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2009-0159

Overview

Vulnerability Score 6.8 6.8
CVE Id CVE-2009-0159
Last Modified 04 Dec 2013 06:21:39
Published 14 Apr 2009 11:30:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity MEDIUM
Authentication NONE

CVE-2009-0159

Summary

Stack-based buffer overflow in the cookedprint function in ntpq/ntpq.c in ntpq in NTP before 4.2.4p7-RC2 allows remote NTP servers to execute arbitrary code via a crafted response.

Vulnerable Systems

Application

  • Ntp 4.0.72

  • Ntp 4.0.73

  • Ntp 4.0.90

  • Ntp 4.0.91

  • Ntp 4.0.92

  • Ntp 4.0.93

  • Ntp 4.0.94

  • Ntp 4.0.95

  • Ntp 4.0.96

  • Ntp 4.0.97

  • Ntp 4.0.98

  • Ntp 4.0.99

  • Ntp 4.1.0

  • Ntp 4.1.2

  • Ntp 4.2.0

  • Ntp 4.2.2

  • Ntp 4.2.2p1

  • Ntp 4.2.2p2

  • Ntp 4.2.2p3

  • Ntp 4.2.2p4

  • Ntp 4.2.4

  • Ntp 4.2.4p0

  • Ntp 4.2.4p1

  • Ntp 4.2.4p2

  • Ntp 4.2.4p3

  • Ntp 4.2.4p4

  • Ntp 4.2.4p5

  • Ntp 4.2.4p6

  • Ntp 4.2.4p7


References

CERT - TA09-133A

CONFIRM - https://support.ntp.org/bugs/show_bug.cgi?id=1144

BID - 34481

FEDORA - FEDORA-2009-5275

FEDORA - FEDORA-2009-5273

REDHAT - RHSA-2009:1651

CONFIRM - https://bugzilla.redhat.com/show_bug.cgi?id=490617

XF - ntp-cookedprint-bo(49838)

VUPEN - ADV-2009-3316

VUPEN - ADV-2009-1297

VUPEN - ADV-2009-0999

CONFIRM - http://www.vmware.com/security/advisories/VMSA-2009-0016.html

UBUNTU - USN-777-1

SECTRACK - 1022033

BUGTRAQ - 20091120 VMSA-2009-0016 VMware vCenter and ESX update release and vMA patch release address multiple security issue in third party components

MANDRIVA - MDVSA-2009:092

GENTOO - GLSA-200905-08

DEBIAN - DSA-1801

CONFIRM - http://support.apple.com/kb/HT3549

SLACKWARE - SSA:2009-154-01

SECUNIA - 37471

SECUNIA - 35630

SECUNIA - 35416

SECUNIA - 35336

SECUNIA - 35308

SECUNIA - 35253

SECUNIA - 35169

SECUNIA - 35166

SECUNIA - 35138

SECUNIA - 35137

SECUNIA - 35074

SECUNIA - 34608

REDHAT - RHSA-2009:1040

REDHAT - RHSA-2009:1039

OSVDB - 53593

CONFIRM - http://ntp.bkbits.net:8080/ntp-stable/?PAGE=gnupatch&REV=1.1565

SUSE - SUSE-SR:2009:011

APPLE - APPLE-SA-2009-05-12

CONFIRM - http://bugs.pardus.org.tr/show_bug.cgi?id=9532

NETBSD - NetBSD-SA2009-006

HP - SSRT101144

HP - HPSBUX02859

Related Patches

Apple 2009-05-12 Security Update 2009-002 Server (Tiger PPC)

Apple 2009-05-12 Security Update 2009-002 (Tiger PPC)

Apple 2009-05-12 Mac OS X 10.5.7 Combo Update

Apple 2009-05-12 Mac OS X Server 10.5.7 Update

Apple 2009-05-12 Mac OS X 10.5.7 Update

Apple 2009-05-12 Security Update 2009-002 (Tiger Intel)

Apple 2009-05-12 Mac OS X Server 10.5.7 Combo Update

HP-UX PHNE_43412 11.31 cumulative ARPA Transport patch

HP-UX PHNE_44266 11.31 cumulative ARPA Transport patch


Last Updated: 27 May 2016 10:47:30